urlscan.io logo urlscan.io
SecurityTrails logo

googleads.g.doubleclick.net Open in urlscan Pro
2a00:1450:4001:829::2002  Public Scan

Go To Rescan Add Verdict Report
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=1358258519&ad...
Submission: On July 22 via manual from CH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 5 domains to perform 15 HTTP transactions. The main IP is 2a00:1450:4001:829::2002, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is googleads.g.doubleclick.net. The Cisco Umbrella rank of the primary domain is 56.
TLS certificate: Issued by GTS CA 1C3 on July 4th 2022. Valid for: 3 months.
This is the only time googleads.g.doubleclick.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:400e:80e::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
Apex Domain
Subdomains		 Transfer
8 googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 159
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
101 KB
3 gstatic.com
www.gstatic.com
fonts.gstatic.com
45 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 56
30 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 181
43 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 72
1 KB
15 5
Domain Requested by
6 tpc.googlesyndication.com googleads.g.doubleclick.net
2 pagead2.googlesyndication.com googleads.g.doubleclick.net
www.googletagservices.com
2 fonts.gstatic.com fonts.googleapis.com
2 googleads.g.doubleclick.net googleads.g.doubleclick.net
1 www.gstatic.com googleads.g.doubleclick.net
1 www.googletagservices.com googleads.g.doubleclick.net
1 fonts.googleapis.com googleads.g.doubleclick.net
15 7

This site contains links to these domains. Also see Links.

Domain
adclick.g.doubleclick.net
adssettings.google.com
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=1358258519&adf=2174755792&pi=t.ma~as.5788561387&w=728&lmt=1658442207&psa=1&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2Fmosalsalat_all26.asp%3FChosen_ID%3D24&wgl=1&adsid=ChAI8PLjlgYQkq-HwdnTitQ_EjkA8J1HsdapFyrQJ6CAzOhutYSmFDaeWaCp_wdz5MPfx7687gLNvs-h_fuR78IYU_WK3DkRW04VlEU&dt=1658442199834&bpp=10&bdt=3830&idt=7524&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D423a705ce0e537ce-22915e15d6cd0010%3AT%3D1628361885%3ART%3D1658441515%3AS%3DALNI_Mboimrs6rky6KT4uFQs4Oh9TpBQ5w&prev_fmts=0x0%2C300x250%2C120x600%2C120x600%2C300x250%2C160x600%2C300x600%2C728x90&nras=1&correlator=6198332993231&frm=20&pv=1&ga_vid=1627083565.1658440872&ga_sid=1658442201&ga_hid=2084000369&ga_fc=1&ga_cid=344321500.1626216833&u_tz=120&u_his=3&u_h=800&u_w=1280&u_ah=800&u_aw=1280&u_cd=24&u_sd=1&dmc=1&adx=276&ady=380&biw=1280&bih=308&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31067527&oid=2&pvsid=3276409007018778&tmod=2026166457&uas=3&nvt=1&ref=https%3A%2F%2Fwww.farfeshplus.online%2Fmosalsalat_all26.asp&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C308%2C1280%2C308&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&jar=2022-07-18-00&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=waVr2ERI6b&p=https%3A//www.farfeshplus.online&dtd=7582
Frame ID: B8082A45CCC38CD997F8605836B02E7B
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js
Frame ID: FFC61EBEF5F66F157F1980721D93D980
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

abg_ar

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

15
Requests

100 %
HTTPS

100 %
IPv6

5
Domains

7
Subdomains

8
IPs

2
Countries

220 kB
Transfer

427 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ads
googleads.g.doubleclick.net/pagead/ 		78 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=1358258519&adf=2174755792&pi=t.ma~as.5788561387&w=728&lmt=1658442207&psa=1&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2Fmosalsalat_all26.asp%3FChosen_ID%3D24&wgl=1&adsid=ChAI8PLjlgYQkq-HwdnTitQ_EjkA8J1HsdapFyrQJ6CAzOhutYSmFDaeWaCp_wdz5MPfx7687gLNvs-h_fuR78IYU_WK3DkRW04VlEU&dt=1658442199834&bpp=10&bdt=3830&idt=7524&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D423a705ce0e537ce-22915e15d6cd0010%3AT%3D1628361885%3ART%3D1658441515%3AS%3DALNI_Mboimrs6rky6KT4uFQs4Oh9TpBQ5w&prev_fmts=0x0%2C300x250%2C120x600%2C120x600%2C300x250%2C160x600%2C300x600%2C728x90&nras=1&correlator=6198332993231&frm=20&pv=1&ga_vid=1627083565.1658440872&ga_sid=1658442201&ga_hid=2084000369&ga_fc=1&ga_cid=344321500.1626216833&u_tz=120&u_his=3&u_h=800&u_w=1280&u_ah=800&u_aw=1280&u_cd=24&u_sd=1&dmc=1&adx=276&ady=380&biw=1280&bih=308&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31067527&oid=2&pvsid=3276409007018778&tmod=2026166457&uas=3&nvt=1&ref=https%3A%2F%2Fwww.farfeshplus.online%2Fmosalsalat_all26.asp&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C308%2C1280%2C308&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&jar=2022-07-18-00&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=waVr2ERI6b&p=https%3A//www.farfeshplus.online&dtd=7582
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1ea51dddd8fec702cdc37163de0536e3d7ad782b17a2e6504b5fcddfe4893ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
29845
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Jul 2022 07:42:14 GMT
expires
Fri, 22 Jul 2022 07:42:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=1358258519&adf=2174755792&pi=t.ma~as.5788561387&w=728&lmt=1658442207&psa=1&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2Fmosalsalat_all26.asp%3FChosen_ID%3D24&wgl=1&adsid=ChAI8PLjlgYQkq-HwdnTitQ_EjkA8J1HsdapFyrQJ6CAzOhutYSmFDaeWaCp_wdz5MPfx7687gLNvs-h_fuR78IYU_WK3DkRW04VlEU&dt=1658442199834&bpp=10&bdt=3830&idt=7524&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D423a705ce0e537ce-22915e15d6cd0010%3AT%3D1628361885%3ART%3D1658441515%3AS%3DALNI_Mboimrs6rky6KT4uFQs4Oh9TpBQ5w&prev_fmts=0x0%2C300x250%2C120x600%2C120x600%2C300x250%2C160x600%2C300x600%2C728x90&nras=1&correlator=6198332993231&frm=20&pv=1&ga_vid=1627083565.1658440872&ga_sid=1658442201&ga_hid=2084000369&ga_fc=1&ga_cid=344321500.1626216833&u_tz=120&u_his=3&u_h=800&u_w=1280&u_ah=800&u_aw=1280&u_cd=24&u_sd=1&dmc=1&adx=276&ady=380&biw=1280&bih=308&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31067527&oid=2&pvsid=3276409007018778&tmod=2026166457&uas=3&nvt=1&ref=https%3A%2F%2Fwww.farfeshplus.online%2Fmosalsalat_all26.asp&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C308%2C1280%2C308&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&jar=2022-07-18-00&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=waVr2ERI6b&p=https%3A//www.farfeshplus.online&dtd=7582
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80e::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 22 Jul 2022 07:14:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 22 Jul 2022 07:42:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 22 Jul 2022 07:42:15 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ 		2 KB
983 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=1358258519&adf=2174755792&pi=t.ma~as.5788561387&w=728&lmt=1658442207&psa=1&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2Fmosalsalat_all26.asp%3FChosen_ID%3D24&wgl=1&adsid=ChAI8PLjlgYQkq-HwdnTitQ_EjkA8J1HsdapFyrQJ6CAzOhutYSmFDaeWaCp_wdz5MPfx7687gLNvs-h_fuR78IYU_WK3DkRW04VlEU&dt=1658442199834&bpp=10&bdt=3830&idt=7524&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D423a705ce0e537ce-22915e15d6cd0010%3AT%3D1628361885%3ART%3D1658441515%3AS%3DALNI_Mboimrs6rky6KT4uFQs4Oh9TpBQ5w&prev_fmts=0x0%2C300x250%2C120x600%2C120x600%2C300x250%2C160x600%2C300x600%2C728x90&nras=1&correlator=6198332993231&frm=20&pv=1&ga_vid=1627083565.1658440872&ga_sid=1658442201&ga_hid=2084000369&ga_fc=1&ga_cid=344321500.1626216833&u_tz=120&u_his=3&u_h=800&u_w=1280&u_ah=800&u_aw=1280&u_cd=24&u_sd=1&dmc=1&adx=276&ady=380&biw=1280&bih=308&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31067527&oid=2&pvsid=3276409007018778&tmod=2026166457&uas=3&nvt=1&ref=https%3A%2F%2Fwww.farfeshplus.online%2Fmosalsalat_all26.asp&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C308%2C1280%2C308&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&jar=2022-07-18-00&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=waVr2ERI6b&p=https%3A//www.farfeshplus.online&dtd=7582
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:39:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
193
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Aug 2022 07:39:02 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=1358258519&adf=2174755792&pi=t.ma~as.5788561387&w=728&lmt=1658442207&psa=1&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2Fmosalsalat_all26.asp%3FChosen_ID%3D24&wgl=1&adsid=ChAI8PLjlgYQkq-HwdnTitQ_EjkA8J1HsdapFyrQJ6CAzOhutYSmFDaeWaCp_wdz5MPfx7687gLNvs-h_fuR78IYU_WK3DkRW04VlEU&dt=1658442199834&bpp=10&bdt=3830&idt=7524&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D423a705ce0e537ce-22915e15d6cd0010%3AT%3D1628361885%3ART%3D1658441515%3AS%3DALNI_Mboimrs6rky6KT4uFQs4Oh9TpBQ5w&prev_fmts=0x0%2C300x250%2C120x600%2C120x600%2C300x250%2C160x600%2C300x600%2C728x90&nras=1&correlator=6198332993231&frm=20&pv=1&ga_vid=1627083565.1658440872&ga_sid=1658442201&ga_hid=2084000369&ga_fc=1&ga_cid=344321500.1626216833&u_tz=120&u_his=3&u_h=800&u_w=1280&u_ah=800&u_aw=1280&u_cd=24&u_sd=1&dmc=1&adx=276&ady=380&biw=1280&bih=308&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31067527&oid=2&pvsid=3276409007018778&tmod=2026166457&uas=3&nvt=1&ref=https%3A%2F%2Fwww.farfeshplus.online%2Fmosalsalat_all26.asp&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C308%2C1280%2C308&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&jar=2022-07-18-00&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=waVr2ERI6b&p=https%3A//www.farfeshplus.online&dtd=7582
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3128e33a72cd596b8fde273a1745cb656bc55014526ef1573c8ea249e495b42c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:18:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1420
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8663
x-xss-protection
0
server
cafe
etag
1576890815193688712
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Aug 2022 07:18:35 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=1358258519&adf=2174755792&pi=t.ma~as.5788561387&w=728&lmt=1658442207&psa=1&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2Fmosalsalat_all26.asp%3FChosen_ID%3D24&wgl=1&adsid=ChAI8PLjlgYQkq-HwdnTitQ_EjkA8J1HsdapFyrQJ6CAzOhutYSmFDaeWaCp_wdz5MPfx7687gLNvs-h_fuR78IYU_WK3DkRW04VlEU&dt=1658442199834&bpp=10&bdt=3830&idt=7524&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D423a705ce0e537ce-22915e15d6cd0010%3AT%3D1628361885%3ART%3D1658441515%3AS%3DALNI_Mboimrs6rky6KT4uFQs4Oh9TpBQ5w&prev_fmts=0x0%2C300x250%2C120x600%2C120x600%2C300x250%2C160x600%2C300x600%2C728x90&nras=1&correlator=6198332993231&frm=20&pv=1&ga_vid=1627083565.1658440872&ga_sid=1658442201&ga_hid=2084000369&ga_fc=1&ga_cid=344321500.1626216833&u_tz=120&u_his=3&u_h=800&u_w=1280&u_ah=800&u_aw=1280&u_cd=24&u_sd=1&dmc=1&adx=276&ady=380&biw=1280&bih=308&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31067527&oid=2&pvsid=3276409007018778&tmod=2026166457&uas=3&nvt=1&ref=https%3A%2F%2Fwww.farfeshplus.online%2Fmosalsalat_all26.asp&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C308%2C1280%2C308&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&jar=2022-07-18-00&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=waVr2ERI6b&p=https%3A//www.farfeshplus.online&dtd=7582
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 06:57:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2706
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Aug 2022 06:57:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ 		138 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=1358258519&adf=2174755792&pi=t.ma~as.5788561387&w=728&lmt=1658442207&psa=1&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2Fmosalsalat_all26.asp%3FChosen_ID%3D24&wgl=1&adsid=ChAI8PLjlgYQkq-HwdnTitQ_EjkA8J1HsdapFyrQJ6CAzOhutYSmFDaeWaCp_wdz5MPfx7687gLNvs-h_fuR78IYU_WK3DkRW04VlEU&dt=1658442199834&bpp=10&bdt=3830&idt=7524&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D423a705ce0e537ce-22915e15d6cd0010%3AT%3D1628361885%3ART%3D1658441515%3AS%3DALNI_Mboimrs6rky6KT4uFQs4Oh9TpBQ5w&prev_fmts=0x0%2C300x250%2C120x600%2C120x600%2C300x250%2C160x600%2C300x600%2C728x90&nras=1&correlator=6198332993231&frm=20&pv=1&ga_vid=1627083565.1658440872&ga_sid=1658442201&ga_hid=2084000369&ga_fc=1&ga_cid=344321500.1626216833&u_tz=120&u_his=3&u_h=800&u_w=1280&u_ah=800&u_aw=1280&u_cd=24&u_sd=1&dmc=1&adx=276&ady=380&biw=1280&bih=308&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31067527&oid=2&pvsid=3276409007018778&tmod=2026166457&uas=3&nvt=1&ref=https%3A%2F%2Fwww.farfeshplus.online%2Fmosalsalat_all26.asp&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C308%2C1280%2C308&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&jar=2022-07-18-00&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=waVr2ERI6b&p=https%3A//www.farfeshplus.online&dtd=7582
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:42:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43235
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1658317440141293"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 22 Jul 2022 07:42:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=1358258519&adf=2174755792&pi=t.ma~as.5788561387&w=728&lmt=1658442207&psa=1&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2Fmosalsalat_all26.asp%3FChosen_ID%3D24&wgl=1&adsid=ChAI8PLjlgYQkq-HwdnTitQ_EjkA8J1HsdapFyrQJ6CAzOhutYSmFDaeWaCp_wdz5MPfx7687gLNvs-h_fuR78IYU_WK3DkRW04VlEU&dt=1658442199834&bpp=10&bdt=3830&idt=7524&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D423a705ce0e537ce-22915e15d6cd0010%3AT%3D1628361885%3ART%3D1658441515%3AS%3DALNI_Mboimrs6rky6KT4uFQs4Oh9TpBQ5w&prev_fmts=0x0%2C300x250%2C120x600%2C120x600%2C300x250%2C160x600%2C300x600%2C728x90&nras=1&correlator=6198332993231&frm=20&pv=1&ga_vid=1627083565.1658440872&ga_sid=1658442201&ga_hid=2084000369&ga_fc=1&ga_cid=344321500.1626216833&u_tz=120&u_his=3&u_h=800&u_w=1280&u_ah=800&u_aw=1280&u_cd=24&u_sd=1&dmc=1&adx=276&ady=380&biw=1280&bih=308&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31067527&oid=2&pvsid=3276409007018778&tmod=2026166457&uas=3&nvt=1&ref=https%3A%2F%2Fwww.farfeshplus.online%2Fmosalsalat_all26.asp&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C308%2C1280%2C308&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&jar=2022-07-18-00&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=waVr2ERI6b&p=https%3A//www.farfeshplus.online&dtd=7582
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5eae50f61bc5d236759611671bb2999991897dc3aa8afd97ed3cd29a231ceb59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:25:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1022
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7308
x-xss-protection
0
server
cafe
etag
13288730413591369063
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Aug 2022 07:25:13 GMT
b8b39a8a01d591fbf8e8e88b2bbf8fd4.js
www.gstatic.com/mysidia/ 		30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/b8b39a8a01d591fbf8e8e88b2bbf8fd4.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=1358258519&adf=2174755792&pi=t.ma~as.5788561387&w=728&lmt=1658442207&psa=1&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2Fmosalsalat_all26.asp%3FChosen_ID%3D24&wgl=1&adsid=ChAI8PLjlgYQkq-HwdnTitQ_EjkA8J1HsdapFyrQJ6CAzOhutYSmFDaeWaCp_wdz5MPfx7687gLNvs-h_fuR78IYU_WK3DkRW04VlEU&dt=1658442199834&bpp=10&bdt=3830&idt=7524&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D423a705ce0e537ce-22915e15d6cd0010%3AT%3D1628361885%3ART%3D1658441515%3AS%3DALNI_Mboimrs6rky6KT4uFQs4Oh9TpBQ5w&prev_fmts=0x0%2C300x250%2C120x600%2C120x600%2C300x250%2C160x600%2C300x600%2C728x90&nras=1&correlator=6198332993231&frm=20&pv=1&ga_vid=1627083565.1658440872&ga_sid=1658442201&ga_hid=2084000369&ga_fc=1&ga_cid=344321500.1626216833&u_tz=120&u_his=3&u_h=800&u_w=1280&u_ah=800&u_aw=1280&u_cd=24&u_sd=1&dmc=1&adx=276&ady=380&biw=1280&bih=308&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31067527&oid=2&pvsid=3276409007018778&tmod=2026166457&uas=3&nvt=1&ref=https%3A%2F%2Fwww.farfeshplus.online%2Fmosalsalat_all26.asp&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C308%2C1280%2C308&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&jar=2022-07-18-00&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=waVr2ERI6b&p=https%3A//www.farfeshplus.online&dtd=7582
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09e298fd9b3051dfcab1ec4dc4931a9e476a0de10ce2a11db1a367ae6782f521
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 06:21:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
264018
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12830
x-xss-protection
0
last-modified
Thu, 14 Jul 2022 00:22:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 17 Oct 2022 06:21:57 GMT
adview
googleads.g.doubleclick.net/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C4wm11lTaYoy5I4yU7APYopHYB5TA_KBr7Z3GrI4Q3NkeEAEgrYmDJmCV4pCCoAegAeGB6NcByAEJqAMByAPLBKoE8wFP0Mx8QSRK9WIRcInhlKDO3TFYfFoF96T4eq2hBgbLUukeYQtpmQY3UBrDm_-8dI7sxWtXoYw_D7tconBVOU4aLfEMR-hivhqrBaZZyLdr2YOYPJVz6zRlvba2HSJbhCfOno2rjLvSZU_sIUOGGOXdsLufNU-ByEmYG1vvGfJhKGWj2PHpMSC4wySjPpNfKwGBW9LroN71BmLiMQa5W1EpTegvTGI4cg5i0IiMISAk20VWS7EzlEcuixj49xeHSMX4-_cJ_Mtpu6ZM4jvKiZuV6Mu9LvSbLGAX63bukkvUVoJ8I_tRI9OJ1xR2pDW3J_uCtezABOitzZX7A5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeH_peoAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEN_UBtIIFQiAoYAQEAEYHzIBKjoHn8CAgICABIAKAcgLAbgT5APYEwyIFAHQFQGAFwGyFxwKGggAEhRwdWItNjI2NjMxMzE5MDA4NzE3MxgA&sigh=I-rBffvZKG0&uach_m=[UACH]&template_id=484
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=1358258519&adf=2174755792&pi=t.ma~as.5788561387&w=728&lmt=1658442207&psa=1&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2Fmosalsalat_all26.asp%3FChosen_ID%3D24&wgl=1&adsid=ChAI8PLjlgYQkq-HwdnTitQ_EjkA8J1HsdapFyrQJ6CAzOhutYSmFDaeWaCp_wdz5MPfx7687gLNvs-h_fuR78IYU_WK3DkRW04VlEU&dt=1658442199834&bpp=10&bdt=3830&idt=7524&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D423a705ce0e537ce-22915e15d6cd0010%3AT%3D1628361885%3ART%3D1658441515%3AS%3DALNI_Mboimrs6rky6KT4uFQs4Oh9TpBQ5w&prev_fmts=0x0%2C300x250%2C120x600%2C120x600%2C300x250%2C160x600%2C300x600%2C728x90&nras=1&correlator=6198332993231&frm=20&pv=1&ga_vid=1627083565.1658440872&ga_sid=1658442201&ga_hid=2084000369&ga_fc=1&ga_cid=344321500.1626216833&u_tz=120&u_his=3&u_h=800&u_w=1280&u_ah=800&u_aw=1280&u_cd=24&u_sd=1&dmc=1&adx=276&ady=380&biw=1280&bih=308&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31067527&oid=2&pvsid=3276409007018778&tmod=2026166457&uas=3&nvt=1&ref=https%3A%2F%2Fwww.farfeshplus.online%2Fmosalsalat_all26.asp&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C308%2C1280%2C308&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&jar=2022-07-18-00&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=waVr2ERI6b&p=https%3A//www.farfeshplus.online&dtd=7582
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=1358258519&adf=2174755792&pi=t.ma~as.5788561387&w=728&lmt=1658442207&psa=1&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2Fmosalsalat_all26.asp%3FChosen_ID%3D24&wgl=1&adsid=ChAI8PLjlgYQkq-HwdnTitQ_EjkA8J1HsdapFyrQJ6CAzOhutYSmFDaeWaCp_wdz5MPfx7687gLNvs-h_fuR78IYU_WK3DkRW04VlEU&dt=1658442199834&bpp=10&bdt=3830&idt=7524&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D423a705ce0e537ce-22915e15d6cd0010%3AT%3D1628361885%3ART%3D1658441515%3AS%3DALNI_Mboimrs6rky6KT4uFQs4Oh9TpBQ5w&prev_fmts=0x0%2C300x250%2C120x600%2C120x600%2C300x250%2C160x600%2C300x600%2C728x90&nras=1&correlator=6198332993231&frm=20&pv=1&ga_vid=1627083565.1658440872&ga_sid=1658442201&ga_hid=2084000369&ga_fc=1&ga_cid=344321500.1626216833&u_tz=120&u_his=3&u_h=800&u_w=1280&u_ah=800&u_aw=1280&u_cd=24&u_sd=1&dmc=1&adx=276&ady=380&biw=1280&bih=308&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31067527&oid=2&pvsid=3276409007018778&tmod=2026166457&uas=3&nvt=1&ref=https%3A%2F%2Fwww.farfeshplus.online%2Fmosalsalat_all26.asp&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C308%2C1280%2C308&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&jar=2022-07-18-00&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=waVr2ERI6b&p=https%3A//www.farfeshplus.online&dtd=7582
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 22 Jul 2022 07:42:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 22 Jul 2022 07:42:15 GMT
6592766407814317453
tpc.googlesyndication.com/simgad/2375370020348567359/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2375370020348567359/6592766407814317453
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=1358258519&adf=2174755792&pi=t.ma~as.5788561387&w=728&lmt=1658442207&psa=1&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2Fmosalsalat_all26.asp%3FChosen_ID%3D24&wgl=1&adsid=ChAI8PLjlgYQkq-HwdnTitQ_EjkA8J1HsdapFyrQJ6CAzOhutYSmFDaeWaCp_wdz5MPfx7687gLNvs-h_fuR78IYU_WK3DkRW04VlEU&dt=1658442199834&bpp=10&bdt=3830&idt=7524&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D423a705ce0e537ce-22915e15d6cd0010%3AT%3D1628361885%3ART%3D1658441515%3AS%3DALNI_Mboimrs6rky6KT4uFQs4Oh9TpBQ5w&prev_fmts=0x0%2C300x250%2C120x600%2C120x600%2C300x250%2C160x600%2C300x600%2C728x90&nras=1&correlator=6198332993231&frm=20&pv=1&ga_vid=1627083565.1658440872&ga_sid=1658442201&ga_hid=2084000369&ga_fc=1&ga_cid=344321500.1626216833&u_tz=120&u_his=3&u_h=800&u_w=1280&u_ah=800&u_aw=1280&u_cd=24&u_sd=1&dmc=1&adx=276&ady=380&biw=1280&bih=308&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31067527&oid=2&pvsid=3276409007018778&tmod=2026166457&uas=3&nvt=1&ref=https%3A%2F%2Fwww.farfeshplus.online%2Fmosalsalat_all26.asp&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C308%2C1280%2C308&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&jar=2022-07-18-00&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=waVr2ERI6b&p=https%3A//www.farfeshplus.online&dtd=7582
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f83fc27452a1f7d0b3a4f57bb514b15ceb5b0f7cbf74caaf6dedd227f4763358
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 00:06:54 GMT
x-content-type-options
nosniff
age
286521
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52607
x-xss-protection
0
last-modified
Sun, 26 Dec 2021 16:13:41 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 19 Jul 2023 00:06:54 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/13107202130481621811/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13107202130481621811/downsize_200k_v1?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=1358258519&adf=2174755792&pi=t.ma~as.5788561387&w=728&lmt=1658442207&psa=1&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2Fmosalsalat_all26.asp%3FChosen_ID%3D24&wgl=1&adsid=ChAI8PLjlgYQkq-HwdnTitQ_EjkA8J1HsdapFyrQJ6CAzOhutYSmFDaeWaCp_wdz5MPfx7687gLNvs-h_fuR78IYU_WK3DkRW04VlEU&dt=1658442199834&bpp=10&bdt=3830&idt=7524&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D423a705ce0e537ce-22915e15d6cd0010%3AT%3D1628361885%3ART%3D1658441515%3AS%3DALNI_Mboimrs6rky6KT4uFQs4Oh9TpBQ5w&prev_fmts=0x0%2C300x250%2C120x600%2C120x600%2C300x250%2C160x600%2C300x600%2C728x90&nras=1&correlator=6198332993231&frm=20&pv=1&ga_vid=1627083565.1658440872&ga_sid=1658442201&ga_hid=2084000369&ga_fc=1&ga_cid=344321500.1626216833&u_tz=120&u_his=3&u_h=800&u_w=1280&u_ah=800&u_aw=1280&u_cd=24&u_sd=1&dmc=1&adx=276&ady=380&biw=1280&bih=308&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31067527&oid=2&pvsid=3276409007018778&tmod=2026166457&uas=3&nvt=1&ref=https%3A%2F%2Fwww.farfeshplus.online%2Fmosalsalat_all26.asp&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C308%2C1280%2C308&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&jar=2022-07-18-00&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=waVr2ERI6b&p=https%3A//www.farfeshplus.online&dtd=7582
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3b7013f44700059be4c3cf93dd3ff69c94aa5108862be1c6ca140aee9d0543b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 21:01:19 GMT
x-content-type-options
nosniff
age
124856
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17013
x-xss-protection
0
last-modified
Sun, 27 Feb 2022 11:23:13 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 20 Jul 2023 21:01:19 GMT
truncated
/ 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7219d02034a3ec2b0aa85b4f77649e96971dde783526e6b575ebcabc2789c302

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 16:44:52 GMT
x-content-type-options
nosniff
age
313043
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Jul 2023 16:44:52 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 19:07:55 GMT
x-content-type-options
nosniff
age
304460
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Jul 2023 19:07:55 GMT
sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js
pagead2.googlesyndication.com/bg/ Frame FFC6 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=1358258519&adf=2174755792&pi=t.ma~as.5788561387&w=728&lmt=1658442207&psa=1&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2Fmosalsalat_all26.asp%3FChosen_ID%3D24&wgl=1&adsid=ChAI8PLjlgYQkq-HwdnTitQ_EjkA8J1HsdapFyrQJ6CAzOhutYSmFDaeWaCp_wdz5MPfx7687gLNvs-h_fuR78IYU_WK3DkRW04VlEU&dt=1658442199834&bpp=10&bdt=3830&idt=7524&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D423a705ce0e537ce-22915e15d6cd0010%3AT%3D1628361885%3ART%3D1658441515%3AS%3DALNI_Mboimrs6rky6KT4uFQs4Oh9TpBQ5w&prev_fmts=0x0%2C300x250%2C120x600%2C120x600%2C300x250%2C160x600%2C300x600%2C728x90&nras=1&correlator=6198332993231&frm=20&pv=1&ga_vid=1627083565.1658440872&ga_sid=1658442201&ga_hid=2084000369&ga_fc=1&ga_cid=344321500.1626216833&u_tz=120&u_his=3&u_h=800&u_w=1280&u_ah=800&u_aw=1280&u_cd=24&u_sd=1&dmc=1&adx=276&ady=380&biw=1280&bih=308&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31067527&oid=2&pvsid=3276409007018778&tmod=2026166457&uas=3&nvt=1&ref=https%3A%2F%2Fwww.farfeshplus.online%2Fmosalsalat_all26.asp&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C308%2C1280%2C308&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&jar=2022-07-18-00&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=waVr2ERI6b&p=https%3A//www.farfeshplus.online&dtd=7582
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 14:58:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
146625
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13883
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 20 Jul 2023 14:58:30 GMT
activeview
pagead2.googlesyndication.com/pcs/ 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu7r_s9sfRw-D7dwS2YDk7Ajiua5ChxGM_LAQw7I73UOxlRCQ0XzJNQa091kufEl03-nETSF9T_86lOo-UeYsxOD5bFtEhr1tYLelPHiXtvLTxlUKp8g5rSLJvwwIjevNJBulHKjZiqUJI&sai=AMfl-YRBRZNEgA_u4Vdc3bx5xf1UccYz9YRyQuX5jaqzP8EKcMUs-cIRjNkUn9GXaDgbHxDRxkO0R03YxvZx790UoiBL8o8ilv5IzaRkkzUa&sig=Cg0ArKJSzMv968jqRGnjEAE&cid=CAQSLQCNIrLMQOg5YwyAVkD7xjMzDyNMsnsPvwRQhQc3b03r26TpWdqWUQACbe5cvQ&id=lidar2&mcvt=1000&p=555,436,645,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220720&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=22&adk=1358258519&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658475734524&rpt=655&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Jul 2022 07:42:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| jscVersion object| google_casm object| google_js_reporting_queue number| google_srt function| bgz function| mb function| init_ssb function| accbk function| cla function| cll function| clb function| clh function| xy function| ss function| st function| ha function| hb function| ia function| ja function| ga object| dicnf object| viewReq function| vu function| bga function| bgy function| buildAttribution object| google_logging_queue undefined| goog_delegate_deferred_token object| window_focus_for_click number| __google_lidar_ function| osdlfm number| __google_lidar_adblocks_count_ function| __google_lidar_radf_ object| google_tag_data object| googqscp function| wrpfc

1 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUn-zmHGOi92j91lDWRKGXmD7ScevmIsTVp4qD_jn0Z0hLu2TXjvVHD8U90YEek

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 0