ashley.cynic.al Open in urlscan Pro
2606:4700:10::6816:48a Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ashley.cynic.al/
Submission: On January 31 via manual (January 31st 2023, 2:39:29 pm UTC) from US — Scanned from DE

Summary HTTP 116 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 32 IPs in 8 countries across 22 domains to perform 116 HTTP transactions. The main IP is 2606:4700:10::6816:48a, located in United States and belongs to CLOUDFLARENET, US. The main domain is ashley.cynic.al.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 10th 2022. Valid for: a year.

This is the only time ashley.cynic.al was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:10:... 2606:4700:10::6816:48a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:400d:808::200a	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80a::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:803::200e	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:400d:808::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:402... 2a00:1450:4025:401::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:400d:807::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
4 5	172.217.20.2 172.217.20.2	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.89.210.90 185.89.210.90	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.96.137.173 104.96.137.173	16625 (AKAMAI-AS) (AKAMAI-AS)
17	205.185.216.42 205.185.216.42	20446 (STACKPATH...) (STACKPATH-CDN)
1	85.14.248.71 85.14.248.71	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3 3	35.157.84.104 35.157.84.104	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2	18.134.217.143 18.134.217.143	16509 (AMAZON-02) (AMAZON-02)
3	92.123.36.89 92.123.36.89	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:400d:805::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80d::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:805::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:807::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:402... 2a00:1450:4028:808::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80c::200e	15169 (GOOGLE) (GOOGLE)
1	2a01:28:cb6:3::c 2a01:28:cb6:3::c	39392 (SUPERNETW...) (SUPERNETWORK ^_^)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400d:80d::2004	15169 (GOOGLE) (GOOGLE)
116	32

1 2606:4700:10::6816:48a (United States)

ASN13335 (CLOUDFLARENET, US)

ashley.cynic.al	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:808::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::200a (Ireland)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:803::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:808::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4025:401::9b (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:400d:807::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.20.2 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: ham02s13-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.90 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.96.137.173 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-137-173.deploy.static.akamaitechnologies.com

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

cdn.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.14.248.71 (Kamp-Lintfort, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.157.84.104 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-84-104.eu-central-1.compute.amazonaws.com

red.vtracy.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.134.217.143 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-134-217-143.eu-west-2.compute.amazonaws.com

ad-events.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 92.123.36.89 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-36-89.deploy.static.akamaitechnologies.com

stat.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:805::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80e::200e (Ireland)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80d::200e (Ireland)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:805::200e (Ireland)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:807::200e (Ireland)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4028:808::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80c::200e (Ireland)

ASN15169 (GOOGLE, US)

i1.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:28:cb6:3::c (Prague, Czech Republic)

ASN39392 (SUPERNETWORK ^_^, CZ)

rr1---sn-n02xgoxufvg3-2gbs.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	397 KB
23	flashtalking.com servedby.flashtalking.com — Cisco Umbrella Rank: 787 cdn.flashtalking.com — Cisco Umbrella Rank: 1051 ad-events.flashtalking.com — Cisco Umbrella Rank: 2133 stat.flashtalking.com — Cisco Umbrella Rank: 2523	200 KB
18	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn2.gstatic.com csi.gstatic.com	322 KB
15	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 211	99 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 524	3 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34 ajax.googleapis.com — Cisco Umbrella Rank: 295	35 KB
3	vtracy.de 3 redirects red.vtracy.de — Cisco Umbrella Rank: 124369	2 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 203	3 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 186	144 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 824	136 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8741	696 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	87 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21	20 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	16 KB
1	googlevideo.com rr1---sn-n02xgoxufvg3-2gbs.googlevideo.com	787 KB
1	ytimg.com i1.ytimg.com — Cisco Umbrella Rank: 1805	8 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 304	265 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1401	630 B
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 12387	60 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 858	600 B
1	cynic.al ashley.cynic.al	2 KB
116	22

	Domain	Requested by
19	pagead2.googlesyndication.com	ashley.cynic.al pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
17	cdn.flashtalking.com	servedby.flashtalking.com cdn.flashtalking.com
17	tpc.googlesyndication.com	ashley.cynic.al googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com ashley.cynic.al googleads.g.doubleclick.net
5	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net
5	fonts.gstatic.com	fonts.googleapis.com
4	www.gstatic.com	googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
3	stat.flashtalking.com	googleads.g.doubleclick.net
3	red.vtracy.de	3 redirects
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.googletagservices.com	ashley.cynic.al googleads.g.doubleclick.net
3	fonts.googleapis.com	ashley.cynic.al googleads.g.doubleclick.net
2	static.xx.fbcdn.net	www.facebook.com
2	csi.gstatic.com	www.gstatic.com
2	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
2	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
2	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
2	ad-events.flashtalking.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	connect.facebook.net	ashley.cynic.al connect.facebook.net
2	www.google-analytics.com	ashley.cynic.al www.google-analytics.com
1	www.google.com	tpc.googlesyndication.com
1	www.facebook.com	connect.facebook.net
1	rr1---sn-n02xgoxufvg3-2gbs.googlevideo.com	googleads.g.doubleclick.net
1	i1.ytimg.com	googleads.g.doubleclick.net
1	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
1	match.adsrvr.org	googleads.g.doubleclick.net
1	dsp.adfarm1.adition.com	1 redirects
1	m.exactag.com	googleads.g.doubleclick.net
1	servedby.flashtalking.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	ajax.googleapis.com	ashley.cynic.al
1	ashley.cynic.al
116	36

This site contains links to these domains. Also see Links.

Domain
agilebits.com
lastpass.com
keepass.info
www.theguardian.com
www.reddit.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-10` - `2023-06-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-09` - `2023-02-07`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
servedby.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-11` - `2023-11-12`	a year	crt.sh
cdn.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-02-25`	a year	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2022-08-19` - `2023-09-15`	a year	crt.sh
ad-events.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-03` - `2023-08-31`	a year	crt.sh
*.googlevideo.com GTS CA 1C3	`2023-01-24` - `2023-04-04`	2 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://ashley.cynic.al/
Frame ID: 4A85DBDC3755FC0EF2E8C87BAE680FA7
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20190131/zrt_lookup.html
Frame ID: DDCEB11BF826657EDCF0EAAB1B7D6153
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4486686147071812&output=html&adk=1812271804&adf=4235265862&lmt=1675175964&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fashley.cynic.al%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175964474&bpp=3&bdt=198&idt=188&shv=r20230125&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6704641871425&frm=20&pv=2&ga_vid=425902889.1675175965&ga_sid=1675175965&ga_hid=1409964257&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071546%2C31071581%2C31071811%2C31071947%2C44779794%2C44782816%2C31071260%2C21065725&oid=2&pvsid=3230512511855974&tmod=110625593&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=209
Frame ID: F4419738EFA8787C17AC5070BD9079E5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4486686147071812&output=html&h=280&slotname=7721001493&adk=2419587748&adf=3025194257&pi=t.ma~as.7721001493&w=1200&fwrn=4&fwrnh=100&lmt=1675175964&rafmt=1&format=1200x280&url=https%3A%2F%2Fashley.cynic.al%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175964477&bpp=2&bdt=201&idt=213&shv=r20230125&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6704641871425&frm=20&pv=1&ga_vid=425902889.1675175965&ga_sid=1675175965&ga_hid=1409964257&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=40&ady=154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071546%2C31071581%2C31071811%2C31071947%2C44779794%2C44782816%2C31071260%2C21065725&oid=2&pvsid=3230512511855974&tmod=110625593&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eXazdS7NIk&p=https%3A//ashley.cynic.al&dtd=218
Frame ID: 9D647CE9AF42937B1D3B7B2E4D92ECA3
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4486686147071812&output=html&h=280&slotname=7721001493&adk=2419587748&adf=1573534164&pi=t.ma~as.7721001493&w=1200&fwrn=4&fwrnh=100&lmt=1675175964&rafmt=1&format=1200x280&url=https%3A%2F%2Fashley.cynic.al%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175964479&bpp=1&bdt=203&idt=219&shv=r20230125&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=6704641871425&frm=20&pv=1&ga_vid=425902889.1675175965&ga_sid=1675175965&ga_hid=1409964257&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=40&ady=1147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071546%2C31071581%2C31071811%2C31071947%2C44779794%2C44782816%2C31071260%2C21065725&oid=2&pvsid=3230512511855974&tmod=110625593&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=JMkQBWltF0&p=https%3A//ashley.cynic.al&dtd=222
Frame ID: 9C79F8E07BCEBFD2DE14A18E36DB55DA
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1
Frame ID: 22185BD11EFFB87E7BA17233A4EF4A3B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEY7Oq-3QEwAQ&v=APEucNXv8olOMjnm3ZrksP_8Uy4NjgAeMF2G3WTrgY9MFT0GLrV4Gu8X2fuwyeJry7J_aMxGcAog-0_1_022Lwxmm2mWJYbhRpqfz0wzVCJWtW1y9JMQ2QdkTnuYVZrUnnrtr7CJqHMIA-DPF9tRVdN0eF-pOlvmIxluTvcT92a9-y__GViBI6Y
Frame ID: 14BD5DF96EA95797CFEFDFC5EB735DE1
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 9D9E7EEE3741472DB069D34F16BAE7F1
Requests: 23 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 30B016EF09A272717BE6E3FB688297A8
Requests: 3 HTTP requests in this frame

Frame: https://cdn.flashtalking.com/174125/4168642/main.html
Frame ID: BA7344BBB419AEC3420ADF476E25C245
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/2e6kLxeeSlTXLHIHKIZu8zKMmhAlZmQUgR37z8_ueWI.js
Frame ID: 08E3D593893A38083F562BD39F99EA5D
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.4/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df343d4872a882c8%26domain%3Dashley.cynic.al%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fashley.cynic.al%252Ff312f8f857e02d%26relation%3Dparent.parent&container_width=1520&href=https%3A%2F%2Fashley.cynic.al%2F&layout=button_count&locale=en_GB&sdk=joey
Frame ID: 6C1AAACCC8876C002F0BA6CF97ABFA25
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/2e6kLxeeSlTXLHIHKIZu8zKMmhAlZmQUgR37z8_ueWI.js
Frame ID: 9FB6FF8833FBD6A42E43764F76969DA5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 37EE5826B97A7EC8CBC969C74BA4E112
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D671DE5A289F3BB698B1F2D84C905CED
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ashley Madison hacked email checker

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

116
Requests

96 %
HTTPS

67 %
IPv6

22
Domains

36
Subdomains

32
IPs

8
Countries

2260 kB
Transfer

4511 kB
Size

20
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://agilebits.com/onepassword
Title: 1Password

Search URL Search Domain Scan URL

URL: https://lastpass.com/
Title: LastPass

Search URL Search Domain Scan URL

URL: http://keepass.info/
Title: KeePass

Search URL Search Domain Scan URL

URL: http://www.theguardian.com/technology/2013/nov/07/adobe-password-leak-can-check
Title: Adobe leaked password checker

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/ashleymadisonhack/comments/3hrcux/well_that_didnt_take_long_trustify_attempting_to/
Title: More info

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPqX6F2Jo3EFRgSRYKUlZlw&google_cver=1

Request Chain 29

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y9koHYh6bxUZVfvNQdd-TQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPqX6F2Jo3EFRgSRYKUlZlw&google_cver=1

Request Chain 30

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEP8iY3hzv3OUeJvoRsULzng&google_cver=1

Request Chain 31

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY2MDIzNTc4MDc5OTQ2MzcyNg%3D%3D

Request Chain 44

https://red.vtracy.de/img.tr?tr_adid=k199096_s15874_p7046946_c4168642&tr_div=ftdiv7046946&tr_sync=true&tr_mid=5509165A9EE61A&gdpr_consent=&gdpr=&tr_uid1=FT&&t=270865781 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=vivakide_dmp2&google_cm&v3=vi-d8c7047b-6a32-4083-b8bc-d8ce3f3ab609&adid=k199096_s15874_p7046946_c4168642&tr_aa=true&tr_ttd=true&tr_run=false&tr_adf=false&tr_timestamp=1675175965788&tamgdpr=&tamgdpr_consent=&request_uid=Y9koHQdJf7UCsZNYh0UxiwAAAAs HTTP 302
https://red.vtracy.de/tr_cm?v3=vi-d8c7047b-6a32-4083-b8bc-d8ce3f3ab609&adid=k199096_s15874_p7046946_c4168642&tr_aa=true&tr_ttd=true&tr_run=false&tr_adf=false&tr_timestamp=1675175965788&tamgdpr=&tamgdpr_consent=&request_uid=Y9koHQdJf7UCsZNYh0UxiwAAAAs&google_gid=CAESEDAmxLQruD1TP_S3LDfEjNc&google_cver=1 HTTP 302
https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fred.vtracy.de%2Ftr_aa%3Fv3%3Dvi-d8c7047b-6a32-4083-b8bc-d8ce3f3ab609%26adid%3Dk199096_s15874_p7046946_c4168642%26userId%3D%25%25COOKIE%25%25%26tr_timestamp%3D1675175965848%26tr_run%3Dfalse%26tr_ttd%3Dtrue%26tamgdpr%3D%26tamgdpr_consent%3D%26request_uid%3DY9koHQdJf7UCsZNYh0UxiwAAAAs HTTP 302
https://red.vtracy.de/tr_aa?v3=vi-d8c7047b-6a32-4083-b8bc-d8ce3f3ab609&adid=k199096_s15874_p7046946_c4168642&userId=7194825984773388436&tr_timestamp=1675175965848&tr_run=false&tr_ttd=true&tamgdpr=&tamgdpr_consent=&request_uid=Y9koHQdJf7UCsZNYh0UxiwAAAAs HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=m82k10l&ttd_tpi=1&ttd_puid=vi-d8c7047b-6a32-4083-b8bc-d8ce3f3ab609&gdpr=&gdpr_consent=&request_uid=Y9koHQdJf7UCsZNYh0UxiwAAAAs

116 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ashley.cynic.al/ 5 KB
2 KB 587ms
380ms Document
text/html 2606:4700:10::6816:48a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ashley.cynic.al/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:48a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0244a1b6b9083c70828b8fb2ba5fdc745169c3230fa8473786962112cc5a583

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7923324e5c11bbbf-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 31 Jan 2023 14:39:24 GMT
server: cloudflare
strict-transport-security: max-age=15552000
x-frame-options: SAMEORIGIN

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 114ms
45ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,600

Requested by

Host: ashley.cynic.al
URL: https://ashley.cynic.al/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a9b7c06a0c817bdc4ab10085f879db20f7f463cc8cfa76ea74f13c68c7e50aeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ashley.cynic.al/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 31 Jan 2023 14:39:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 13:13:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Jan 2023 14:39:24 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
49 KB 150ms
81ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ashley.cynic.al
URL: https://ashley.cynic.al/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e0996951e05cb036623d8174f2bed104cc1b4874926c9515bed384624ea7547

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ashley.cynic.al/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:39:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49893
x-xss-protection: 0
server: cafe
etag: 7625763999180714028
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 31 Jan 2023 14:39:24 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 91 KB
33 KB 92ms
23ms Script
text/javascript 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Requested by

Host: ashley.cynic.al
URL: https://ashley.cynic.al/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ashley.cynic.al/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 16:51:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 596899
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32954
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Jan 2024 16:51:05 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 93ms
24ms Script
text/javascript 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: ashley.cynic.al
URL: https://ashley.cynic.al/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ashley.cynic.al/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 31 Jan 2023 14:21:44 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1060
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 31 Jan 2023 16:21:44 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_GB/ 3 KB
2 KB 39ms
9ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js

Requested by

Host: ashley.cynic.al
URL: https://ashley.cynic.al/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cb9e1bb7c72b7aac13c3e27dc72560a706349328c990b90193f4685dda51a7c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ashley.cynic.al/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 31 Jan 2023 14:39:24 GMT
content-md5: ELSa/2DGHs4QwximOF79fQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: cqqyB0+YJwdjz0iwSCGG2mR7rnje0Wax0KR3YWWmK+Roj2NwS3oowx2Pk9y0pDze4FebvBQ8mUHbt8vtyWBVhQ==
x-fb-trip-id: 1679558926
x-fb-content-md5: 76f665ff76d218d20016d58df497e691
cross-origin-opener-policy: same-origin-allow-popups
etag: "c4264125f7176cddb7c20b5aa128fda1"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 31 Jan 2023 14:41:49 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 92ms
22ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ashley.cynic.al
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 08:26:15 GMT
x-content-type-options: nosniff
age: 367989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 08:26:15 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_GB/ 301 KB
85 KB 18ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js?hash=acb8436607d0e2880f029328438e33e5

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c4a5d7b8e78af6d347f8a345f4f7b26e44363514a9e850974770a1cfb211d3c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ashley.cynic.al/
Origin: https://ashley.cynic.al
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 31 Jan 2023 14:39:24 GMT
content-md5: IOzIqb88Fsjdmm4KFlalPQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86990
x-fb-rlafr: 0
x-fb-debug: IzDdWxj/afIJ9VS/RvQ7VImoT6CPvSFOKJicCsVxzKmkuJ2bPezXtCxGurj5B1HhUNmvzAG78W3L+2nf8GWtSw==
x-fb-content-md5: 719979ac244aba6bc89be005636eee10
cross-origin-opener-policy: same-origin-allow-popups
etag: "e6fc8627380b8226d429b3beeeac611b"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 31 Jan 2024 11:02:36 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301190101/ 360 KB
118 KB 93ms
92ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4486686147071812&plah=ashley.cynic.al&bust=31071811

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1977d4316a216ca83d70586312ab8753067c5deb7f8d2a02561a4a021a92eae5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ashley.cynic.al/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:39:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121044
x-xss-protection: 0
server: cafe
etag: 12527732199056329429
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 31 Jan 2023 14:39:24 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230125/r20190131/ Frame DDCE 10 KB
4 KB 27ms
22ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230125/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ashley.cynic.al/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 85710
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 14:50:54 GMT
etag: 10353107486223812946
expires: Mon, 13 Feb 2023 14:50:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
209 B 45ms
45ms XHR
text/plain 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1409964257&t=pageview&_s=1&dl=https%3A%2F%2Fashley.cynic.al%2F&ul=en-us&de=UTF-8&dt=Ashley%20Madison%20hacked%20email%20checker&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1183585347&gjid=2077282514&cid=425902889.1675175965&tid=UA-21692996-14&_gid=1033900471.1675175965&_r=1&_slc=1&z=1244463676

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ashley.cynic.al/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 14:39:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ashley.cynic.al
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
346 B 46ms
17ms XHR
text/plain 2a00:1450:4025:401::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-21692996-14&cid=425902889.1675175965&jid=1183585347&gjid=2077282514&_gid=1033900471.1675175965&_u=IEBAAEAAAAAAACAAI~&z=1226977000

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ashley.cynic.al/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 31 Jan 2023 14:39:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ashley.cynic.al
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 383 B
600 B 110ms
43ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ashley.cynic.al&callback=_gfp_s_&client=ca-pub-4486686147071812

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4486686147071812&plah=ashley.cynic.al&bust=31071811

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8c465a3468c5f90aea83297aadcb6691ce7179823a728d08d6b655c6d4b7527

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ashley.cynic.al/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:39:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 115ms
47ms Script
application/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ashley.cynic.al

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ashley.cynic.al/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:39:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 120ms
49ms Script
application/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ashley.cynic.al

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ashley.cynic.al/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:39:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F441 33 KB
12 KB 261ms
261ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4486686147071812&output=html&adk=1812271804&adf=4235265862&lmt=1675175964&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fashley.cynic.al%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175964474&bpp=3&bdt=198&idt=188&shv=r20230125&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6704641871425&frm=20&pv=2&ga_vid=425902889.1675175965&ga_sid=1675175965&ga_hid=1409964257&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071546%2C31071581%2C31071811%2C31071947%2C44779794%2C44782816%2C31071260%2C21065725&oid=2&pvsid=3230512511855974&tmod=110625593&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca7a6b690d99d481600652ec532931bd36fb24b01645dc17938604d7e068d51d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ashley.cynic.al/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 12543
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 14:39:24 GMT
expires: Tue, 31 Jan 2023 14:39:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9D64 87 KB
31 KB 1343ms
1343ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4486686147071812&output=html&h=280&slotname=7721001493&adk=2419587748&adf=3025194257&pi=t.ma~as.7721001493&w=1200&fwrn=4&fwrnh=100&lmt=1675175964&rafmt=1&format=1200x280&url=https%3A%2F%2Fashley.cynic.al%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175964477&bpp=2&bdt=201&idt=213&shv=r20230125&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6704641871425&frm=20&pv=1&ga_vid=425902889.1675175965&ga_sid=1675175965&ga_hid=1409964257&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=40&ady=154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071546%2C31071581%2C31071811%2C31071947%2C44779794%2C44782816%2C31071260%2C21065725&oid=2&pvsid=3230512511855974&tmod=110625593&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eXazdS7NIk&p=https%3A//ashley.cynic.al&dtd=218

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47fa36ba5e66b7d3623eb107ff09b738eaecb6e2fc15c25491ac86750ac85c10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ashley.cynic.al/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 31316
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 14:39:26 GMT
expires: Tue, 31 Jan 2023 14:39:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9C79 114 KB
35 KB 1195ms
1195ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4486686147071812&output=html&h=280&slotname=7721001493&adk=2419587748&adf=1573534164&pi=t.ma~as.7721001493&w=1200&fwrn=4&fwrnh=100&lmt=1675175964&rafmt=1&format=1200x280&url=https%3A%2F%2Fashley.cynic.al%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175964479&bpp=1&bdt=203&idt=219&shv=r20230125&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=6704641871425&frm=20&pv=1&ga_vid=425902889.1675175965&ga_sid=1675175965&ga_hid=1409964257&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=40&ady=1147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071546%2C31071581%2C31071811%2C31071947%2C44779794%2C44782816%2C31071260%2C21065725&oid=2&pvsid=3230512511855974&tmod=110625593&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=JMkQBWltF0&p=https%3A//ashley.cynic.al&dtd=222

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

371dfd5d3aee10ac5147622116aaeb215e34e69600dfa48025bd80cee0655336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ashley.cynic.al/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 35902
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 14:39:25 GMT
expires: Tue, 31 Jan 2023 14:39:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301190101/ 150 KB
51 KB 93ms
92ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301190101/reactive_library_fy2021.js?bust=31071811

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2557e4d35e58e5d14826828343ca8fee6efa3f86f9e4733029f8586d3686e374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ashley.cynic.al/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52190
x-xss-protection: 0
server: cafe
etag: 18144990353152046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Jan 2023 14:39:25 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 46ms
45ms Script
application/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ashley.cynic.al

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ashley.cynic.al/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:39:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 47ms
47ms Script
application/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ashley.cynic.al

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ashley.cynic.al/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:39:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/ Frame 2218 10 KB
4 KB 22ms
22ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ashley.cynic.al/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 71123
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 18:54:02 GMT
etag: 10353107486223812946
expires: Mon, 13 Feb 2023 18:54:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 14BD 624 B
246 B 58ms
57ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEY7Oq-3QEwAQ&v=APEucNXv8olOMjnm3ZrksP_8Uy4NjgAeMF2G3WTrgY9MFT0GLrV4Gu8X2fuwyeJry7J_aMxGcAog-0_1_022Lwxmm2mWJYbhRpqfz0wzVCJWtW1y9JMQ2QdkTnuYVZrUnnrtr7CJqHMIA-DPF9tRVdN0eF-pOlvmIxluTvcT92a9-y__GViBI6Y

Requested by

Host: ashley.cynic.al
URL: https://ashley.cynic.al/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 14:39:25 GMT
expires: Tue, 31 Jan 2023 14:39:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9D9E 78 KB
27 KB 83ms
82ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: ashley.cynic.al
URL: https://ashley.cynic.al/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 31 Jan 2023 14:39:25 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame 9D9E 3 KB
1 KB 96ms
26ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/window_focus_fy2021.js

Requested by

Host: ashley.cynic.al
URL: https://ashley.cynic.al/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 22:53:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56726
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 22:53:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame 9D9E 18 KB
8 KB 94ms
24ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ashley.cynic.al
URL: https://ashley.cynic.al/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:27:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7523
x-xss-protection: 0
server: cafe
etag: 641023367890010850
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Feb 2023 14:27:12 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9D9E 157 KB
49 KB 171ms
101ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ashley.cynic.al
URL: https://ashley.cynic.al/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a482b87b1055665d77c94492bf4739724380d45b00083575738386b2c7ee9d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:39:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49075
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675083396089714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 14:39:25 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9D9E 42 B
63 B 55ms
55ms Image
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B6W0dSyweAPJENS0g86zfKsq5N7nBkdUp3leh37G4gAMSNI-6oejMaYVBpS7gTQmt5gdRzPlj5I1suhVC_IvYcYZyC9IwDrJFbxLxhcIClVhNLTKk

Requested by

Host: ashley.cynic.al
URL: https://ashley.cynic.al/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 14:39:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9D9E 0
20 B 55ms
54ms Image
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17661384981480318753&x=1&ct=77

Requested by

Host: ashley.cynic.al
URL: https://ashley.cynic.al/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 14:39:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 14BD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPqX6F2Jo3EFRgSRYKUlZlw&google_cver=1

43 B
766 B

11ms
11ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPqX6F2Jo3EFRgSRYKUlZlw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEY7Oq-3QEwAQ&v=APEucNXv8olOMjnm3ZrksP_8Uy4NjgAeMF2G3WTrgY9MFT0GLrV4Gu8X2fuwyeJry7J_aMxGcAog-0_1_022Lwxmm2mWJYbhRpqfz0wzVCJWtW1y9JMQ2QdkTnuYVZrUnnrtr7CJqHMIA-DPF9tRVdN0eF-pOlvmIxluTvcT92a9-y__GViBI6Y
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Jan 2023 14:39:25 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 31 Jan 2023 14:39:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPqX6F2Jo3EFRgSRYKUlZlw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 14BD
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y9koHYh6bxUZVfvNQdd-TQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPqX6F2Jo3EFRgSRYKUlZlw&google_cver=1

43 B
766 B

19ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPqX6F2Jo3EFRgSRYKUlZlw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEY7Oq-3QEwAQ&v=APEucNXv8olOMjnm3ZrksP_8Uy4NjgAeMF2G3WTrgY9MFT0GLrV4Gu8X2fuwyeJry7J_aMxGcAog-0_1_022Lwxmm2mWJYbhRpqfz0wzVCJWtW1y9JMQ2QdkTnuYVZrUnnrtr7CJqHMIA-DPF9tRVdN0eF-pOlvmIxluTvcT92a9-y__GViBI6Y
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Jan 2023 14:39:25 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 31 Jan 2023 14:39:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPqX6F2Jo3EFRgSRYKUlZlw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 14BD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEP8iY3hzv3OUeJvoRsULzng&google_cver=1

43 B
1 KB

38ms
38ms

Image
image/gif

185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEP8iY3hzv3OUeJvoRsULzng&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEY7Oq-3QEwAQ&v=APEucNXv8olOMjnm3ZrksP_8Uy4NjgAeMF2G3WTrgY9MFT0GLrV4Gu8X2fuwyeJry7J_aMxGcAog-0_1_022Lwxmm2mWJYbhRpqfz0wzVCJWtW1y9JMQ2QdkTnuYVZrUnnrtr7CJqHMIA-DPF9tRVdN0eF-pOlvmIxluTvcT92a9-y__GViBI6Y

Protocol

HTTP/1.1

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Jan 2023 14:39:25 GMT
AN-X-Request-Uuid: a1289c12-79ff-4cf0-84a0-35aaae6c31fe
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Jan 2023 14:39:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEP8iY3hzv3OUeJvoRsULzng&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 14BD
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY2MDIzNTc4MDc5OTQ2MzcyNg%3D%3D

170 B
243 B

47ms
46ms

Image
image/png

172.217.20.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY2MDIzNTc4MDc5OTQ2MzcyNg%3D%3D

Requested by

Protocol

Server

172.217.20.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ham02s13-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 14:39:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 31 Jan 2023 14:39:25 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: fc434bae-2d88-4ce3-8c39-806b9d7ed23d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY2MDIzNTc4MDc5OTQ2MzcyNg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9D9E 0
20 B 55ms
54ms Ping
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7962560859470&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 14:39:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9D9E 0
20 B 55ms
54ms Ping
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7962560859470&version=m202301230201&ct=77&x=1&cor=17661384981480319000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 14:39:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9D9E 15 KB
11 KB 73ms
72ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CdPjzQLwYyIBOGJpoajOtv1YAJ0UgNEB_b63Zoln7sc3A--d6TS8J3NfepxUfuJ67tdEVaGJyLFDqpewUFOcKxokU3kurdPLCFxH1Ubwrm9aADZ0qOqy1zHqRdI6zhUdU5Urn5vNNFOpUzWLjSHwogCbIasAqljkyT13oIDT3eTUgBqMY&cry=1&dbm_d=AKAmf-DJRp-OSiegfc4tWAcisxEIofLh-54wqF7E8X0SBf15EtRsYLfNtm_mFfqVhwH3iDnafY8_RCXk-902qnoOUB1tZkU7Yy9mQTL47BhvZVrmWtdOc3EADU1SiDCwgeNk9KIhL7P2Hs8djx-bklSTEPBFjDFxqeszbE0i_QVjaEFu6yGUgsHmkY0Gjdbp-9jHNNAPlFzp9TV_gmo7EGLKRWujtoWxy5QfQY5YU__0_fgNRjezpUXCGsuzoXpNIkygwv2SJgSwtn6qxqBytsx7x9T00vlBK56FEgPsrKaMtb225nAIxZ7AKuZG0LiCssbBNuqL-CaHp4668qiGH8TuvuTIXWdOSZ9hYn_avVD8uH37REr8O-Tu4mdMcQNyY3Z7QonzHLXUrg8XMyYzXoKJ9ZuzYOUHwsczhsgwfUDEL4iYkJjQu1QXk2vp52jEkczBf_kQ45Pd1-2ibDe3z0omTOBap5iBCfJyJX5zU6ZcnmiEJQqKORGS-6SQEnNytItgk3BfKJANiP-lTtx_Uh-VMFGwHzvbGTF1DjVLq8FDqQ6g21GrmgQTX-T84Uyjh9qsie4aSmvsurABLi1RwUowQQFOKPgzr74AdgyF5QMNbTWToInL7E0Lw4Ste9HZV0BBrvNMVQxxRhpQPx4hhZpL34FEESdaXAwEPmzIwRfg1c-jv5fi4Pi3Hqozzw5ZqY6LXliPWN0lEU9XsR-qQPPkoPI5OjfWpBPSqDirCPC4dstwfqFjMAfFxcZ1gFcyGlwio6dxP-NGKaB5J0WBxD0vmFwDpOyRqi0y0VAviJ7eu985p2l0-pLOqzpkdXT-gP36u6cIeBC8SeEKr5eWj4BMKLn1yc4GLOVTBhyNTwfJlFr8iSj7ZaePfDrP378L19ROTl8ZIXZw6h-xg9QS-B_gsKgLU9_pLOBiJMQNmwDS5Gpe8qDK8VVAFRt6_tf8dZduHF4u2x37pSIAbo2ISeduStgsHrd8uuj9It5OfRkeOMEpLhr7AdoPVOotUNK-TR8s1HJOv86zwEr2gC5u9SXrZr1GMMjslNcC2JMZUICDciYHeork7FQ7LcsNZnDu5CQhWZ7J-_Lpa20-t_6cxTIjiP1BVPYgiRUCtU1yXZN1St8TEf0Eri6xgzzlbgIWwWjG5aKCMhjK23LoIeb9NK5WkFgcDFxEalqDHd3sgzXDk6s2LzN1-q5KUiAWJf61E_80YoVkx5DouYVWlCFVmCLOGCEQcoyYXo7b6nt6HtfaYcKBSIsIEANe_WoykkBJ26acd8yZCbSVWsdVh0X-ZCZSc63MF1YcPzTQHDiYYG8BZO2EVXWmEjRE3Zy5SBqCpsh02GN7ecblLzifDbY4uImtQlsuSw6B0v1Z-Oblc1daorWJ0ILshdPDKhDMwb8-e84VM6eLWln2xumBT4AQ_KsnZeLzIgGhpwsjr1jwf9CWhFm9SfPeunmiWTMBHVgFoKcI2wJguD9eSGt_GmKDtu3UZE39xgwpCxmmUf0O7ib6QcRPR0no8i_1p3XcvXZh5R2dIGlgmGzKIrCzIkb8bWfAHdas7vVXvr-5jDZ9_vYmwcXCNcfPMdXsOt_h_IOedgW_e0vY3KMf58KNlWAI9TsGSeG8LZm8ufz2EJjTXrP5sWCgyW3juh-uxKuGnr_auBxh5QA1du2xjc7TrsvWKOQ3iEkwyh5xpRR2FrpggjcDQZf3z0B7PdonC4fKFGMzy24j9qEkPlawEqygPvPFClWVi4LY6FXEBlsCqiK5c8sLIZPuxOef4Qw0cAH-FeUgTk9iptCg-mmu6qANMP-yni0ftzmYYXigOx68lwq8KyKL7PBITFnBwBeY6a1rju7mSP529Hddx-wwvaZyy77SiceUnqy9U6u3QwxukBdcFfH0qKnYhcZh2FTgE0sF9HcXQO0Ku2VTIGQGOsj0_Lpva7mXCWjTtbh5uJ5b6U665S38qeyqw6Y5c7MviaA78Hszo2hIjEgrbIimpEmvOz7NWnWx-BeSDeqGXqXJpus3KDCGne8vR-RsV62jvvcofD31236uxYGRpbtDZOheF8kttGxBmqoXOCjg8ps1TnmEI2P_8noakcsXcuphFiMymERuCwOkLsOvUOF8RP4By1C0ODbJ41B52F1IAW_vTbQ_MbsmtAr3H4d1y8vLIqKgayLM2MfwPLAxR1A8LXb6GqP_bwEV3Hu_baSxEztwLKO_IhXZWj3U8z6Uu7-c43ynU8C3gfAixhAkX8t_7mKTFaDKNrQYzJ45ccZ9ywXLk-O7iO9i9eb_IN43Ok5rwPo8tHejtItiHV16o-SfFI9VzbzrvMqSBvwMzmfUcVqRie03maAsmUohMTjp0yaGzrbrXH9a-ey_1mFFgCxxOEabhA85DnhS3K77XwJPRtLvdmFXVvXlInfeTlLE-xPYeZ4USMybZCpprTy9q9gwoZLj2-rKIa68C3RikWKFYBuNqSEoEn5Hr2uV69WHQMzmyt8whRFMKbPxK-JGSt58Shu65yKDZ0DDNPCT_DisWZ697TCx_TvZeBvn1UNJOd0Yrt7e8hPf5MYVT06GgvlBWxEDpfhnOsTS0K1KY1LMhaTk65sNuO97B3oNYBA0jwTjrRUwAv5oMnLaegky2BBndXjTsUKm9wcbRmB1zG62z_c91KZg5wFJnixoUpxDpuqQSAFFBrNBpyc8xsOULn2e6-BPajCWi2OzsMNGiH3EjkmJlCgkyPbY4X7LtbailpJBSO5FnR5QxAE8Oa1XelVsgeYG0njVQnHKbf-g9QSeMiYLZcd7QxW-YyKVBDUyTA64DNmEuHn883vlIuDy8zvfbV9atnyKSC-ZM-9zADrQwH3Fvw03dXqtNnT0tEzdnYPR_TRfZWi3LdkxB4bAqup3P_zrhikBCQST3nUSzG1NafV2MN2Duzo9llLFG9EmaJp1PmMSQkTQ6XIjoqsCmXGlGLL9FqkzJmcVYemv1KLcbNaO3dw_BZZFMHAkr_dCBw1YNVXpNgje8_YUGsGZLNLLzPDCBZs-sfdnvjLI_A8lma-Iy6S0BN39-LV-Syrl6bmXCUrLu2UljmoctAQhLQcEJ5dkrBteomrkrvkFo90YcdkZkiNxu5-Wa2ixn6RWv2nNrn6uVJakBL2HQ04hWWcR0Xoi7n7-Wweek5XwhbM0irm1u66XcQaqHWsdAwcDZsIL4V7SunjgrCH-DZtggOdn3JruKvJPMhAQPqAuye7oILRlk1g1Jw9LOqxXkkkcJxkYNJZVtosUoJnJnD3RM9lyLLukNCcmbh8IPe7Go9tCpCiaUJEGRJUoCG-XuKxMpcBhj86hAqU3eP6CJQTrDCXm0v2ONOAykhvrC4UZZVbNGnLiUNd7eXjjqjBNUV4BPoIusyyHspPwJ2W3oGJDSc8_-eq8VWkT-6CCcvb8f9BIF5SwfFVJd0mRp963s2MHGC8LYf2dqxv-tD4vZ3ukHpYv&cid=CAQSGwDUE5ymPNOEaO_TIf72PMvyjDV7IyRN4EecrBgBIBM&dv3_ver=m202301230201&rfl=https%3A%2F%2Fashley.cynic.al%2F&ds=l&xdt=1&iif=1&cor=17661384981480319000&adk=1761367587&idt=88&cac=0&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c9e4f752dff8d9e2aeca1c10ed010c986a01b4b8c37c9d12d4c365fd03a8517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 14:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11335
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9D9E 41 KB
15 KB 24ms
23ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CdPjzQLwYyIBOGJpoajOtv1YAJ0UgNEB_b63Zoln7sc3A--d6TS8J3NfepxUfuJ67tdEVaGJyLFDqpewUFOcKxokU3kurdPLCFxH1Ubwrm9aADZ0qOqy1zHqRdI6zhUdU5Urn5vNNFOpUzWLjSHwogCbIasAqljkyT13oIDT3eTUgBqMY&cry=1&dbm_d=AKAmf-DJRp-OSiegfc4tWAcisxEIofLh-54wqF7E8X0SBf15EtRsYLfNtm_mFfqVhwH3iDnafY8_RCXk-902qnoOUB1tZkU7Yy9mQTL47BhvZVrmWtdOc3EADU1SiDCwgeNk9KIhL7P2Hs8djx-bklSTEPBFjDFxqeszbE0i_QVjaEFu6yGUgsHmkY0Gjdbp-9jHNNAPlFzp9TV_gmo7EGLKRWujtoWxy5QfQY5YU__0_fgNRjezpUXCGsuzoXpNIkygwv2SJgSwtn6qxqBytsx7x9T00vlBK56FEgPsrKaMtb225nAIxZ7AKuZG0LiCssbBNuqL-CaHp4668qiGH8TuvuTIXWdOSZ9hYn_avVD8uH37REr8O-Tu4mdMcQNyY3Z7QonzHLXUrg8XMyYzXoKJ9ZuzYOUHwsczhsgwfUDEL4iYkJjQu1QXk2vp52jEkczBf_kQ45Pd1-2ibDe3z0omTOBap5iBCfJyJX5zU6ZcnmiEJQqKORGS-6SQEnNytItgk3BfKJANiP-lTtx_Uh-VMFGwHzvbGTF1DjVLq8FDqQ6g21GrmgQTX-T84Uyjh9qsie4aSmvsurABLi1RwUowQQFOKPgzr74AdgyF5QMNbTWToInL7E0Lw4Ste9HZV0BBrvNMVQxxRhpQPx4hhZpL34FEESdaXAwEPmzIwRfg1c-jv5fi4Pi3Hqozzw5ZqY6LXliPWN0lEU9XsR-qQPPkoPI5OjfWpBPSqDirCPC4dstwfqFjMAfFxcZ1gFcyGlwio6dxP-NGKaB5J0WBxD0vmFwDpOyRqi0y0VAviJ7eu985p2l0-pLOqzpkdXT-gP36u6cIeBC8SeEKr5eWj4BMKLn1yc4GLOVTBhyNTwfJlFr8iSj7ZaePfDrP378L19ROTl8ZIXZw6h-xg9QS-B_gsKgLU9_pLOBiJMQNmwDS5Gpe8qDK8VVAFRt6_tf8dZduHF4u2x37pSIAbo2ISeduStgsHrd8uuj9It5OfRkeOMEpLhr7AdoPVOotUNK-TR8s1HJOv86zwEr2gC5u9SXrZr1GMMjslNcC2JMZUICDciYHeork7FQ7LcsNZnDu5CQhWZ7J-_Lpa20-t_6cxTIjiP1BVPYgiRUCtU1yXZN1St8TEf0Eri6xgzzlbgIWwWjG5aKCMhjK23LoIeb9NK5WkFgcDFxEalqDHd3sgzXDk6s2LzN1-q5KUiAWJf61E_80YoVkx5DouYVWlCFVmCLOGCEQcoyYXo7b6nt6HtfaYcKBSIsIEANe_WoykkBJ26acd8yZCbSVWsdVh0X-ZCZSc63MF1YcPzTQHDiYYG8BZO2EVXWmEjRE3Zy5SBqCpsh02GN7ecblLzifDbY4uImtQlsuSw6B0v1Z-Oblc1daorWJ0ILshdPDKhDMwb8-e84VM6eLWln2xumBT4AQ_KsnZeLzIgGhpwsjr1jwf9CWhFm9SfPeunmiWTMBHVgFoKcI2wJguD9eSGt_GmKDtu3UZE39xgwpCxmmUf0O7ib6QcRPR0no8i_1p3XcvXZh5R2dIGlgmGzKIrCzIkb8bWfAHdas7vVXvr-5jDZ9_vYmwcXCNcfPMdXsOt_h_IOedgW_e0vY3KMf58KNlWAI9TsGSeG8LZm8ufz2EJjTXrP5sWCgyW3juh-uxKuGnr_auBxh5QA1du2xjc7TrsvWKOQ3iEkwyh5xpRR2FrpggjcDQZf3z0B7PdonC4fKFGMzy24j9qEkPlawEqygPvPFClWVi4LY6FXEBlsCqiK5c8sLIZPuxOef4Qw0cAH-FeUgTk9iptCg-mmu6qANMP-yni0ftzmYYXigOx68lwq8KyKL7PBITFnBwBeY6a1rju7mSP529Hddx-wwvaZyy77SiceUnqy9U6u3QwxukBdcFfH0qKnYhcZh2FTgE0sF9HcXQO0Ku2VTIGQGOsj0_Lpva7mXCWjTtbh5uJ5b6U665S38qeyqw6Y5c7MviaA78Hszo2hIjEgrbIimpEmvOz7NWnWx-BeSDeqGXqXJpus3KDCGne8vR-RsV62jvvcofD31236uxYGRpbtDZOheF8kttGxBmqoXOCjg8ps1TnmEI2P_8noakcsXcuphFiMymERuCwOkLsOvUOF8RP4By1C0ODbJ41B52F1IAW_vTbQ_MbsmtAr3H4d1y8vLIqKgayLM2MfwPLAxR1A8LXb6GqP_bwEV3Hu_baSxEztwLKO_IhXZWj3U8z6Uu7-c43ynU8C3gfAixhAkX8t_7mKTFaDKNrQYzJ45ccZ9ywXLk-O7iO9i9eb_IN43Ok5rwPo8tHejtItiHV16o-SfFI9VzbzrvMqSBvwMzmfUcVqRie03maAsmUohMTjp0yaGzrbrXH9a-ey_1mFFgCxxOEabhA85DnhS3K77XwJPRtLvdmFXVvXlInfeTlLE-xPYeZ4USMybZCpprTy9q9gwoZLj2-rKIa68C3RikWKFYBuNqSEoEn5Hr2uV69WHQMzmyt8whRFMKbPxK-JGSt58Shu65yKDZ0DDNPCT_DisWZ697TCx_TvZeBvn1UNJOd0Yrt7e8hPf5MYVT06GgvlBWxEDpfhnOsTS0K1KY1LMhaTk65sNuO97B3oNYBA0jwTjrRUwAv5oMnLaegky2BBndXjTsUKm9wcbRmB1zG62z_c91KZg5wFJnixoUpxDpuqQSAFFBrNBpyc8xsOULn2e6-BPajCWi2OzsMNGiH3EjkmJlCgkyPbY4X7LtbailpJBSO5FnR5QxAE8Oa1XelVsgeYG0njVQnHKbf-g9QSeMiYLZcd7QxW-YyKVBDUyTA64DNmEuHn883vlIuDy8zvfbV9atnyKSC-ZM-9zADrQwH3Fvw03dXqtNnT0tEzdnYPR_TRfZWi3LdkxB4bAqup3P_zrhikBCQST3nUSzG1NafV2MN2Duzo9llLFG9EmaJp1PmMSQkTQ6XIjoqsCmXGlGLL9FqkzJmcVYemv1KLcbNaO3dw_BZZFMHAkr_dCBw1YNVXpNgje8_YUGsGZLNLLzPDCBZs-sfdnvjLI_A8lma-Iy6S0BN39-LV-Syrl6bmXCUrLu2UljmoctAQhLQcEJ5dkrBteomrkrvkFo90YcdkZkiNxu5-Wa2ixn6RWv2nNrn6uVJakBL2HQ04hWWcR0Xoi7n7-Wweek5XwhbM0irm1u66XcQaqHWsdAwcDZsIL4V7SunjgrCH-DZtggOdn3JruKvJPMhAQPqAuye7oILRlk1g1Jw9LOqxXkkkcJxkYNJZVtosUoJnJnD3RM9lyLLukNCcmbh8IPe7Go9tCpCiaUJEGRJUoCG-XuKxMpcBhj86hAqU3eP6CJQTrDCXm0v2ONOAykhvrC4UZZVbNGnLiUNd7eXjjqjBNUV4BPoIusyyHspPwJ2W3oGJDSc8_-eq8VWkT-6CCcvb8f9BIF5SwfFVJd0mRp963s2MHGC8LYf2dqxv-tD4vZ3ukHpYv&cid=CAQSGwDUE5ymPNOEaO_TIf72PMvyjDV7IyRN4EecrBgBIBM&dv3_ver=m202301230201&rfl=https%3A%2F%2Fashley.cynic.al%2F&ds=l&xdt=1&iif=1&cor=17661384981480319000&adk=1761367587&idt=88&cac=0&dtd=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 15:54:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81868
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Jan 2024 15:54:57 GMT

GET
H/1.1 200
OK / Show response
servedby.flashtalking.com/imp/2/199096;7046946;201;js;RecognifiedDE;PBRecognifiedCCRONCHDISPLAYFMSuperbannerSZ728x90VLRTCPCMOLandscapeRechargerTSADASPD/ Frame 9D9E 2 KB
1 KB 191ms
35ms Script
text/javascript 104.96.137.173
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://servedby.flashtalking.com/imp/2/199096;7046946;201;js;RecognifiedDE;PBRecognifiedCCRONCHDISPLAYFMSuperbannerSZ728x90VLRTCPCMOLandscapeRechargerTSADASPD/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20230125%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-0-%26adk%3D1812271801%26client%3Dca-pub-4486686147071812%26fa%3D1%26ifi%3D4%26uci%3Da!4%26btvi%3D1%26xpc%3DBntmIqS3BN%26p%3Dhttps%253A%2F%2Fashley.cynic.al&gdpr=&gdpr_consent=&cachebuster=884494.111869434

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.96.137.173 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-137-173.deploy.static.akamaitechnologies.com

Software

prod-xre-app11.frk11 /

Resource Hash

44cfb53f8f07e00d2cf7353234880f139683fef30d4375ab131f1a58e5f157d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Jan 2023 14:39:25 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=86400
Server: prod-xre-app11.frk11
Vary: Accept-Encoding
Content-Type: text/javascript;charset=ISO-8859-1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 791
Expires: Tue, 31 Jan 2023 14:39:25 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 30B0 22 KB
8 KB 23ms
23ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 190155
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 09:50:10 GMT
expires: Mon, 29 Jan 2024 09:50:10 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 2e6kLxeeSlTXLHIHKIZu8zKMmhAlZmQUgR37z8_ueWI.js Show response
pagead2.googlesyndication.com/bg/ Frame 30B0 36 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2e6kLxeeSlTXLHIHKIZu8zKMmhAlZmQUgR37z8_ueWI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9eea42f179e4a54d72c720728866ef3328c9a1025666414811dfbcfcfee7962

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 20:21:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 497893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14224
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Jan 2024 20:21:12 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 30B0 0
20 B 58ms
58ms Image
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B-ux6HSjZY62QFuCPjuwPyuSiyAYAAAAAOAHgBAI&bg=!SkmlSQ3NAAbFy4Ck5cs7ACkAdvg8WndnAYUWaXymXMhc7RxUfl2tFphI07O1rSldx1c-k59fYQfljAIAAABEUgAAAAJoAQcKAAHDmQL8s2fI3xQrpSTTFjMIwCsubFANPo5xrgXkJSUEu65WeFJ56olzyhp2Yivh8G_pJa23Q7iDyfJMtqRUT1OIsy4_ZfORUZR-kSJp2I2HZIeMVrozzoeRS4pRSjCfYbZGEmVBziTl6Bz4BL64APpzQDqYMGm1VUod3Vs2gwKfsRtGb3BKwhXfpbBv7KLMpIf7TwcYS206dMBxtgvMxjbLn3X8e-EzXaGb72BlaXMoNXYRpbwUiBBq09MAcZ5MduwKv-iBn4e47h1ghdIjySH4y_xY8Nxz91vU1-6RimQ3NeOj_9kpua5JehB0vkslqFGkkvGWxEJDHi39SVSs9BXx3n_md_sAPUaePvpdG7SFCBVD85c-mNEwYoLfVK2jgBvvT4rE0Cddw6W3P-TcQfyPTpQr0c1n2o--MBJP-B4gMhW026Y7bTTNklB5hKexuinMHG_prALLMxE9yRblrY84RDOnYZYv6V1esK57E5CHIuvP4LmMc2mle-lqGw3SjnzF73knBkXd-mzG6E0RgDWCsJSyWFbaRTw_WlvYaPLm-HfDx4SnHREcUVEJRlh6e__j3Ka3iU2Yyckase3nMpaHcY2taJKFrNDWjshG5N-Cyigft-RljOzud4CqVzD-Qh3huaSbTwwCsZCp0yfwCvkUSv9L0cVp17kprBs1oJeNuRWGdp0upE9qMhSr7zK-krKAK1QJDFE3WPbFDOAHCbuZMbuZ4Dc1xfJZgCMIpZyiPe8yD67AquMndd55klT2RwPtt2OY4FNrLHm6EOhBi2xLElKBQWLaQSumAhSjK_nmvEh8Oz_g1GkSRg1Qmqv6PBescL1DCsqc5kxoZzSRrDWlPoE6o43WeGpVVHlxK5DvJ0rl5Js1TeV_oxXqJFdqlJtxJoDG8OAbvJIBxwjxOJkVBk2LLnxr4pGvKfg6Ye24Trf9e46pz9M_qtlacwIuCEOP_CD_O-at_sEIz7n7IR91YeSmMcWDXny-UgnmuixibQRVtFntYE5ZOt6OMGsAUWs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 14:39:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK j-7046946-4168642.js Show response
cdn.flashtalking.com/xre/704/7046946/4168642/js/ Frame 9D9E 86 KB
21 KB 101ms
11ms Script
text/javascript 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/xre/704/7046946/4168642/js/j-7046946-4168642.js
Requested by: Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/2/199096;7046946;201;js;RecognifiedDE;PBRecognifiedCCRONCHDISPLAYFMSuperbannerSZ728x90VLRTCPCMOLandscapeRechargerTSADASPD/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20230125%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-0-%26adk%3D1812271801%26client%3Dca-pub-4486686147071812%26fa%3D1%26ifi%3D4%26uci%3Da!4%26btvi%3D1%26xpc%3DBntmIqS3BN%26p%3Dhttps%253A%2F%2Fashley.cynic.al&gdpr=&gdpr_consent=&cachebuster=884494.111869434
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 2473828306f3c31cc1d280ccca23c582718f0adcdbf4b15a90b6cb5770b5289c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 14:39:25 GMT
Content-Encoding: gzip
x-amz-request-id: 9K7XER50RN9Z41PW
Connection: Keep-Alive
Content-Length: 21290
x-amz-id-2: eJ3tMcnNRSjiBzGJA/QA3niTmOCePOklE2t6uq7/Ux1BQorQ2G9uzqsKYFnIJqjWCT3VPa1silI=
Last-Modified: Mon, 02 Jan 2023 14:46:35 GMT
ETag: "1672670795"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
X-HW: 1675175965.dop051.fr8.t,1675175965.cds156.fr8.shn,1675175965.dop051.fr8.t,1675175965.cds106.fr8.c
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=153
Accept-Ranges: bytes

GET
H/1.1 200
OK main.html Show response
cdn.flashtalking.com/174125/4168642/ Frame BA73 5 KB
2 KB 12ms
11ms Document
text/html 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/174125/4168642/main.html
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/704/7046946/4168642/js/j-7046946-4168642.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: efe6f800f7f05f321e0c9f6bc3b5ed8f05f6a4956c7dad957b9bc54b71d5eecd

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age: 3000
Cache-Control: max-age=153
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1200
Content-Type: text/html
Date: Tue, 31 Jan 2023 14:39:25 GMT
ETag: "1671717993"
Last-Modified: Thu, 22 Dec 2022 14:06:33 GMT
X-HW: 1675175965.dop051.fr8.t,1675175965.cds156.fr8.shn,1675175965.dop051.fr8.t,1675175965.cds235.fr8.c
x-amz-id-2: klzinNMOdUYeoGXpBfIhZA/uxm4xRvlMIj81RIw6cudO81ErjPrxq6nfUdQ+/RHsIqMXhlvedTg=
x-amz-request-id: KK75ZR8GQR50RX1Q

GET
H/1.1 200
OK ftpagefold_v4.7.2.js Show response
cdn.flashtalking.com/pageFold/ Frame 9D9E 17 KB
6 KB 18ms
7ms Script
application/javascript 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/pageFold/ftpagefold_v4.7.2.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/704/7046946/4168642/js/j-7046946-4168642.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 14:39:25 GMT
Content-Encoding: gzip
x-amz-request-id: 0VY6DPPXJ6JFS55V
Connection: Keep-Alive
Content-Length: 5535
x-amz-id-2: K+UhqBvL1rOuYLr0nVqeuU5g8Iva4Qsr305l1MCO5I6PHbZM6drzq2xRNDkvCXy1IElq+1+aoYM=
Last-Modified: Fri, 04 Nov 2022 15:59:45 GMT
ETag: "1667577585"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-HW: 1675175965.dop051.fr8.t,1675175965.cds156.fr8.shn,1675175965.dop051.fr8.t,1675175965.cds235.fr8.c
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=6063
Accept-Ranges: bytes

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 9D9E 60 B
60 B 143ms
18ms Image
image/gif 85.14.248.71
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=57&extProvApi=128875&extPu=15874&extLi=199096&extPm=7046946&extCr=4168642&rnd=710235826

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.71 Kamp-Lintfort, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 14:39:24 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Di, 31 Jan 2023 02:39:25 GMT
X-ET-Code: 0
Content-Type: image/gif
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp: 977
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 9D9E
Redirect Chain

https://red.vtracy.de/img.tr?tr_adid=k199096_s15874_p7046946_c4168642&tr_div=ftdiv7046946&tr_sync=true&tr_mid=5509165A9EE61A&gdpr_consent=&gdpr=&tr_uid1=FT&&t=270865781
https://cm.g.doubleclick.net/pixel?google_nid=vivakide_dmp2&google_cm&v3=vi-d8c7047b-6a32-4083-b8bc-d8ce3f3ab609&adid=k199096_s15874_p7046946_c4168642&tr_aa=true&tr_ttd=true&tr_run=false&tr_adf=fal...
https://red.vtracy.de/tr_cm?v3=vi-d8c7047b-6a32-4083-b8bc-d8ce3f3ab609&adid=k199096_s15874_p7046946_c4168642&tr_aa=true&tr_ttd=true&tr_run=false&tr_adf=false&tr_timestamp=1675175965788&tamgdpr=&tam...
https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fred.vtracy.de%2Ftr_aa%3Fv3%3Dvi-d8c7047b-6a32-4083-b8bc-d8ce3f3ab609%26adid%3Dk199096_s15874_p7046946_c4168642%26userId%3D%25%25COOKIE...
https://red.vtracy.de/tr_aa?v3=vi-d8c7047b-6a32-4083-b8bc-d8ce3f3ab609&adid=k199096_s15874_p7046946_c4168642&userId=7194825984773388436&tr_timestamp=1675175965848&tr_run=false&tr_ttd=true&tamgdpr=&...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=m82k10l&ttd_tpi=1&ttd_puid=vi-d8c7047b-6a32-4083-b8bc-d8ce3f3ab609&gdpr=&gdpr_consent=&request_uid=Y9koHQdJf7UCsZNYh0UxiwAAAAs

70 B
265 B

118ms
30ms

Image
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=m82k10l&ttd_tpi=1&ttd_puid=vi-d8c7047b-6a32-4083-b8bc-d8ce3f3ab609&gdpr=&gdpr_consent=&request_uid=Y9koHQdJf7UCsZNYh0UxiwAAAAs
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 31 Jan 2023 14:39:26 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Date: Tue, 31 Jan 2023 14:39:25 GMT
Server: Apache
Vary: negotiate
Content-Type: text/html; charset=UTF-8
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=m82k10l&ttd_tpi=1&ttd_puid=vi-d8c7047b-6a32-4083-b8bc-d8ce3f3ab609&gdpr=&gdpr_consent=&request_uid=Y9koHQdJf7UCsZNYh0UxiwAAAAs
TCN: choice
Connection: keep-alive
Content-Location: tr_aa.tr
Content-Length: 0

GET
DATA 200
OK truncated
/ Frame 9D9E 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd1a68d112abe11d88c93eeb3a46174a736723b033980c45d3a7df312cca92c4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK style.css
cdn.flashtalking.com/174125/4168642/css/ Frame BA73 5 KB
2 KB 10ms
9ms Stylesheet
text/css 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/174125/4168642/css/style.css
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/174125/4168642/main.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 6dda262e1c3d0d36c0227a3b1f42294c2fda4115c3a1f02c9cc4a042d7eed312

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/174125/4168642/main.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 14:39:25 GMT
Content-Encoding: gzip
x-amz-request-id: KHTVANZ12CYX1MTA
Connection: Keep-Alive
Content-Length: 899
x-amz-id-2: v+koloMcjAZQS6a2BF2W7cwPUBEvfYBdslWAkdlEUtqKZSPtPg5w/Ky2tyjcHZZQzFNdDfocxZU=
Last-Modified: Thu, 22 Dec 2022 14:06:33 GMT
ETag: "1671717993"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: text/css
Access-Control-Allow-Origin: *
X-HW: 1675175965.dop051.fr8.t,1675175965.cds156.fr8.shn,1675175965.dop051.fr8.t,1675175965.cds005.fr8.c
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=153
Accept-Ranges: bytes

GET
H/1.1 200
OK gsap.min.js Show response
cdn.flashtalking.com/frameworks/js/gsap/3.1.1/ Frame BA73 56 KB
23 KB 9ms
8ms Script
text/javascript 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/frameworks/js/gsap/3.1.1/gsap.min.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/174125/4168642/main.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 732117ac92a33b760d9290a33f1541762ee9449dc417ea249b5a0df50738ad16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/174125/4168642/main.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 14:39:25 GMT
Content-Encoding: gzip
x-amz-request-id: YPTPY3R3GKEJAAR7
Connection: Keep-Alive
Content-Length: 22785
x-amz-id-2: iygj+11myJS0tWnkT7gUAQhSDRVEDnitr7bdf9i2A2APSFimNoWPJYROBYo21p/vrWEEcPIhV94=
Last-Modified: Tue, 28 Jan 2020 18:56:48 GMT
ETag: "1580237808"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
X-HW: 1675175965.dop007.fr8.shc,1675175965.dop007.fr8.t,1675175965.cds151.fr8.c
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=23879
Accept-Ranges: bytes

GET
H/1.1 200
OK EasePack.min.js Show response
cdn.flashtalking.com/frameworks/js/gsap/3.1.1/ Frame BA73 2 KB
2 KB 17ms
7ms Script
text/javascript 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/frameworks/js/gsap/3.1.1/EasePack.min.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/174125/4168642/main.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 06a7a4aaf7d24fe25c456fd70efb10c13a63b0dc9563de6f9278e57ffeaf1549

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/174125/4168642/main.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 14:39:25 GMT
Content-Encoding: gzip
x-amz-request-id: SRMEE5146YE2VJGV
Connection: Keep-Alive
Content-Length: 1370
x-amz-id-2: TNYV2uUBI3bV0OgyN2l0DkkQcJu+O6LgQ5QIzznChRGBNGrtcFfH5K/ibU1R7t9vPLJ05RnPgys=
Last-Modified: Tue, 28 Jan 2020 18:56:48 GMT
ETag: "1580237808"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
X-HW: 1675175965.dop051.fr8.t,1675175965.cds156.fr8.shn,1675175965.dop051.fr8.t,1675175965.cds005.fr8.c
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=66212
Accept-Ranges: bytes

GET
H/1.1 200
OK TextPlugin.min.js Show response
cdn.flashtalking.com/frameworks/js/gsap/3.1.1/ Frame BA73 10 KB
4 KB 21ms
8ms Script
text/javascript 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/frameworks/js/gsap/3.1.1/TextPlugin.min.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/174125/4168642/main.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 896065599d162442f45106ffece970d68db172c0b8f671c4cf3c4560ba381525

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/174125/4168642/main.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 14:39:25 GMT
Content-Encoding: gzip
x-amz-request-id: 9C4DC4502F28V644
Connection: Keep-Alive
Content-Length: 3468
x-amz-id-2: Wh78S2YXVnrsN1IB4W5TtWQqT6rEXPw58uBY0z57vXRNjHOMUNzcWR85dMm8XjNQ10+kfOCWwoU=
Last-Modified: Tue, 28 Jan 2020 18:56:48 GMT
ETag: "1580237808"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
X-HW: 1675175965.dop230.fr8.shc,1675175965.dop230.fr8.t,1675175965.cds277.fr8.c
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=51625
Accept-Ranges: bytes

GET
H/1.1 200
OK html5API.js Show response
cdn.flashtalking.com/frameworks/js/api/2/10/ Frame BA73 89 KB
29 KB 20ms
8ms Script
application/javascript 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/174125/4168642/main.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: b24207967ac402c984033e70a55264014d8a2c4a6528b5196881e3781f0c5a44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/174125/4168642/main.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 14:39:25 GMT
Content-Encoding: gzip
x-amz-request-id: 3TCBS060WZS3K5YE
Connection: Keep-Alive
Content-Length: 28626
x-amz-id-2: y/KMo9ui0cDzLsCXZOUlDzNSucIUxeesscyZCCI1GaXpCTMKX7RPBEeKdCCe8DoJT5JY+vbRK4k=
Last-Modified: Mon, 15 Aug 2022 14:14:24 GMT
ETag: "1660572864"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-HW: 1675175965.dop004.fr8.shc,1675175965.dop004.fr8.t,1675175965.cds158.fr8.c
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=1059
Accept-Ranges: bytes

GET
H2 200 /
ad-events.flashtalking.com/state/7046946;4168642;0;271;DE3A2928-DFA0-ACAF-D8B5-712C2C12EC29/ Frame 9D9E 0
67 B 217ms
21ms Image
text/plain 18.134.217.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-events.flashtalking.com/state/7046946;4168642;0;271;DE3A2928-DFA0-ACAF-D8B5-712C2C12EC29/?cachebuster=54623314
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.134.217.143 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-134-217-143.eu-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:39:25 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame 9D9E 1 B
377 B 190ms
26ms Image
text/plain 92.123.36.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?225178268-7046946;4168642;0-304-0-5509165A9EE61A-528154207
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.36.89 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-36-89.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Jan 2023 14:39:25 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Tue, 31 Jan 2023 14:39:25 GMT

GET
H/1.1 200
OK hg1.jpg
cdn.flashtalking.com/174125/4168642/images/ Frame BA73 28 KB
29 KB 10ms
10ms Image
image/jpeg 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/174125/4168642/images/hg1.jpg
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/174125/4168642/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: cf6aca4d69658e6be224bd3b542cc92c2802a34fbbcdcf49d4a67ad9af33889e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/174125/4168642/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 14:39:25 GMT
Last-Modified: Thu, 22 Dec 2022 14:06:33 GMT
x-amz-request-id: 51640JG858GYW5HS
ETag: "1671717993"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
X-HW: 1675175965.dop004.fr8.shc,1675175965.dop004.fr8.t,1675175965.cds280.fr8.c
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=153
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 28695
x-amz-id-2: ySooEk0JLLdnjpi6CIj7WSCwot6iJCyp5fVR1EW+IvFgf9jXcuk3A+Pz8EvZj5jf3IRJ7DVSfCU=

GET
H/1.1 200
OK hg2.jpg
cdn.flashtalking.com/174125/4168642/images/ Frame BA73 26 KB
26 KB 11ms
9ms Image
image/jpeg 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/174125/4168642/images/hg2.jpg
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/174125/4168642/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: cd9832da1376a347fc65a01d53fdb7022548ff8f4cc539b7cf0501b4d566da3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/174125/4168642/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 14:39:25 GMT
Last-Modified: Thu, 22 Dec 2022 14:06:33 GMT
x-amz-request-id: G8FG8BHWXR93Z1Q5
ETag: "1671717993"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
X-HW: 1675175965.dop230.fr8.shc,1675175965.dop230.fr8.t,1675175965.cds271.fr8.c
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=153
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 26197
x-amz-id-2: MyWK4TwJkZG6OTDE+bKjxjL9ecObwxuZe+GMjIbiYZDeIxBwg4ZgVAV/e0WcJeeSpM5CY6Y7WiU=

GET
H/1.1 200
OK logo.svg
cdn.flashtalking.com/174125/4168642/images/ Frame BA73 7 KB
8 KB 10ms
9ms Image
image/svg+xml 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/174125/4168642/images/logo.svg
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/174125/4168642/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 6654a63b00bdd0bf9d5826c7ab72a84f9e5647ecd6c2ace67503456319b1838e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/174125/4168642/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 14:39:25 GMT
Last-Modified: Thu, 22 Dec 2022 14:06:33 GMT
x-amz-request-id: 516D0VE26ZR4P9RQ
ETag: "1671717993"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-HW: 1675175965.dop051.fr8.t,1675175965.cds156.fr8.shn,1675175965.dop051.fr8.t,1675175965.cds146.fr8.c
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=153
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 7500
x-amz-id-2: QnL1jlvw94/Yfc8S4blNvWziQx1NcBbWuWOfBCIIGDmq7JhI3PC5xcUtnQs6YExb/sSB26M/8Lk=

GET
H/1.1 200
OK copyphase1.svg
cdn.flashtalking.com/174125/4168642/images/ Frame BA73 5 KB
6 KB 14ms
12ms Image
image/svg+xml 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/174125/4168642/images/copyphase1.svg
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/174125/4168642/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 8480f18e1c0c46bfedd2db03e63ee6a6c4ce12e4e65b4b88eb512e9afb509236

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/174125/4168642/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 14:39:25 GMT
Last-Modified: Thu, 22 Dec 2022 14:06:33 GMT
x-amz-request-id: 516051MEWJ0J7SJV
ETag: "1671717993"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-HW: 1675175965.dop007.fr8.shc,1675175965.dop007.fr8.t,1675175965.cds013.fr8.c
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=169
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 5340
x-amz-id-2: WWycwlYLuWYIPSo6/u7Z4SfeCH45ExmuL+5AWwd9eIJ9JQhw6qagc5EJ0aFviQCAc7EI2Ko1fys=

GET
H/1.1 200
OK copyphase2.svg
cdn.flashtalking.com/174125/4168642/images/ Frame BA73 23 KB
23 KB 9ms
7ms Image
image/svg+xml 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/174125/4168642/images/copyphase2.svg
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/174125/4168642/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 7aa99a2290918fcff531736ac51130ef187314c43bd03d670a856254d98e3610

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/174125/4168642/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 14:39:25 GMT
Last-Modified: Thu, 22 Dec 2022 14:06:33 GMT
x-amz-request-id: 5162SJC6Y4EMGNKP
ETag: "1671717993"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-HW: 1675175965.dop221.fr8.shc,1675175965.dop221.fr8.t,1675175965.cds168.fr8.c
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=153
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 23257
x-amz-id-2: X2UFc+b+0N6aaGRBiAKqj6wrFrxymq3AendQNtp9qi3xQSPsj+U5hH6Yu45q1cwZNpWL7f2rPKo=

GET
H/1.1 200
OK cta.svg
cdn.flashtalking.com/174125/4168642/images/ Frame BA73 5 KB
6 KB 20ms
9ms Image
image/svg+xml 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/174125/4168642/images/cta.svg
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/174125/4168642/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 5f188bd596926e30a865819ba8e19e526f0c4ad77babe539688b7bb905b8faed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/174125/4168642/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 14:39:25 GMT
Last-Modified: Thu, 22 Dec 2022 14:06:33 GMT
x-amz-request-id: 5167GFPRR5PDVMXF
ETag: "1671717993"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-HW: 1675175965.dop051.fr8.t,1675175965.cds156.fr8.shn,1675175965.dop051.fr8.t,1675175965.cds317.fr8.c
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=169
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 5238
x-amz-id-2: Q6MEnlGVnY+v5kBOE0xRbL24zYuCBkjFKkhWZICqfXZezDxZpQrRHxxZWn1NuYIpRNoJ+wfI4JU=

GET
H/1.1 200
OK pb.svg
cdn.flashtalking.com/174125/4168642/images/ Frame BA73 3 KB
4 KB 20ms
10ms Image
image/svg+xml 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/174125/4168642/images/pb.svg
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/174125/4168642/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 9bc037bd21b64c738431daeb5b7657d4f87039a1fa5dfffb5b7ffaa8c2e5ae31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/174125/4168642/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 14:39:25 GMT
Last-Modified: Thu, 22 Dec 2022 14:06:33 GMT
x-amz-request-id: 516BT4KVPV357CDZ
ETag: "1671717993"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-HW: 1675175965.dop004.fr8.shc,1675175965.dop004.fr8.t,1675175965.cds204.fr8.c
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=169
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 3496
x-amz-id-2: +l7UPn6IwGpHs1VWl08Lvk5MQ9i46HuV9L70yoAqRueuaWhrIaZvZ1mNc0e2obKxu4Bj0s660Ck=

GET
H/1.1 200
OK tag.svg
cdn.flashtalking.com/174125/4168642/images/ Frame BA73 16 KB
6 KB 20ms
8ms Image
image/svg+xml 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/174125/4168642/images/tag.svg
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/174125/4168642/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: f9299e6a9b1a3106e1489f974221459cf31a78258192b00cf9653f6a9df4b290

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/174125/4168642/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 14:39:25 GMT
Content-Encoding: gzip
x-amz-request-id: NFM9YCZJ45NS8N7B
Connection: Keep-Alive
Content-Length: 5583
x-amz-id-2: +VA8l01NkvDAdKPJWJHaUYwXClgNw6+LMopQ2cTbEJ0DIpfRNPDcYoL2iKxsABPcznWHSJppsa4=
Last-Modified: Thu, 22 Dec 2022 14:06:33 GMT
ETag: "1671717993"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-HW: 1675175965.dop240.fr8.shc,1675175965.dop240.fr8.t,1675175965.cds228.fr8.c
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=169
Accept-Ranges: bytes

GET
H/1.1 200
OK manifest.js Show response
cdn.flashtalking.com/174125/4168642/ Frame BA73 113 B
804 B 9ms
9ms Script
application/javascript 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/174125/4168642/manifest.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 0f16f24b66ab2f8d364f360596dd838468383673c7d67a7cb8c0886b121d7f3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.flashtalking.com/174125/4168642/main.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 14:39:25 GMT
Content-Encoding: gzip
x-amz-request-id: 5164HQ0C0XYNVD7B
Connection: Keep-Alive
Content-Length: 126
x-amz-id-2: a1l6pxHTHLsz13669EUL2Rr4FOJbFiqTAaDN4LVYw88LRFMXHjEhDmOsmC6SwTECOMM1RZ9TNyQ=
Last-Modified: Thu, 22 Dec 2022 14:06:33 GMT
ETag: "1671717993"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-HW: 1675175965.dop007.fr8.shc,1675175965.dop007.fr8.t,1675175965.cds167.fr8.c
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=169
Accept-Ranges: bytes

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame 9D9E 1 B
377 B 94ms
23ms Image
text/plain 92.123.36.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?225178268-7046946;4168642;0-306-0-5509165A9EE61A-350787737
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.36.89 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-36-89.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Jan 2023 14:39:25 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Tue, 31 Jan 2023 14:39:25 GMT

GET
H2 200 8229fa5a5c3ebd24f3e2eb95db7eba72.js Show response
www.gstatic.com/mysidia/ Frame 9C79 9 KB
5 KB 87ms
22ms Script
text/javascript 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8229fa5a5c3ebd24f3e2eb95db7eba72.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4486686147071812&output=html&h=280&slotname=7721001493&adk=2419587748&adf=1573534164&pi=t.ma~as.7721001493&w=1200&fwrn=4&fwrnh=100&lmt=1675175964&rafmt=1&format=1200x280&url=https%3A%2F%2Fashley.cynic.al%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175964479&bpp=1&bdt=203&idt=219&shv=r20230125&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=6704641871425&frm=20&pv=1&ga_vid=425902889.1675175965&ga_sid=1675175965&ga_hid=1409964257&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=40&ady=1147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071546%2C31071581%2C31071811%2C31071947%2C44779794%2C44782816%2C31071260%2C21065725&oid=2&pvsid=3230512511855974&tmod=110625593&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=JMkQBWltF0&p=https%3A//ashley.cynic.al&dtd=222

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b597bf422617af67b2ffe3e420f0fd2d9a01a3b95020e368c57b2a131151158

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 22:49:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 229771
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4209
x-xss-protection: 0
last-modified: Fri, 27 Jan 2023 00:31:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 28 Apr 2023 22:49:54 GMT

GET
H2 200 e3e8eddeb081af60d8fc39f5a1ec9466.js Show response
www.gstatic.com/mysidia/ Frame 9C79 150 KB
56 KB 89ms
24ms Script
text/javascript 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e3e8eddeb081af60d8fc39f5a1ec9466.js?tag=gpa/dynamic_fig_web_banner_v2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16bbae6d85d0863c5b25df395868e6edd5df6b04fe6dc682170ed1a985034ab3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 05:47:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31894
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56839
x-xss-protection: 0
last-modified: Thu, 26 Jan 2023 17:52:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 01 May 2023 05:47:51 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9C79 4 KB
912 B 47ms
46ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44f07f8c8a8443be7f8461bcfeb542cdf4e4981e23754e37cc9029c5178fa36c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 31 Jan 2023 14:39:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 12:41:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Jan 2023 14:39:25 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame 9C79 2 KB
765 B 25ms
25ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:27:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Feb 2023 14:27:12 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/ Frame 9C79 22 KB
9 KB 25ms
25ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

682b9a643ebc5c5b7f54f802fe82d4d9117b6cdff3479110b81afdccfd6148c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:27:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8871
x-xss-protection: 0
server: cafe
etag: 9510037503091481574
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Feb 2023 14:27:12 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame 9C79 3 KB
1 KB 26ms
25ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 22:53:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56727
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 22:53:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame 9C79 18 KB
7 KB 25ms
25ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 22:53:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56726
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7523
x-xss-protection: 0
server: cafe
etag: 641023367890010850
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 22:53:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9C79 157 KB
48 KB 115ms
114ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a482b87b1055665d77c94492bf4739724380d45b00083575738386b2c7ee9d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:39:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49075
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675083396089714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 14:39:25 GMT

GET
H2 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame 9C79 33 KB
14 KB 33ms
33ms Script
text/javascript 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:27:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Fri, 27 Jan 2023 00:31:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 01 May 2023 14:27:12 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 9C79 21 KB
22 KB 111ms
26ms Image
image/jpeg 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSS1ubIeE7nmAUTyRFnB6HLDCOPy5WEENAJmp5LlHF4j9XAZ-H5Egnavp5ZCQ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264ffe9589d2f8b8a16da8fac1a4a5a7286c6bb57173ae506ed7a437433601d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 15:19:04 GMT
x-content-type-options: nosniff
age: 84022
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21968
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 05:08:44 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 30 Jan 2024 15:19:04 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 9C79 16 KB
17 KB 103ms
24ms Image
image/jpeg 2a00:1450:400d:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSVaD__El1kyCTWkj0TFF-9pct-1CrTVtXvhZCjAI1BmuTwAce9rjTbBJQZB_0&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcc6252382a2afc1954de24f632eab06bc4c5c4bed650c8d244b54743eb42bc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 02:07:01 GMT
x-content-type-options: nosniff
age: 304345
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16468
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 06:59:49 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 28 Jan 2024 02:07:01 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 9C79 13 KB
14 KB 134ms
49ms Image
image/jpeg 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQt_vzd59wdxjncx5gz478or2F87INLTu7bgknPSiZ7oLnjJF7SI2GqfQmR2Q&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e8ed9d9b37ee6fc6b09218af73de7b7c11091fe9ad32601c449a67e30d2ad2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 20:17:40 GMT
x-content-type-options: nosniff
age: 66106
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13718
x-xss-protection: 0
last-modified: Fri, 11 Feb 2022 16:07:57 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 30 Jan 2024 20:17:40 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 9C79 20 KB
21 KB 109ms
30ms Image
image/jpeg 2a00:1450:400d:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRqePzUvIUI64Dy8d3xr5Q2YfvkN5WdUyXivKA_SQxZmfW-W0Ffn22E-wymSkg&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

400f13f71693508962470ecbebed7a9e70f745194c53a61f0af35d526d4cb8c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 18:03:20 GMT
x-content-type-options: nosniff
age: 74166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20899
x-xss-protection: 0
last-modified: Sat, 12 Mar 2022 01:26:09 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 30 Jan 2024 18:03:20 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 9C79 13 KB
13 KB 129ms
28ms Image
image/jpeg 2a00:1450:400d:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRGVZ9NbGXElp7Td7wjspxhYAUqKNbD1mquSAawNSOORI0vcrqNhHigYWd-oyI&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a5bbcbfe41df44d5adaeaff5cd91727665f8f8077eb937f05087feb15dbe273

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 18:22:52 GMT
x-content-type-options: nosniff
age: 159394
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13278
x-xss-protection: 0
last-modified: Sun, 10 Jul 2022 08:29:47 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 29 Jan 2024 18:22:52 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 9C79 18 KB
19 KB 112ms
27ms Image
image/jpeg 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTTEeYPeNt5bFxR7NQnhCtQXPv_oKEuKeQ-Cp9lzeLOJm6FenPVuJBNhuaike4&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6be2e9489327d4095f0ee751d8c6fd3818470af079cf65464211fbe554aa87c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 18:04:51 GMT
x-content-type-options: nosniff
age: 419675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18916
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 02:52:21 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 26 Jan 2024 18:04:51 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 9C79 21 KB
21 KB 120ms
35ms Image
image/png 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQ6VFXeHyJ7gvSjPrO9WKPRNfvOFgfjrDZNailwVxjT2HR8xkt6&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13445ee05df55dc76c54059d73ae5077c4d08a7fd52c8dcb68e55b5b26ff2c78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 18:21:47 GMT
x-content-type-options: nosniff
age: 73059
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21587
x-xss-protection: 0
last-modified: Wed, 10 Jul 2019 07:52:36 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 30 Jan 2024 18:21:47 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 9C79 0
234 B 333ms
134ms Ping
image/gif 2a00:1450:4028:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ldkcinv7&c=3116925233378&slotId=1558462616689&qqid=COr9weKE8vwCFS1IHgId3pIJNQ&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ssc&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e3e8eddeb081af60d8fc39f5a1ec9466.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4028:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 14:39:26 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hq1.jpg
i1.ytimg.com/vi/CypXBL-XD_g/ Frame 9C79 8 KB
8 KB 143ms
27ms Image
image/jpeg 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.ytimg.com/vi/CypXBL-XD_g/hq1.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fe7488df0deba68b287be3e820ddf96ec3c49c2adab239675a48994b0a768ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:36:00 GMT
x-content-type-options: nosniff
age: 206
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8072
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 31 Jan 2023 16:36:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9C79 0
0 66ms
66ms Fetch
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CeaIOHCjZY-r_LK2Q-cAP3qWmqAPb3PG5bvuRk92JEebm_6ucMhABIKDBqgVglYKAgLAHoAHwvcb2A8gBCakCv9hpvxU0sj6oAwHIA8sEqgTQAU_QaZXWjmRQjQZz2qVXYHFDNgZOnzj1SwsrKJsGIwNZq6o53kq8HjcVNb3unRPshJB1y8r4TycaGIk6DyZZGlNu4mR0_xwxg9YJFbbYyVo-eUPIMTOCf_jXXElKGxubfFXSeS_q6cSIJs3jeVzKPvgNyBKA6T47lqO7kiuQQJIsp9cqhYw5HmOLFSxuocci-TnctPOxa-L0aBv1GkG0QwwkNZThaO0zMST3vLXASqSwi20v6Brx__iGoClANHFbxD6JVg6-F5FUOzL7Ta-jqjDABK-u0NGLBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAf4wbkJqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEJXgE9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BML0BUBmBYBgBcBshccChoIABIUcHViLTQ0ODY2ODYxNDcwNzE4MTIYAA&sigh=_1BOCk1JDRY&uach_m=[UACH]&cid=CAQSGwDUE5ymN-Tx6JnvYQSkgI_uUNCWCP78tdhziRgBIBM&template_id=499

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4486686147071812&output=html&h=280&slotname=7721001493&adk=2419587748&adf=1573534164&pi=t.ma~as.7721001493&w=1200&fwrn=4&fwrnh=100&lmt=1675175964&rafmt=1&format=1200x280&url=https%3A%2F%2Fashley.cynic.al%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175964479&bpp=1&bdt=203&idt=219&shv=r20230125&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=6704641871425&frm=20&pv=1&ga_vid=425902889.1675175965&ga_sid=1675175965&ga_hid=1409964257&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=40&ady=1147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071546%2C31071581%2C31071811%2C31071947%2C44779794%2C44782816%2C31071260%2C21065725&oid=2&pvsid=3230512511855974&tmod=110625593&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=JMkQBWltF0&p=https%3A//ashley.cynic.al&dtd=222
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 31 Jan 2023 14:39:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9C79 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: adb57b7f63baa3c469a5ebcc67f987f95850e3372c6b409433b90d2e0562b548

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 9D64 6 KB
672 B 48ms
47ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4486686147071812&output=html&h=280&slotname=7721001493&adk=2419587748&adf=3025194257&pi=t.ma~as.7721001493&w=1200&fwrn=4&fwrnh=100&lmt=1675175964&rafmt=1&format=1200x280&url=https%3A%2F%2Fashley.cynic.al%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175964477&bpp=2&bdt=201&idt=213&shv=r20230125&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6704641871425&frm=20&pv=1&ga_vid=425902889.1675175965&ga_sid=1675175965&ga_hid=1409964257&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=40&ady=154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071546%2C31071581%2C31071811%2C31071947%2C44779794%2C44782816%2C31071260%2C21065725&oid=2&pvsid=3230512511855974&tmod=110625593&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eXazdS7NIk&p=https%3A//ashley.cynic.al&dtd=218

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 31 Jan 2023 14:39:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 14:38:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Jan 2023 14:39:26 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame 9D64 2 KB
765 B 26ms
25ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4486686147071812&output=html&h=280&slotname=7721001493&adk=2419587748&adf=3025194257&pi=t.ma~as.7721001493&w=1200&fwrn=4&fwrnh=100&lmt=1675175964&rafmt=1&format=1200x280&url=https%3A%2F%2Fashley.cynic.al%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175964477&bpp=2&bdt=201&idt=213&shv=r20230125&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6704641871425&frm=20&pv=1&ga_vid=425902889.1675175965&ga_sid=1675175965&ga_hid=1409964257&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=40&ady=154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071546%2C31071581%2C31071811%2C31071947%2C44779794%2C44782816%2C31071260%2C21065725&oid=2&pvsid=3230512511855974&tmod=110625593&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eXazdS7NIk&p=https%3A//ashley.cynic.al&dtd=218

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:27:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Feb 2023 14:27:12 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/ Frame 9D64 22 KB
9 KB 26ms
25ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4486686147071812&output=html&h=280&slotname=7721001493&adk=2419587748&adf=3025194257&pi=t.ma~as.7721001493&w=1200&fwrn=4&fwrnh=100&lmt=1675175964&rafmt=1&format=1200x280&url=https%3A%2F%2Fashley.cynic.al%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175964477&bpp=2&bdt=201&idt=213&shv=r20230125&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6704641871425&frm=20&pv=1&ga_vid=425902889.1675175965&ga_sid=1675175965&ga_hid=1409964257&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=40&ady=154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071546%2C31071581%2C31071811%2C31071947%2C44779794%2C44782816%2C31071260%2C21065725&oid=2&pvsid=3230512511855974&tmod=110625593&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eXazdS7NIk&p=https%3A//ashley.cynic.al&dtd=218

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

682b9a643ebc5c5b7f54f802fe82d4d9117b6cdff3479110b81afdccfd6148c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:27:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8871
x-xss-protection: 0
server: cafe
etag: 9510037503091481574
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Feb 2023 14:27:12 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame 9D64 3 KB
1 KB 29ms
27ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4486686147071812&output=html&h=280&slotname=7721001493&adk=2419587748&adf=3025194257&pi=t.ma~as.7721001493&w=1200&fwrn=4&fwrnh=100&lmt=1675175964&rafmt=1&format=1200x280&url=https%3A%2F%2Fashley.cynic.al%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175964477&bpp=2&bdt=201&idt=213&shv=r20230125&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6704641871425&frm=20&pv=1&ga_vid=425902889.1675175965&ga_sid=1675175965&ga_hid=1409964257&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=40&ady=154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071546%2C31071581%2C31071811%2C31071947%2C44779794%2C44782816%2C31071260%2C21065725&oid=2&pvsid=3230512511855974&tmod=110625593&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eXazdS7NIk&p=https%3A//ashley.cynic.al&dtd=218

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 22:53:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56727
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 22:53:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame 9D64 18 KB
7 KB 27ms
26ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4486686147071812&output=html&h=280&slotname=7721001493&adk=2419587748&adf=3025194257&pi=t.ma~as.7721001493&w=1200&fwrn=4&fwrnh=100&lmt=1675175964&rafmt=1&format=1200x280&url=https%3A%2F%2Fashley.cynic.al%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175964477&bpp=2&bdt=201&idt=213&shv=r20230125&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6704641871425&frm=20&pv=1&ga_vid=425902889.1675175965&ga_sid=1675175965&ga_hid=1409964257&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=40&ady=154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071546%2C31071581%2C31071811%2C31071947%2C44779794%2C44782816%2C31071260%2C21065725&oid=2&pvsid=3230512511855974&tmod=110625593&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eXazdS7NIk&p=https%3A//ashley.cynic.al&dtd=218

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 22:53:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56727
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7523
x-xss-protection: 0
server: cafe
etag: 641023367890010850
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 22:53:59 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9D64 157 KB
48 KB 84ms
84ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4486686147071812&output=html&h=280&slotname=7721001493&adk=2419587748&adf=3025194257&pi=t.ma~as.7721001493&w=1200&fwrn=4&fwrnh=100&lmt=1675175964&rafmt=1&format=1200x280&url=https%3A%2F%2Fashley.cynic.al%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175964477&bpp=2&bdt=201&idt=213&shv=r20230125&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6704641871425&frm=20&pv=1&ga_vid=425902889.1675175965&ga_sid=1675175965&ga_hid=1409964257&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=40&ady=154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071546%2C31071581%2C31071811%2C31071947%2C44779794%2C44782816%2C31071260%2C21065725&oid=2&pvsid=3230512511855974&tmod=110625593&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eXazdS7NIk&p=https%3A//ashley.cynic.al&dtd=218

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a482b87b1055665d77c94492bf4739724380d45b00083575738386b2c7ee9d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:39:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49075
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675083396089714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 14:39:26 GMT

GET
H3 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame 9D64 33 KB
14 KB 29ms
28ms Script
text/javascript 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4486686147071812&output=html&h=280&slotname=7721001493&adk=2419587748&adf=3025194257&pi=t.ma~as.7721001493&w=1200&fwrn=4&fwrnh=100&lmt=1675175964&rafmt=1&format=1200x280&url=https%3A%2F%2Fashley.cynic.al%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175964477&bpp=2&bdt=201&idt=213&shv=r20230125&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6704641871425&frm=20&pv=1&ga_vid=425902889.1675175965&ga_sid=1675175965&ga_hid=1409964257&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=40&ady=154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071546%2C31071581%2C31071811%2C31071947%2C44779794%2C44782816%2C31071260%2C21065725&oid=2&pvsid=3230512511855974&tmod=110625593&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eXazdS7NIk&p=https%3A//ashley.cynic.al&dtd=218

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:27:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Fri, 27 Jan 2023 00:31:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 01 May 2023 14:27:12 GMT

GET
H/1.1 206
Partial Content videoplayback
rr1---sn-n02xgoxufvg3-2gbs.googlevideo.com/ Frame 9C79 787 KB
787 KB 165ms
16ms Media
video/mp4 2a01:28:cb6:3::c
SUPERNETWORK ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://rr1---sn-n02xgoxufvg3-2gbs.googlevideo.com/videoplayback?expire=1675204765&ei=HSjZY5LtL4fzyQW8_7XYCQ&ip=2a02:6ea0:c71b:0:1012:799b:71b6:e1e2&id=0b2a5704bf970ff8&itag=18&source=youtube&requiressl=yes&mh=Hh&mm=31&mn=sn-n02xgoxufvg3-2gbs&ms=au&mv=m&mvi=1&pl=48&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=21.455&lmt=1665457021026105&mt=1675175346&txp=4530434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIge4L2akkHyJxsCgJ0kf8RHi_1jOk8W9gLv_5iKoO45wICIQDt5y7GrYpTdu1ZNORHLBD0adUZYWVq-N7XXa7Of_SiDw==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhALzwz5pu3VHKig8Pc4ZxnCHfmXUbQ6LgyRvfzEwyVly6AiBC7LpvRAc5OiUNUfRvMEE-ZpH3u1LUEn6dp-dUQbEU7g==&cpn=UeeKPxSNfxDv4McB

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a01:28:cb6:3::c Prague, Czech Republic, ASN39392 (SUPERNETWORK ^_^, CZ),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

5a7bf88a98461fddcfaa7d962b42df3e8c761870ee1955b38c2d5f043f0b8160

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Range: bytes=0-

Response headers

Date: Tue, 31 Jan 2023 14:39:26 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 11 Oct 2022 02:57:01 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-805467/805468
Cache-Control: private, max-age=28499
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 805468
Expires: Tue, 31 Jan 2023 14:39:26 GMT

GET
H2 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 9C79 17 KB
17 KB 23ms
22ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d524bfae27e5abd09253fc0750d127771c61bf3b8aad0ea5c23db7b0148a23f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 04:48:19 GMT
x-content-type-options: nosniff
age: 208267
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17204
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:04:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jan 2024 04:48:19 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9D64 0
0 64ms
64ms Fetch
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cs_cfHCjZY4nNLNKM-cAPxauv6ArNwNexbuj575SqC9nZHhABIKDBqgVglYKAgLAHoAG91LLMA8gBCakCv9hpvxU0sj6oAwHIA8sEqgTQAU_QSLzTmCaJRdqip9w_Bp8-CBrzH1v5oZuPP3GgfsoVktV8Qbu3k-9GdxceszXZCnDrmetvanuXMrJlbblkBI-d8Cf8VpeNI4yXmpMRQ5QuiCVR69knnIBhR25StAl2a9qJe66KbAaoZgXAl4enaCScEBK0jsmMvLwG91Rz6mc9NVbbKCpB5sk1vuhg_7Zp5XkbePikfVnGr2_tO-v7l75oUw_r38Tb6iRNBWArzZZDGcqefP-ncxsEk4dPY-TWkUmKWE2wje_H9RlzTNpdo7XABIaalcjmApIFBAgEGAGSBQQIBRgEoAYugAerq80zqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ-Yso0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMMiBQI0BUBgBcBshccChoIABIUcHViLTQ0ODY2ODYxNDcwNzE4MTIYAA&sigh=6Gw2Pj1Otig&uach_m=[UACH]&cid=CAQSGwDUE5ymB8fwyYg2FzKHizeHi17S2Jw4wOFDrhgBIBM&template_id=484

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4486686147071812&output=html&h=280&slotname=7721001493&adk=2419587748&adf=3025194257&pi=t.ma~as.7721001493&w=1200&fwrn=4&fwrnh=100&lmt=1675175964&rafmt=1&format=1200x280&url=https%3A%2F%2Fashley.cynic.al%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175964477&bpp=2&bdt=201&idt=213&shv=r20230125&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6704641871425&frm=20&pv=1&ga_vid=425902889.1675175965&ga_sid=1675175965&ga_hid=1409964257&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=40&ady=154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071546%2C31071581%2C31071811%2C31071947%2C44779794%2C44782816%2C31071260%2C21065725&oid=2&pvsid=3230512511855974&tmod=110625593&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eXazdS7NIk&p=https%3A//ashley.cynic.al&dtd=218

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4486686147071812&output=html&h=280&slotname=7721001493&adk=2419587748&adf=3025194257&pi=t.ma~as.7721001493&w=1200&fwrn=4&fwrnh=100&lmt=1675175964&rafmt=1&format=1200x280&url=https%3A%2F%2Fashley.cynic.al%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175964477&bpp=2&bdt=201&idt=213&shv=r20230125&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6704641871425&frm=20&pv=1&ga_vid=425902889.1675175965&ga_sid=1675175965&ga_hid=1409964257&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=40&ady=154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071546%2C31071581%2C31071811%2C31071947%2C44779794%2C44782816%2C31071260%2C21065725&oid=2&pvsid=3230512511855974&tmod=110625593&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eXazdS7NIk&p=https%3A//ashley.cynic.al&dtd=218
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 31 Jan 2023 14:39:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/11316280931932632950/ Frame 9D64 3 KB
4 KB 68ms
68ms Image
image/png 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11316280931932632950/14763004658117789537?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4486686147071812&output=html&h=280&slotname=7721001493&adk=2419587748&adf=3025194257&pi=t.ma~as.7721001493&w=1200&fwrn=4&fwrnh=100&lmt=1675175964&rafmt=1&format=1200x280&url=https%3A%2F%2Fashley.cynic.al%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175964477&bpp=2&bdt=201&idt=213&shv=r20230125&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6704641871425&frm=20&pv=1&ga_vid=425902889.1675175965&ga_sid=1675175965&ga_hid=1409964257&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=40&ady=154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071546%2C31071581%2C31071811%2C31071947%2C44779794%2C44782816%2C31071260%2C21065725&oid=2&pvsid=3230512511855974&tmod=110625593&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eXazdS7NIk&p=https%3A//ashley.cynic.al&dtd=218

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84547515a6e14b2e05a9fe95cc546bf675b7631bb5ca51eba111d72b4447270d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:39:26 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3576
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 14:09:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 31 Jan 2024 14:39:26 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/9315118889271181551/ Frame 9D64 1 KB
1 KB 89ms
89ms Image
image/png 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9315118889271181551/14763004658117789537?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4486686147071812&output=html&h=280&slotname=7721001493&adk=2419587748&adf=3025194257&pi=t.ma~as.7721001493&w=1200&fwrn=4&fwrnh=100&lmt=1675175964&rafmt=1&format=1200x280&url=https%3A%2F%2Fashley.cynic.al%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175964477&bpp=2&bdt=201&idt=213&shv=r20230125&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6704641871425&frm=20&pv=1&ga_vid=425902889.1675175965&ga_sid=1675175965&ga_hid=1409964257&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=40&ady=154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071546%2C31071581%2C31071811%2C31071947%2C44779794%2C44782816%2C31071260%2C21065725&oid=2&pvsid=3230512511855974&tmod=110625593&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eXazdS7NIk&p=https%3A//ashley.cynic.al&dtd=218

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

085ee4a2d083f202c561812ca3bc8b26147656c582efa170d5de0ff907a5dd39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:39:26 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1196
x-xss-protection: 0
last-modified: Wed, 10 Aug 2022 11:15:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 31 Jan 2024 14:39:26 GMT

GET
DATA 200
OK truncated
/ Frame 9D64 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7a15051d0b1f5cfc22e729b3a24d733b0e6e0429b4fdcdccfefed4e3ff4d675

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9D64 15 KB
15 KB 29ms
26ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 01:58:46 GMT
x-content-type-options: nosniff
age: 477640
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jan 2024 01:58:46 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9D64 15 KB
16 KB 32ms
29ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:49:45 GMT
x-content-type-options: nosniff
age: 575381
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Jan 2024 22:49:45 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9D64 15 KB
15 KB 44ms
42ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 11:48:56 GMT
x-content-type-options: nosniff
age: 96630
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Jan 2024 11:48:56 GMT

GET
H3 200 2e6kLxeeSlTXLHIHKIZu8zKMmhAlZmQUgR37z8_ueWI.js Show response
pagead2.googlesyndication.com/bg/ Frame 08E3 36 KB
14 KB 24ms
23ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2e6kLxeeSlTXLHIHKIZu8zKMmhAlZmQUgR37z8_ueWI.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4486686147071812&output=html&h=280&slotname=7721001493&adk=2419587748&adf=3025194257&pi=t.ma~as.7721001493&w=1200&fwrn=4&fwrnh=100&lmt=1675175964&rafmt=1&format=1200x280&url=https%3A%2F%2Fashley.cynic.al%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675175964477&bpp=2&bdt=201&idt=213&shv=r20230125&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6704641871425&frm=20&pv=1&ga_vid=425902889.1675175965&ga_sid=1675175965&ga_hid=1409964257&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=40&ady=154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071546%2C31071581%2C31071811%2C31071947%2C44779794%2C44782816%2C31071260%2C21065725&oid=2&pvsid=3230512511855974&tmod=110625593&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eXazdS7NIk&p=https%3A//ashley.cynic.al&dtd=218

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9eea42f179e4a54d72c720728866ef3328c9a1025666414811dfbcfcfee7962

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 20:21:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 497894
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14224
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Jan 2024 20:21:12 GMT

GET
H2 200 share_button.php Show response
www.facebook.com/v2.4/plugins/ Frame 6C1A 42 KB
16 KB 145ms
73ms Document
text/html 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.4/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df343d4872a882c8%26domain%3Dashley.cynic.al%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fashley.cynic.al%252Ff312f8f857e02d%26relation%3Dparent.parent&container_width=1520&href=https%3A%2F%2Fashley.cynic.al%2F&layout=button_count&locale=en_GB&sdk=joey

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js?hash=acb8436607d0e2880f029328438e33e5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

56abbd384616518947008f2fde81a97c7258f5ace67ead53996c0d3717174698

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ashley.cynic.al/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 14:39:26 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v9.0
origin-agent-cluster: ?0
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: YGYj/YS54tI6PxPibu2i9Yq/EtKjnU+I8i0HW89Fx9JbMDr2qeNDC1uQTQrDlEnDxQpm0JzSOX9CkAfuasze2w==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 148ms
71ms XHR
application/json 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230125&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38da56fff19dd1ef991dbf88143bc8e56bce50658e291cb0df0bd2e57f1e6e0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ashley.cynic.al/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:39:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11046
x-xss-protection: 0

GET
H3 200 2e6kLxeeSlTXLHIHKIZu8zKMmhAlZmQUgR37z8_ueWI.js Show response
pagead2.googlesyndication.com/bg/ Frame 9FB6 36 KB
14 KB 37ms
35ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2e6kLxeeSlTXLHIHKIZu8zKMmhAlZmQUgR37z8_ueWI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9eea42f179e4a54d72c720728866ef3328c9a1025666414811dfbcfcfee7962

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 20:21:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 497894
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14224
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Jan 2024 20:21:12 GMT

GET
H2 200 GzgedhmzSQa.png
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame 6C1A 272 B
530 B 8ms
7ms Image
image/png 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/GzgedhmzSQa.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v2.4/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df343d4872a882c8%26domain%3Dashley.cynic.al%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fashley.cynic.al%252Ff312f8f857e02d%26relation%3Dparent.parent&container_width=1520&href=https%3A%2F%2Fashley.cynic.al%2F&layout=button_count&locale=en_GB&sdk=joey

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0187fed1f15750c2fa9e427912bb64d209aad8b47ee4fa9576f6666b68188d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:39:26 GMT
x-content-type-options: nosniff
content-md5: lIjeC3eJAboxVqIOEs/Auw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 272
x-fb-rlafr: 0
x-fb-debug: 1eSxMFmXxsqLo+j7xOH2MKib8aMIGXK5M4zlBojZYMyWscpPqmw1jHN3VhdIsaV/5VkNJ5yhMLIn9LEhwY38mg==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 23 Jan 2024 07:57:08 GMT

GET
H2 200 n--GFn3O0Pn.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7244/yV/l/en_GB/ Frame 6C1A 526 KB
135 KB 11ms
11ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7244/yV/l/en_GB/n--GFn3O0Pn.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

efc2109acfbfa64d0a0fcf530d507348dccb5f6973c486fe0ccf001acf8f0262

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:39:26 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: dX8sces8ormj/u0cPc0lJQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 138237
x-fb-rlafr: 0
x-fb-debug: EVWcM4bgaV+l0PG701yjalTAzuzeg0AS0OSTYYIZeNPP+FK0thaxpeZtKtBOd2Bus/ZnFEMlZEjwixoiOEgU3g==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 31 Jan 2024 05:23:53 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 70ms
70ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ashley.cynic.al/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:39:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 14:39:26 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 37EE 13 KB
5 KB 33ms
25ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ashley.cynic.al/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 735
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 14:27:11 GMT
expires: Wed, 31 Jan 2024 14:27:11 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D671 783 B
1 KB 127ms
49ms Document
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b4b9e6d3c73dd8bde37a70b38cb9febcb294eaa054a92fb08b107d8fbc78286d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_hqKce9OStX5kt2jjjXakw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ashley.cynic.al/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-_hqKce9OStX5kt2jjjXakw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 14:39:26 GMT
expires: Tue, 31 Jan 2023 14:39:26 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 2e6kLxeeSlTXLHIHKIZu8zKMmhAlZmQUgR37z8_ueWI.js Show response
pagead2.googlesyndication.com/bg/ Frame 37EE 36 KB
14 KB 25ms
25ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2e6kLxeeSlTXLHIHKIZu8zKMmhAlZmQUgR37z8_ueWI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9eea42f179e4a54d72c720728866ef3328c9a1025666414811dfbcfcfee7962

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 20:21:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 497894
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14224
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Jan 2024 20:21:12 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D671 0
0 58ms
57ms Image
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230125&jk=3230512511855974&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9D9E 42 B
64 B 67ms
66ms Fetch
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvfpJbODzicIkAP9WaT4biya7Lw_7RZ7r1LRL3kG-U6svejHMhRXRGipM4n14-n-fTSPAVK7i6vdEKrL2oHlamwMMZI2hMA2_oy8hxaTUQboi4c27gfPQnRfd1W&sai=AMfl-YR90704BR0x9xoOg1cSsJJUxWCNPzPS-H5s87Yl3LmG_oCqgMd7Z1WA_-3k3qOh9zCiskgyGe2zRx6Gx4s&sig=Cg0ArKJSzA67U3US3sxEEAE&cid=CAQSGwDUE5ymPNOEaO_TIf72PMvyjDV7IyRN4EecrBgBIBM&id=lidar2&mcvt=1001&p=0,0,90,728&mtos=613,1001,1001,1001,1001&tos=613,388,0,0,0&v=20230130&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675175965223&rpt=535&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 14:39:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 37EE 0
10 B 49ms
44ms Image
text/plain 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?g-sDaw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:39:26 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame 9D9E 1 B
377 B 44ms
43ms Image
text/plain 92.123.36.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?225178268-7046946;4168642;0-307-0-5509165A9EE61A-706946064
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.36.89 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-36-89.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Jan 2023 14:39:26 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Tue, 31 Jan 2023 14:39:26 GMT

GET
H2 200 /
ad-events.flashtalking.com/state/7046946;4168642;0;202;DE3A2928-DFA0-ACAF-D8B5-712C2C12EC29/ Frame 9D9E 0
66 B 27ms
26ms Image
text/plain 18.134.217.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-events.flashtalking.com/state/7046946;4168642;0;202;DE3A2928-DFA0-ACAF-D8B5-712C2C12EC29/?cachebuster=851678039
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.134.217.143 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-134-217-143.eu-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 14:39:26 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain; charset=utf-8

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9D9E 0
20 B 55ms
55ms Ping
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7962560859470&version=m202301230201&ct=77&x=1&cor=17661384981480319000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 14:39:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9D64 42 B
64 B 61ms
60ms Fetch
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvZ7FL5D_0VT72ZJxJCeD-4N0H5o4-ckHGhi-YBHW-Qqapzwn1do6job0KXkCj7XEcAQHntKjj5QMagbOm7DedUYf-fuYRwFj8D5ns4xAjm1loAN4KHR67mkHpPQTLFRl7SkVTfTQ&sai=AMfl-YQ4QDlDTeP1cfDrgsQ7YyrhvC0134xdnz_Hwfv3mt2FdQiIFYPZrzUKDbRZyIXoo-lKvHTUlzqcDdDv93U&sig=Cg0ArKJSzFJhu1MJY4dcEAE&cid=CAQSGwDUE5ymB8fwyYg2FzKHizeHi17S2Jw4wOFDrhgBIBM&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230130&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2419587748&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675175964696&rpt=1608&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 14:39:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 76ms
72ms Image
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230125&jk=3230512511855974&bg=!REelRwPNAAbFy4Ck5cs7ACkAdvg8WpPfPiO5MlGDWiz3ALiV6ySUUfww2SYZIK5r2QED0sxY5HHMWAIAAADMUgAAAANoAQeZAqnNmIJXMSPIot_yf1Px8iAOxRtLSpimFn9Ql0yQYSqhjeDy655zKEPfW0Gj4d6fAbcPlQ2nkq4DYJmiK1oZNloJnFLJ9slhPaaq2KJsTU5kTfwpMtXbJYQmr7PKI_gPGT9YlWwrgC2TQRAXcVAwdZYFCpz29B8IlpYaCQuxs8OQMkHm17X_d9oKAg7N41aPoilY9T8qQFXHtxseFlojnqCxfpuig--7-i9ALmW2MIx-9JWO7gJJbSInk_7wc_Hb8ETgSJdcOckbmJL6PNxO6FPye2oHkI1t4AfhUgcpFuPNZJcAZfKXcR3qYkZ8NAwZBrgrDbmgpSsjc5BXDQBwapUFZmAXCrH-OBCxrMQsN2tM30VDEdqut0HEYN_D_4KCDolXqNz4UAv95tHyF1TT09b_yinjyVV0Ema0IyWULCyRZw2NQp1I5Mx_12C3_ThUJKthvo9x3shTpvDLVUGioXiEQER51WkHlGqBvyoNyeD5Y3UaSp5wfnXRQD_hcBtzAQ58wQEOiYlWvgncROIFuQu_AKl6OxaCcuH7ZzdwDSimjM9fCIRo6FMD2pp8Myi3Avk_SQc79zFvvm7sACE-EPgMw4e2ajfoSNyh_HbvIhQYnet5NY7PjlJdUTFEF8hvcSphEk7h_qWHjUMjCqbRchcpd8eNQ25EtYF3j48H3mtQtxdzR7w5de_AkmHgAPaoonitT9MK3WBG9c1NRQdEpZm2kyaQKdnjQXwS_-zRzgTx1iCrew08XlK0cNqp6MU_iXnm8A4MffMbYI2ToiGKK2YBuaQVs2zPGIZYh4OZW_VLyXzQ1_aAT3yE0Xd6d6FHKClthUjQlbbgLVeMuHI_X_2P_JqSzlp9Iy1vKFDRy6d35w7VtfIbwQj7G2L2gWTP3meHHlQeiOs_aTs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ashley.cynic.al/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame 9C79 0
54 B 159ms
127ms Ping
image/gif 2a00:1450:4028:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~ldkcinvf&c=3116925233378&slotId=1558462616689&qqid=COr9weKE8vwCFS1IHgId3pIJNQ&umsem=0&ple=1&ape=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e3e8eddeb081af60d8fc39f5a1ec9466.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4028:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 14:39:27 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cynic.al/	1970-01-20 18:55:35	Name: _ga Value: GA1.2.425902889.1675175965
.cynic.al/	1970-01-20 09:21:02	Name: _gid Value: GA1.2.1033900471.1675175965
.cynic.al/	1970-01-20 09:19:36	Name: _gat Value: 1
.cynic.al/	1970-01-20 18:41:11	Name: __gads Value: ID=755eb7ef3abeeb3e-22d02dd9c2da008e:T=1675175964:RT=1675175964:S=ALNI_Ma2QwII8u8RuBQRmtYpqvkvNcIqvA
.cynic.al/	1970-01-20 18:41:11	Name: __gpi Value: UID=00000bad2a879e10:T=1675175964:RT=1675175964:S=ALNI_Mb3pQww8_4qzBrmPZPb6wRhAWeUig
.doubleclick.net/	1970-01-20 18:41:11	Name: IDE Value: AHWqTUkOBZ_IgVnc7LcND4Kp9cXxL8OP4OhpQMI3hZMmqp2dxzdG3vHETvyo59Rs
.casalemedia.com/	1970-01-20 18:05:11	Name: CMID Value: Y9koHYh6bxUZVfvNQdd-TQAA
.casalemedia.com/	1970-01-20 11:29:11	Name: CMPS Value: 1179
.casalemedia.com/	1970-01-20 11:29:11	Name: CMPRO Value: 1179
.adnxs.com/	1970-01-20 11:29:11	Name: uuid2 Value: 6660235780799463726
.adnxs.com/	1970-01-20 11:29:11	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GU$d=)EU!]tbPl1M>e)ZlrFUfJ+tGXvX+:>wC<:XKpbMv^neAfo4j[+%I#b#r+2>_jtV3If)y3KL9D3I?+D.Zvtu
.vtracy.de/	1970-01-20 11:29:08	Name: tr_id Value: vi-d8c7047b-6a32-4083-b8bc-d8ce3f3ab609
.vtracy.de/	1970-01-20 09:39:45	Name: tr_dt Value: 2023-01-31+15%3A39%3A25
.vtracy.de/	1970-01-20 09:39:45	Name: tr_gsd_pm_dach Value: 2023-01-31+15%3A39%3A25
m.exactag.com/	1970-01-20 11:29:11	Name: exactag_new_gk Value: 660fe1e09bdc46f8b5995778d1a6a282%7C01.04.2023%2014%3A39%3A25
m.exactag.com/	1970-01-20 13:38:47	Name: exactag_new_uk Value: afb4eaff34f4460181d481bb8e938314%7C
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 1f1cd9bcd6d44338a85ba583
.doubleclick.net/	1970-01-20 09:19:36	Name: test_cookie Value: CheckForPermission
.adfarm1.adition.com/	1970-01-20 11:29:11	Name: UserID1 Value: 7194825984773388436
.vtracy.de/	1970-01-20 09:39:45	Name: tr_aasd_pm_dach Value: 2023-01-31+15%3A39%3A25

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-events.flashtalking.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
ashley.cynic.al
cdn.flashtalking.com
cm.g.doubleclick.net
connect.facebook.net
csi.gstatic.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i1.ytimg.com
ib.adnxs.com
m.exactag.com
match.adsrvr.org
pagead2.googlesyndication.com
partner.googleadservices.com
red.vtracy.de
rr1---sn-n02xgoxufvg3-2gbs.googlevideo.com
servedby.flashtalking.com
stat.flashtalking.com
static.xx.fbcdn.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
104.96.137.173
15.197.193.217
172.217.20.2
18.134.217.143
185.80.39.216
185.89.210.90
205.185.216.42
2606:4700:10::6816:48a
2a00:1450:400d:803::200e
2a00:1450:400d:805::2003
2a00:1450:400d:805::200e
2a00:1450:400d:806::2002
2a00:1450:400d:807::2001
2a00:1450:400d:807::2002
2a00:1450:400d:807::200e
2a00:1450:400d:808::2003
2a00:1450:400d:808::200a
2a00:1450:400d:80a::2002
2a00:1450:400d:80a::200a
2a00:1450:400d:80c::200e
2a00:1450:400d:80d::2004
2a00:1450:400d:80d::200e
2a00:1450:400d:80e::2002
2a00:1450:400d:80e::200e
2a00:1450:4025:401::9b
2a00:1450:4028:808::2003
2a01:28:cb6:3::c
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
35.157.84.104
85.114.159.93
85.14.248.71
92.123.36.89
0187fed1f15750c2fa9e427912bb64d209aad8b47ee4fa9576f6666b68188d36
04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94
06a7a4aaf7d24fe25c456fd70efb10c13a63b0dc9563de6f9278e57ffeaf1549
07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a
085ee4a2d083f202c561812ca3bc8b26147656c582efa170d5de0ff907a5dd39
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f16f24b66ab2f8d364f360596dd838468383673c7d67a7cb8c0886b121d7f3f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13445ee05df55dc76c54059d73ae5077c4d08a7fd52c8dcb68e55b5b26ff2c78
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
16bbae6d85d0863c5b25df395868e6edd5df6b04fe6dc682170ed1a985034ab3
1977d4316a216ca83d70586312ab8753067c5deb7f8d2a02561a4a021a92eae5
2473828306f3c31cc1d280ccca23c582718f0adcdbf4b15a90b6cb5770b5289c
2557e4d35e58e5d14826828343ca8fee6efa3f86f9e4733029f8586d3686e374
264ffe9589d2f8b8a16da8fac1a4a5a7286c6bb57173ae506ed7a437433601d3
2a5bbcbfe41df44d5adaeaff5cd91727665f8f8077eb937f05087feb15dbe273
2e0996951e05cb036623d8174f2bed104cc1b4874926c9515bed384624ea7547
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
371dfd5d3aee10ac5147622116aaeb215e34e69600dfa48025bd80cee0655336
38da56fff19dd1ef991dbf88143bc8e56bce50658e291cb0df0bd2e57f1e6e0f
3c9e4f752dff8d9e2aeca1c10ed010c986a01b4b8c37c9d12d4c365fd03a8517
400f13f71693508962470ecbebed7a9e70f745194c53a61f0af35d526d4cb8c3
44cfb53f8f07e00d2cf7353234880f139683fef30d4375ab131f1a58e5f157d9
44f07f8c8a8443be7f8461bcfeb542cdf4e4981e23754e37cc9029c5178fa36c
47fa36ba5e66b7d3623eb107ff09b738eaecb6e2fc15c25491ac86750ac85c10
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4fe7488df0deba68b287be3e820ddf96ec3c49c2adab239675a48994b0a768ba
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56abbd384616518947008f2fde81a97c7258f5ace67ead53996c0d3717174698
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a7bf88a98461fddcfaa7d962b42df3e8c761870ee1955b38c2d5f043f0b8160
5f188bd596926e30a865819ba8e19e526f0c4ad77babe539688b7bb905b8faed
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6654a63b00bdd0bf9d5826c7ab72a84f9e5647ecd6c2ace67503456319b1838e
682b9a643ebc5c5b7f54f802fe82d4d9117b6cdff3479110b81afdccfd6148c2
6b597bf422617af67b2ffe3e420f0fd2d9a01a3b95020e368c57b2a131151158
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dda262e1c3d0d36c0227a3b1f42294c2fda4115c3a1f02c9cc4a042d7eed312
732117ac92a33b760d9290a33f1541762ee9449dc417ea249b5a0df50738ad16
7aa99a2290918fcff531736ac51130ef187314c43bd03d670a856254d98e3610
7e8ed9d9b37ee6fc6b09218af73de7b7c11091fe9ad32601c449a67e30d2ad2c
84547515a6e14b2e05a9fe95cc546bf675b7631bb5ca51eba111d72b4447270d
8480f18e1c0c46bfedd2db03e63ee6a6c4ce12e4e65b4b88eb512e9afb509236
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
896065599d162442f45106ffece970d68db172c0b8f671c4cf3c4560ba381525
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02
9bc037bd21b64c738431daeb5b7657d4f87039a1fa5dfffb5b7ffaa8c2e5ae31
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a482b87b1055665d77c94492bf4739724380d45b00083575738386b2c7ee9d80
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7a15051d0b1f5cfc22e729b3a24d733b0e6e0429b4fdcdccfefed4e3ff4d675
a9b7c06a0c817bdc4ab10085f879db20f7f463cc8cfa76ea74f13c68c7e50aeb
adb57b7f63baa3c469a5ebcc67f987f95850e3372c6b409433b90d2e0562b548
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b24207967ac402c984033e70a55264014d8a2c4a6528b5196881e3781f0c5a44
b4b9e6d3c73dd8bde37a70b38cb9febcb294eaa054a92fb08b107d8fbc78286d
b6be2e9489327d4095f0ee751d8c6fd3818470af079cf65464211fbe554aa87c
c4a5d7b8e78af6d347f8a345f4f7b26e44363514a9e850974770a1cfb211d3c3
c8c465a3468c5f90aea83297aadcb6691ce7179823a728d08d6b655c6d4b7527
ca7a6b690d99d481600652ec532931bd36fb24b01645dc17938604d7e068d51d
cb9e1bb7c72b7aac13c3e27dc72560a706349328c990b90193f4685dda51a7c7
cd9832da1376a347fc65a01d53fdb7022548ff8f4cc539b7cf0501b4d566da3c
cf6aca4d69658e6be224bd3b542cc92c2802a34fbbcdcf49d4a67ad9af33889e
d0244a1b6b9083c70828b8fb2ba5fdc745169c3230fa8473786962112cc5a583
d524bfae27e5abd09253fc0750d127771c61bf3b8aad0ea5c23db7b0148a23f1
d9eea42f179e4a54d72c720728866ef3328c9a1025666414811dfbcfcfee7962
dd1a68d112abe11d88c93eeb3a46174a736723b033980c45d3a7df312cca92c4
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc2109acfbfa64d0a0fcf530d507348dccb5f6973c486fe0ccf001acf8f0262
efe6f800f7f05f321e0c9f6bc3b5ed8f05f6a4956c7dad957b9bc54b71d5eecd
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f9299e6a9b1a3106e1489f974221459cf31a78258192b00cf9653f6a9df4b290
fcc6252382a2afc1954de24f632eab06bc4c5c4bed650c8d244b54743eb42bc6

ashley.cynic.al Open in urlscan Pro 2606:4700:10::6816:48a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

116 Requests

96 %HTTPS

67 %IPv6

22 Domains

36 Subdomains

32 IPs

8 Countries

2260 kBTransfer

4511 kBSize

20 Cookies

5 Outgoing links

Redirected requests

116 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ashley.cynic.al Open in urlscan Pro
2606:4700:10::6816:48a Public Scan

Screenshot
Live screenshot

Full Image

116
Requests

96 %
HTTPS

67 %
IPv6

22
Domains

36
Subdomains

32
IPs

8
Countries

2260 kB
Transfer

4511 kB
Size

20
Cookies

116 HTTP transactions
3 data transactions