urlscan.io logo urlscan.io
SecurityTrails logo

servedby.flashtalking.com Open in urlscan Pro
209.197.3.19  Public Scan

Go To Rescan Add Verdict Report
URL: https://servedby.flashtalking.com/container/13539;99030;10307;iframe/?ftXRef=&ftXValue=&ftXType=&ftXName=&ftXNumItems=&ftXCurrency...
Submission: On June 29 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 11 HTTP transactions. The main IP is 209.197.3.19, located in United States and belongs to HIGHWINDS3, US. The main domain is servedby.flashtalking.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on February 4th 2021. Valid for: a year.
This is the only time servedby.flashtalking.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 209.197.3.19 20446 (HIGHWINDS3)
1 2 54.195.125.109 16509 (AMAZON-02)
2 54.171.117.141 16509 (AMAZON-02)
1 2 142.250.185.134 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
11 6
5    209.197.3.19 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: vip0x013.map2.ssl.hwcdn.net
servedby.flashtalking.com
2    54.195.125.109 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-125-109.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    54.171.117.141 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-117-141.eu-west-1.compute.amazonaws.com
d9.flashtalking.com
2    142.250.185.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net
9212252.fls.doubleclick.net
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
Domain Requested by
5 servedby.flashtalking.com servedby.flashtalking.com
2 9212252.fls.doubleclick.net 1 redirects servedby.flashtalking.com
2 d9.flashtalking.com servedby.flashtalking.com
d9.flashtalking.com
2 dpm.demdex.net 1 redirects servedby.flashtalking.com
1 adservice.google.de adservice.google.com
1 adservice.google.com 9212252.fls.doubleclick.net
11 6

This site contains no links.

Subject Issuer Validity Valid
servedby.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-04 -
2022-02-22		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh
tag.device9.com
Go Daddy Secure Certificate Authority - G2		 2020-08-06 -
2021-09-17		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://servedby.flashtalking.com/container/13539;99030;10307;iframe/?ftXRef=&ftXValue=&ftXType=&ftXName=&ftXNumItems=&ftXCurrency=&U1=22854143655941432653992148568269305380&U2=&U3=23057081682197377753976147293402481322&U4=adobe.com:express:discover:templates:resume&U5=&U6=&U7=&U8=&U9=&U10=&U11=&U12=&U13=&U14=&U15=&U16=&U17=&U18=&U19=&U20=&ft_referrer=https%3A%2F%2Fwww.adobe.com%2Fexpress%2Fdiscover%2Ftemplates%2Fresume&ns=&cb=892047.4345174873
Frame ID: 3F2A7DAE0881B098CB4DC714F2038613
Requests: 8 HTTP requests in this frame

Frame: https://9212252.fls.doubleclick.net/activityi;dc_pre=CKrW0MSBvPECFYVe5QodTlQAdw;src=9212252;type=invmedia;cat=japan000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2189040177693.2512
Frame ID: B3F81DFA3C2743D4A068913D2E37B18C
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CKrW0MSBvPECFYVe5QodTlQAdw;src=9212252;type=invmedia;cat=japan000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2189040177693.2512;~oref=https://servedby.flashtalking.com/
Frame ID: 369168A5FD88A98FF6184A97FAE20C33
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CKrW0MSBvPECFYVe5QodTlQAdw;src=9212252;type=invmedia;cat=japan000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2189040177693.2512;~oref=https://servedby.flashtalking.com/
Frame ID: 9CD39A2E4BA9AB05722FDB6DD09815C8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

11
Requests

100 %
HTTPS

33 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

19 kB
Transfer

22 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://dpm.demdex.net/ibs:dpid=3047&dpuuid=99999999999999& HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=3047&dpuuid=99999999999999&
Request Chain 3
  • https://9212252.fls.doubleclick.net/activityi;src=9212252;type=invmedia;cat=japan000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2189040177693.2512 HTTP 302
  • https://9212252.fls.doubleclick.net/activityi;dc_pre=CKrW0MSBvPECFYVe5QodTlQAdw;src=9212252;type=invmedia;cat=japan000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2189040177693.2512

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
servedby.flashtalking.com/container/13539;99030;10307;iframe/ 		10 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://servedby.flashtalking.com/container/13539;99030;10307;iframe/?ftXRef=&ftXValue=&ftXType=&ftXName=&ftXNumItems=&ftXCurrency=&U1=22854143655941432653992148568269305380&U2=&U3=23057081682197377753976147293402481322&U4=adobe.com:express:discover:templates:resume&U5=&U6=&U7=&U8=&U9=&U10=&U11=&U12=&U13=&U14=&U15=&U16=&U17=&U18=&U19=&U20=&ft_referrer=https%3A%2F%2Fwww.adobe.com%2Fexpress%2Fdiscover%2Ftemplates%2Fresume&ns=&cb=892047.4345174873
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip0x013.map2.ssl.hwcdn.net
Software
prod-xre-app39.frk11 /
Resource Hash
61f653ccad6609f8dc654594ae755ea3e2b72e1ba0ecce1cd343062f07cea26b

Request headers

Host
servedby.flashtalking.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 29 Jun 2021 04:32:39 GMT
Connection
close
Cache-Control
no-cache, no-store
Content-Type
text/html
Server
prod-xre-app39.frk11
Pragma
no-cache
X-HW
1624941159.dop238.fr8.t,1624941159.cds229.fr8.shn,1624941159.dop238.fr8.t,1624941159.cds279.fr8.sc,1624941159.cds279.fr8.p
demconf.jpg
dpm.demdex.net/
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=3047&dpuuid=99999999999999&
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=3047&dpuuid=99999999999999&
42 B
976 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=3047&dpuuid=99999999999999&
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/13539;99030;10307;iframe/?ftXRef=&ftXValue=&ftXType=&ftXName=&ftXNumItems=&ftXCurrency=&U1=22854143655941432653992148568269305380&U2=&U3=23057081682197377753976147293402481322&U4=adobe.com:express:discover:templates:resume&U5=&U6=&U7=&U8=&U9=&U10=&U11=&U12=&U13=&U14=&U15=&U16=&U17=&U18=&U19=&U20=&ft_referrer=https%3A%2F%2Fwww.adobe.com%2Fexpress%2Fdiscover%2Ftemplates%2Fresume&ns=&cb=892047.4345174873
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.195.125.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-195-125-109.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://servedby.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v010-085b3ae2c.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-Error
303,104
X-TID
KjDmzD9nR+0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v010-053654612.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
Fd7pLRKAQus=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=3047&dpuuid=99999999999999&
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
d9core
d9.flashtalking.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d9.flashtalking.com/d9core
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/13539;99030;10307;iframe/?ftXRef=&ftXValue=&ftXType=&ftXName=&ftXNumItems=&ftXCurrency=&U1=22854143655941432653992148568269305380&U2=&U3=23057081682197377753976147293402481322&U4=adobe.com:express:discover:templates:resume&U5=&U6=&U7=&U8=&U9=&U10=&U11=&U12=&U13=&U14=&U15=&U16=&U17=&U18=&U19=&U20=&ft_referrer=https%3A%2F%2Fwww.adobe.com%2Fexpress%2Fdiscover%2Ftemplates%2Fresume&ns=&cb=892047.4345174873
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.117.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-117-141.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash
8aa38b5f95b858a3a8ab54428f31eab783b131a489e56c70e352e465aeec8a3b

Request headers

Referer
https://servedby.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 29 Jun 2021 04:32:38 GMT
Content-Encoding
gzip
Server
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips
ETag
5bc31bf7d4a298e1bef9d35fce222bfc
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin
d9.flashtalking.com
Cache-Control
private, must-revalidate, proxy-revalidate, max-age=172800
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript;charset=utf-8
Content-Length
3603
/
servedby.flashtalking.com/spot/8/13539;102584;10307/ 		42 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servedby.flashtalking.com/spot/8/13539;102584;10307/?ftXRef=&ftXValue=&ftXType=&ftXName=&ftXNumItems=&ftXCurrency=&U1=22854143655941432653992148568269305380&U2=&U3=23057081682197377753976147293402481322&U4=adobe.com:express:discover:templates:resume&U5=&U6=&U7=&U8=&U9=&U10=&U11=&U12=&U13=&U14=&U15=&U16=&U17=&U18=&U19=&U20=&ft_referrer=https%3A%2F%2Fwww.adobe.com%2Fexpress%2Fdiscover%2Ftemplates%2Fresume&ns=&cb=892047.4345174873&ft_trackID=16249411-5922-1524-BDD9-F6499B044895
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/13539;99030;10307;iframe/?ftXRef=&ftXValue=&ftXType=&ftXName=&ftXNumItems=&ftXCurrency=&U1=22854143655941432653992148568269305380&U2=&U3=23057081682197377753976147293402481322&U4=adobe.com:express:discover:templates:resume&U5=&U6=&U7=&U8=&U9=&U10=&U11=&U12=&U13=&U14=&U15=&U16=&U17=&U18=&U19=&U20=&ft_referrer=https%3A%2F%2Fwww.adobe.com%2Fexpress%2Fdiscover%2Ftemplates%2Fresume&ns=&cb=892047.4345174873
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip0x013.map2.ssl.hwcdn.net
Software
prod-xre-app23.lhr11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
servedby.flashtalking.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://servedby.flashtalking.com/container/13539;99030;10307;iframe/?ftXRef=&ftXValue=&ftXType=&ftXName=&ftXNumItems=&ftXCurrency=&U1=22854143655941432653992148568269305380&U2=&U3=23057081682197377753976147293402481322&U4=adobe.com:express:discover:templates:resume&U5=&U6=&U7=&U8=&U9=&U10=&U11=&U12=&U13=&U14=&U15=&U16=&U17=&U18=&U19=&U20=&ft_referrer=https%3A%2F%2Fwww.adobe.com%2Fexpress%2Fdiscover%2Ftemplates%2Fresume&ns=&cb=892047.4345174873
Connection
keep-alive
Referer
https://servedby.flashtalking.com/container/13539;99030;10307;iframe/?ftXRef=&ftXValue=&ftXType=&ftXName=&ftXNumItems=&ftXCurrency=&U1=22854143655941432653992148568269305380&U2=&U3=23057081682197377753976147293402481322&U4=adobe.com:express:discover:templates:resume&U5=&U6=&U7=&U8=&U9=&U10=&U11=&U12=&U13=&U14=&U15=&U16=&U17=&U18=&U19=&U20=&ft_referrer=https%3A%2F%2Fwww.adobe.com%2Fexpress%2Fdiscover%2Ftemplates%2Fresume&ns=&cb=892047.4345174873
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 04:32:39 GMT
Server
prod-xre-app23.lhr11
X-HW
1624941159.dop090.lo4.shc,1624941159.dop090.lo4.t,1624941159.cds034.lo4.sc,1624941159.cds034.lo4.p
Content-Type
image/gif
Cache-Control
no-cache,no-store
Connection
Keep-Alive
Content-Length
42
activityi;dc_pre=CKrW0MSBvPECFYVe5QodTlQAdw;src=9212252;type=invmedia;cat=japan000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2189040177693.2512
9212252.fls.doubleclick.net/ Frame B3F8
Redirect Chain
  • https://9212252.fls.doubleclick.net/activityi;src=9212252;type=invmedia;cat=japan000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2189040177693.2512?
  • https://9212252.fls.doubleclick.net/activityi;dc_pre=CKrW0MSBvPECFYVe5QodTlQAdw;src=9212252;type=invmedia;cat=japan000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=218904017769...
513 B
422 B 		Document
General
Check archive.org
Download Go to
Full URL
https://9212252.fls.doubleclick.net/activityi;dc_pre=CKrW0MSBvPECFYVe5QodTlQAdw;src=9212252;type=invmedia;cat=japan000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2189040177693.2512?
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/13539;99030;10307;iframe/?ftXRef=&ftXValue=&ftXType=&ftXName=&ftXNumItems=&ftXCurrency=&U1=22854143655941432653992148568269305380&U2=&U3=23057081682197377753976147293402481322&U4=adobe.com:express:discover:templates:resume&U5=&U6=&U7=&U8=&U9=&U10=&U11=&U12=&U13=&U14=&U15=&U16=&U17=&U18=&U19=&U20=&ft_referrer=https%3A%2F%2Fwww.adobe.com%2Fexpress%2Fdiscover%2Ftemplates%2Fresume&ns=&cb=892047.4345174873
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
cafe /
Resource Hash
08d7334240af2e9f4f9f3534767145a32ca66732b6677f1efe51b13ed0569ae8
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
9212252.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CKrW0MSBvPECFYVe5QodTlQAdw;src=9212252;type=invmedia;cat=japan000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2189040177693.2512?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://servedby.flashtalking.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://servedby.flashtalking.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 29 Jun 2021 04:32:39 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
397
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 29-Jun-2021 04:47:39 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 29 Jun 2021 04:32:39 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://9212252.fls.doubleclick.net/activityi;dc_pre=CKrW0MSBvPECFYVe5QodTlQAdw;src=9212252;type=invmedia;cat=japan000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2189040177693.2512?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Cookie set /
servedby.flashtalking.com/segment/2/read/a;;pixel/ 		42 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servedby.flashtalking.com/segment/2/read/a;;pixel/?s=10307&d=www.adobe.com&r=express/discover/templates/resume
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/13539;99030;10307;iframe/?ftXRef=&ftXValue=&ftXType=&ftXName=&ftXNumItems=&ftXCurrency=&U1=22854143655941432653992148568269305380&U2=&U3=23057081682197377753976147293402481322&U4=adobe.com:express:discover:templates:resume&U5=&U6=&U7=&U8=&U9=&U10=&U11=&U12=&U13=&U14=&U15=&U16=&U17=&U18=&U19=&U20=&ft_referrer=https%3A%2F%2Fwww.adobe.com%2Fexpress%2Fdiscover%2Ftemplates%2Fresume&ns=&cb=892047.4345174873
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip0x013.map2.ssl.hwcdn.net
Software
prod-xre-app24.lhr11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
servedby.flashtalking.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://servedby.flashtalking.com/container/13539;99030;10307;iframe/?ftXRef=&ftXValue=&ftXType=&ftXName=&ftXNumItems=&ftXCurrency=&U1=22854143655941432653992148568269305380&U2=&U3=23057081682197377753976147293402481322&U4=adobe.com:express:discover:templates:resume&U5=&U6=&U7=&U8=&U9=&U10=&U11=&U12=&U13=&U14=&U15=&U16=&U17=&U18=&U19=&U20=&ft_referrer=https%3A%2F%2Fwww.adobe.com%2Fexpress%2Fdiscover%2Ftemplates%2Fresume&ns=&cb=892047.4345174873
Connection
keep-alive
Referer
https://servedby.flashtalking.com/container/13539;99030;10307;iframe/?ftXRef=&ftXValue=&ftXType=&ftXName=&ftXNumItems=&ftXCurrency=&U1=22854143655941432653992148568269305380&U2=&U3=23057081682197377753976147293402481322&U4=adobe.com:express:discover:templates:resume&U5=&U6=&U7=&U8=&U9=&U10=&U11=&U12=&U13=&U14=&U15=&U16=&U17=&U18=&U19=&U20=&ft_referrer=https%3A%2F%2Fwww.adobe.com%2Fexpress%2Fdiscover%2Ftemplates%2Fresume&ns=&cb=892047.4345174873
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 04:32:39 GMT
Server
prod-xre-app24.lhr11
X-HW
1624941159.dop090.lo4.shc,1624941159.dop090.lo4.t,1624941159.cds234.lo4.sc,1624941159.cds234.lo4.p
Content-Type
image/gif
Set-Cookie
flashtalkingad1="GUID=49280888B387B7";Path=/;Domain=.flashtalking.com;Expires=Thu, 29-Jun-23 04:32:39 GMT;SameSite=None;Secure
Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Length
42
/
adservice.google.com/ddm/fls/i/dc_pre=CKrW0MSBvPECFYVe5QodTlQAdw;src=9212252;type=invmedia;cat=japan000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2189040177693.2512;~oref=ht... Frame 3691 		512 B
466 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CKrW0MSBvPECFYVe5QodTlQAdw;src=9212252;type=invmedia;cat=japan000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2189040177693.2512;~oref=https://servedby.flashtalking.com/
Requested by
Host: 9212252.fls.doubleclick.net
URL: https://9212252.fls.doubleclick.net/activityi;dc_pre=CKrW0MSBvPECFYVe5QodTlQAdw;src=9212252;type=invmedia;cat=japan000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2189040177693.2512?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8383ff203c969b937312defe9ace32c733be0d59b0a29d588f5f583f7963c68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
adservice.google.com
:scheme
https
:path
/ddm/fls/i/dc_pre=CKrW0MSBvPECFYVe5QodTlQAdw;src=9212252;type=invmedia;cat=japan000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2189040177693.2512;~oref=https://servedby.flashtalking.com/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://9212252.fls.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://9212252.fls.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 29 Jun 2021 04:32:39 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
396
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
adservice.google.de/ddm/fls/i/dc_pre=CKrW0MSBvPECFYVe5QodTlQAdw;src=9212252;type=invmedia;cat=japan000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2189040177693.2512;~oref=htt... Frame 9CD3 		194 B
265 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CKrW0MSBvPECFYVe5QodTlQAdw;src=9212252;type=invmedia;cat=japan000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2189040177693.2512;~oref=https://servedby.flashtalking.com/
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CKrW0MSBvPECFYVe5QodTlQAdw;src=9212252;type=invmedia;cat=japan000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2189040177693.2512;~oref=https://servedby.flashtalking.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
adservice.google.de
:scheme
https
:path
/ddm/fls/i/dc_pre=CKrW0MSBvPECFYVe5QodTlQAdw;src=9212252;type=invmedia;cat=japan000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2189040177693.2512;~oref=https://servedby.flashtalking.com/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adservice.google.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adservice.google.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 29 Jun 2021 04:32:39 GMT
expires
Tue, 29 Jun 2021 04:32:39 GMT
cache-control
private, max-age=0
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
177
x-xss-protection
0
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
Cookie set /
servedby.flashtalking.com/segment/modify/afr5;;pixel/ 		42 B
511 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servedby.flashtalking.com/segment/modify/afr5;;pixel/?name=CC_Video_Plans_Viewer
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/13539;99030;10307;iframe/?ftXRef=&ftXValue=&ftXType=&ftXName=&ftXNumItems=&ftXCurrency=&U1=22854143655941432653992148568269305380&U2=&U3=23057081682197377753976147293402481322&U4=adobe.com:express:discover:templates:resume&U5=&U6=&U7=&U8=&U9=&U10=&U11=&U12=&U13=&U14=&U15=&U16=&U17=&U18=&U19=&U20=&ft_referrer=https%3A%2F%2Fwww.adobe.com%2Fexpress%2Fdiscover%2Ftemplates%2Fresume&ns=&cb=892047.4345174873
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip0x013.map2.ssl.hwcdn.net
Software
prod-xre-app26.lhr11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
servedby.flashtalking.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://servedby.flashtalking.com/container/13539;99030;10307;iframe/?ftXRef=&ftXValue=&ftXType=&ftXName=&ftXNumItems=&ftXCurrency=&U1=22854143655941432653992148568269305380&U2=&U3=23057081682197377753976147293402481322&U4=adobe.com:express:discover:templates:resume&U5=&U6=&U7=&U8=&U9=&U10=&U11=&U12=&U13=&U14=&U15=&U16=&U17=&U18=&U19=&U20=&ft_referrer=https%3A%2F%2Fwww.adobe.com%2Fexpress%2Fdiscover%2Ftemplates%2Fresume&ns=&cb=892047.4345174873
Cookie
flashtalkingad1="GUID=49280888B387B7"
Connection
keep-alive
Referer
https://servedby.flashtalking.com/container/13539;99030;10307;iframe/?ftXRef=&ftXValue=&ftXType=&ftXName=&ftXNumItems=&ftXCurrency=&U1=22854143655941432653992148568269305380&U2=&U3=23057081682197377753976147293402481322&U4=adobe.com:express:discover:templates:resume&U5=&U6=&U7=&U8=&U9=&U10=&U11=&U12=&U13=&U14=&U15=&U16=&U17=&U18=&U19=&U20=&ft_referrer=https%3A%2F%2Fwww.adobe.com%2Fexpress%2Fdiscover%2Ftemplates%2Fresume&ns=&cb=892047.4345174873
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 04:32:39 GMT
Server
prod-xre-app26.lhr11
X-HW
1624941159.dop090.lo4.shc,1624941159.dop090.lo4.t,1624941159.cds234.lo4.sc,1624941159.cds234.lo4.p
Content-Type
image/gif
Set-Cookie
flashtalkingad1="GUID=49280888B387B7|segment=(afr5)";Path=/;Domain=.flashtalking.com;Expires=Thu, 29-Jun-23 04:32:39 GMT;SameSite=None;Secure
Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Length
42
lgc
d9.flashtalking.com/ 		103 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d9.flashtalking.com/lgc
Requested by
Host: d9.flashtalking.com
URL: https://d9.flashtalking.com/d9core
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.117.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-117-141.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash
4eff0a41b304a57c460df8e485f93d12f29216d11575eb329c0c07ce2d894c65

Request headers

Referer
https://servedby.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Tue, 29 Jun 2021 04:32:39 GMT
Content-Encoding
gzip
Server
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin
https://servedby.flashtalking.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=ISO-8859-1
Content-Length
79
/
servedby.flashtalking.com/track/102584;10307;403;16249411-5922-1524-BDD9-F6499B044895/ 		42 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servedby.flashtalking.com/track/102584;10307;403;16249411-5922-1524-BDD9-F6499B044895/?ft_data=d9:0d315671179d4d46aea8cdde7dc5ad78;d9s:0d315671179d4d46aea8cdde7dc5ad78&cachebuster=105909.86267123315
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip0x013.map2.ssl.hwcdn.net
Software
prod-xre-app8.lhr11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
servedby.flashtalking.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://servedby.flashtalking.com/container/13539;99030;10307;iframe/?ftXRef=&ftXValue=&ftXType=&ftXName=&ftXNumItems=&ftXCurrency=&U1=22854143655941432653992148568269305380&U2=&U3=23057081682197377753976147293402481322&U4=adobe.com:express:discover:templates:resume&U5=&U6=&U7=&U8=&U9=&U10=&U11=&U12=&U13=&U14=&U15=&U16=&U17=&U18=&U19=&U20=&ft_referrer=https%3A%2F%2Fwww.adobe.com%2Fexpress%2Fdiscover%2Ftemplates%2Fresume&ns=&cb=892047.4345174873
Cookie
flashtalkingad1="GUID=49280888B387B7|segment=(afr5)"; _D9J=8afa09dd160c4eec88fba859619b71a1
Connection
keep-alive
Referer
https://servedby.flashtalking.com/container/13539;99030;10307;iframe/?ftXRef=&ftXValue=&ftXType=&ftXName=&ftXNumItems=&ftXCurrency=&U1=22854143655941432653992148568269305380&U2=&U3=23057081682197377753976147293402481322&U4=adobe.com:express:discover:templates:resume&U5=&U6=&U7=&U8=&U9=&U10=&U11=&U12=&U13=&U14=&U15=&U16=&U17=&U18=&U19=&U20=&ft_referrer=https%3A%2F%2Fwww.adobe.com%2Fexpress%2Fdiscover%2Ftemplates%2Fresume&ns=&cb=892047.4345174873
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Jun 2021 04:32:39 GMT
Server
prod-xre-app8.lhr11
X-HW
1624941159.dop090.lo4.shc,1624941159.dop090.lo4.t,1624941159.cds234.lo4.sc,1624941159.cds234.lo4.p
Content-Type
image/gif
Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Length
42
Expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated boolean| urlHarvest string| ft_track_102584 object| ftD9ResponseRegister3 object| D9v object| D9r boolean| ftD9ResponseRegister3Check object| D9scr object| D9 string| axel number| a object| dontHarvestList string| t object| ft_hSeg string| cont_ref string| send object| d9PendingXDR string| ft_d9ID string| ft_d9sID string| payLoad

2 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.flashtalking.com/ Name: flashtalkingad1
Value: "GUID=49280888B387B7|segment=(afr5)"