ask.fm Open in urlscan Pro
193.138.77.143  Public Scan

14 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

• https://mc.yandex.com/sync_cookie_image_check HTTP 302
• https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9410.iNnyc-I-kZaxUtvPWg57YW1uFL75om0SzJzbgPrSgAVisI8MmFgMasXISP9GjQPZ.z7HdkNH8paRTksRKhhm0XUjhUNQ%2C HTTP 302
• https://mc.yandex.com/sync_cookie_image_decide?token=9410.WsfpYi_SM7CKtloduV9P27vLILOv2IDfvco4L8spkbxtA_l2fVtW0zXtuONKPl9qjSZqgSm1Mrcyl5vYlUjbeg%2C%2C.icVxkABfJ9Ke8960KxyruX_C-HE%2C

Request Chain 40

• https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D HTTP 302
• https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent

Request Chain 41

• https://x.bidswitch.net/sync?ssp=vidoomy&user_id=275956735.936474741745946401.7206281 HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=275956735.936474741745946401.7206281 HTTP 302
• https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=vidoomy&bsw_custom_parameter=eaf838cb-191e-48d1-80f3-724d848c4912 HTTP 302
• https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=vidoomy&bsw_custom_parameter=eaf838cb-191e-48d1-80f3-724d848c4912 HTTP 302
• https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=e02151d9-1f21-458e-99ef-1d631633f5c3&user_group=1&ssp=vidoomy&bsw_param=eaf838cb-191e-48d1-80f3-724d848c4912 HTTP 302
• https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=eaf838cb-191e-48d1-80f3-724d848c4912

Request Chain 42

• https://sync.1rx.io/usersync2/vidoomy?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3D%5BRX_UUID%5D HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1707586293 HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1707586293 HTTP 302
• https://sync.1rx.io/usersync/tradedesk/2fd51d7a-96e8-4dab-aed2-31c2d78e64f8 HTTP 302
• https://sync.targeting.unrulymedia.com/csync/RX-263a6e0e-0a97-45ca-9bfb-5b72e0b1a67d-003?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3DRX-263a6e0e-0a97-45ca-9bfb-5b72e0b1a67d-003 HTTP 302
• https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=RX-263a6e0e-0a97-45ca-9bfb-5b72e0b1a67d-003

Request Chain 44

• https://mc.yandex.com/watch/48953915?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fbanjostove4487&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A669%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A1170688306932%3Ahid%3A961285531%3Az%3A0%3Ai%3A20210928093800%3Aet%3A1632821881%3Ac%3A1%3Arn%3A283380361%3Arqn%3A1%3Au%3A1632821881983656102%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1632821880107%3Ads%3A28%2C333%2C164%2C103%2C0%2C0%2C%2C136%2C6%2C%2C%2C%2C665%3Adsn%3A28%2C333%2C164%2C103%2C0%2C0%2C%2C36%2C6%2C%2C%2C%2C665%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1632821881%3At%3AAccount%20Suspended%20-%20Ask.fm HTTP 302
• https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fbanjostove4487&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A669%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A1170688306932%3Ahid%3A961285531%3Az%3A0%3Ai%3A20210928093800%3Aet%3A1632821881%3Ac%3A1%3Arn%3A283380361%3Arqn%3A1%3Au%3A1632821881983656102%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1632821880107%3Ads%3A28%2C333%2C164%2C103%2C0%2C0%2C%2C136%2C6%2C%2C%2C%2C665%3Adsn%3A28%2C333%2C164%2C103%2C0%2C0%2C%2C36%2C6%2C%2C%2C%2C665%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1632821881%3At%3AAccount%20Suspended%20-%20Ask.fm

Request Chain 53

• https://ad.turn.com/r/cs?pid=65 HTTP 302
• https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3223517043209527669

Request Chain 58

• https://ad.turn.com/r/cs?pid=65 HTTP 302
• https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3295574637247455605

Request Chain 72

• https://ad.turn.com/r/cs?pid=65 HTTP 302
• https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3295574637247455605

Request Chain 91

• https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
• https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=132f62b11610b174b583f0357c80dea&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=0&gdpr_consent=null HTTP 302
• https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=pc027_7012916583384151697 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=MTMyZjYyYjExNjEwYjE3NGI1ODNmMDM1N2M4MGRlYQ==&gdpr=0&gdpr_consent= HTTP 302
• https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESENLdialKrJBah3-Z2WXeNrE&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
• https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=2fd51d7a-96e8-4dab-aed2-31c2d78e64f8 HTTP 302
• https://pr-bh.ybp.yahoo.com/sync/stickyads/132f62b11610b174b583f0357c80dea&gdpr=0&gdpr_consent= HTTP 302
• https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-Y0vfpvVE2oMm8IT4gD7rjrGqUD7DqlZUZ1Ht_Umy~A HTTP 302
• https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 302
• https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=6812870236741216026 HTTP 302
• https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
• https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=35f36152-e27b-4100-bafa-6c0da5dc8420&gdpr=0&gdpr_consent= HTTP 302
• https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
• https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YVLiewAAAJmRRgAT&gdpr=0&gdpr_consent= HTTP 302
• https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent= HTTP 302
• https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=1391974889377494002 HTTP 302
• https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_ HTTP 302
• https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_ HTTP 302
• https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=eB76Zhwp1Mv9yP5 HTTP 302
• https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=

Request Chain 94

• https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MTMyZjYyYjExNjEwYjE3NGI1ODNmMDM1N2M4MGRlYQ==&gdpr=0&gdpr_consent= HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MTMyZjYyYjExNjEwYjE3NGI1ODNmMDM1N2M4MGRlYQ==&gdpr=0&gdpr_consent=&google_tc=

Request Chain 95

• https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
• https://s.amazon-adsystem.com/ecm3?id=132f62b11610b174b583f0357c80dea&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 104

• https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
• https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true HTTP 302
• https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPc6d26b4a-203f-11ec-aba4-06cb704d9496 HTTP 302
• https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPc6d26b4a-203f-11ec-aba4-06cb704d9496&verify=true HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVBjNmQyNmI0YS0yMDNmLTExZWMtYWJhNC0wNmNiNzA0ZDk0OTY%3D HTTP 302
• https://pixel.advertising.com/ups/57304/sync?uid=CAESEKCTItpBzaTRgp7BnBy6MHc&google_cver=1 HTTP 302
• https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEKCTItpBzaTRgp7BnBy6MHc&google_cver=1&apid=UPc6d26b4a-203f-11ec-aba4-06cb704d9496

Request Chain 105

• https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent= HTTP 302
• https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_test=YVLiewAAAJmRRgAT HTTP 302
• https://pixel.advertising.com/ups/55986/sync?uid=YVLiewAAAJmRRgAT&_origin=0&gdpr=0&gdpr_consent=&_test=YVLiewAAAJmRRgAT HTTP 302
• https://ups.analytics.yahoo.com/ups/55986/sync?uid=YVLiewAAAJmRRgAT&_origin=0&gdpr=0&gdpr_consent=&_test=YVLiewAAAJmRRgAT&apid=UPc6d26b4a-203f-11ec-aba4-06cb704d9496

Request Chain 106

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
• https://ups.analytics.yahoo.com/ups/55953/sync?uid=2fd51d7a-96e8-4dab-aed2-31c2d78e64f8&_origin=1&gdpr=1&gdpr_consent=

Request Chain 112

• https://c1.adform.net/serving/cookie/match?party=14&cid=E2F76566-ADC1-4F9F-B55D-CFC4CFCE2BA7 HTTP 302
• https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E2F76566-ADC1-4F9F-B55D-CFC4CFCE2BA7

Request Chain 113

• https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
• https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3729764168184153385

Request Chain 115

• https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4vdlZq3BT5-1Xc_Ez84rpw%3D%3D HTTP 302
• https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 116

• https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
• https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=6adf6152-e27b-4300-9bfc-c45e90cb58ce

Request Chain 117

• https://pixel.onaudience.com/?partner=214&mapped=E2F76566-ADC1-4F9F-B55D-CFC4CFCE2BA7 HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
• https://pixel.onaudience.com/?partner=147&mapped=2fd51d7a-96e8-4dab-aed2-31c2d78e64f8&icm HTTP 302
• https://spl.zeotap.com/?zdid=1332&zcluid=28be819b1bea199d HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=7159e30b-39c0-4071-6f4c-fcb06e72f413&reqId=80e92764-d98c-4e88-6cc3-d5832b301960&zcluid=28be819b1bea199d&zdid=1332 HTTP 302
• https://mwzeom.zeotap.com/mw?google_gid=CAESENoO5vHlFO7UnXJmtscB4Cw&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=7159e30b-39c0-4071-6f4c-fcb06e72f413&reqId=80e92764-d98c-4e88-6cc3-d5832b301960&zcluid=28be819b1bea199d&zdid=1332

Request Chain 118

• https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTJGNzY1NjYtQURDMS00RjlGLUI1NUQtQ0ZDNENGQ0UyQkE3&gdpr=0&gdpr_consent= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 119

• https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPx7Et9Rr0RR-ca8LODc13Q&google_cver=1

Request Chain 121

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2fd51d7a-96e8-4dab-aed2-31c2d78e64f8

Request Chain 122

• https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
• https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1391974889377494002

Request Chain 123

• https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:68f16152-e27b-4c00-8de9-e9ae9f450b91&gdpr=0&gdpr_consent=

Request Chain 124

• https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6812870236741216026&gdpr=0&gdpr_consent=

Request Chain 125

• https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=hGEs2NdiLoifZ32Pg2A02tNie9yfMXjThjPPt8d1

Request Chain 141

• https://ad.turn.com/r/cs?pid=65 HTTP 302
• https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3295574637247455605

143 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	410 Gone	Primary Request Cookie set banjostove4487 Show response ask.fm/	13 KB 15 KB	525ms 164ms	Document text/html	193.138.77.143 ASK-FM
General Check archive.org Show headers Download Go to Full URL https://ask.fm/banjostove4487 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.138.77.143 , Latvia, ASN395754 (ASK-FM, US), Reverse DNS Software Ask.FM Web Service / Resource Hash f4d63af7c272f718ebabbc8a4f8d74d1f353b5a12a6aa9b56d7c0a71505cc083 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Host ask.fm Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Status 410 Gone Cache-Control no-cache X-Frame-Options SAMEORIGIN X-XSS-Protection 1; mode=block X-Content-Type-Options nosniff Date Tue, 28 Sep 2021 09:38:00 GMT Set-Cookie locale=de; path=/; expires=Wed, 28 Sep 2022 15:38:00 GMT uuid=abaf7a59-1927-4460-9ee8-fea4dd5b6863; path=/; expires=Wed, 28 Sep 2022 15:38:00 GMT; secure; HttpOnly country=DE; path=/; expires=Wed, 28 Sep 2022 15:38:00 GMT _m_ask_fm_session=eGZzcGp0QXJFWHZLUGU0K0QzbExkd3BVRTBSMXFXbnpZWFRYNkJncTVReEI4dWNOczZvMHNPckVMRVZjdXpMYnFUR0ZkMkpMSnkrRU0vS05yQ0tyZzVOaHFKQVZvUkt6aDZ6Z00wVFlVK0F5ek03cEJ3M3FreVR1NU03WUt5NWxpQ0lKdTY0cFI1eEViQ21GQmplRW1qWFhIdDVxM0pzcE1RblptVW5EZ2svbTQwUHBtSnYrUXBSTkZPUGVydzIxdEM4L1VxbXR5T2pEK2hIdk93SFVwOGhTZWw5K0xXaGUzMklJUm51dDRnckNKWVp2amo0ek52SEQxMGY0WmtWYy0tZWlxV1BjQXdNSGFwK1BLanZBcjRCZz09--2b8862228b23e495db78123a95e35c2e19e88631; path=/; expires=Fri, 01 Oct 2021 09:38:00 GMT; secure; HttpOnly Server Ask.FM Web Service Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000
GET H2	200	application_ltr-e431b1b76f357244f36acf55909bf2867bff80742139afe7b2313cff66aa5d39.css d3r6ceqp4shltl.cloudfront.net/assets/	205 KB 44 KB	57ms 12ms	Stylesheet text/css	2600:9000:2156:1e00:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-e431b1b76f357244f36acf55909bf2867bff80742139afe7b2313cff66aa5d39.css Requested by Host: ask.fm URL: https://ask.fm/banjostove4487 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:1e00:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash f35eb63af5172e2882f9880d0668b3517869ae1dcf15cec3b5b4ebd506ffb544 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 20 Sep 2021 09:00:24 GMT content-encoding gzip vary Accept-Encoding age 693456 x-cache Hit from cloudfront strict-transport-security max-age=63072000 access-control-allow-origin https://ask.fm last-modified Mon, 20 Sep 2021 08:56:03 GMT server Ask.FM Web Service etag W/"61484ca3-33492" access-control-max-age 3000 access-control-allow-methods GET content-type text/css via 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront) cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop FRA50-C1 x-amz-cf-id OPrMTwy2GwzG7dmv2PEuo7zWCz_AgzbMoKkOW_ZZ0H6S20kDdIK-MQ== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	application-f82948a8cf5896011175c1fbf42c5b3ad45aaa9cfae7d60fa0f42812eb0e410e.js Show response d3r6ceqp4shltl.cloudfront.net/assets/	216 KB 68 KB	63ms 19ms	Script application/javascript	2600:9000:2156:1e00:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/application-f82948a8cf5896011175c1fbf42c5b3ad45aaa9cfae7d60fa0f42812eb0e410e.js Requested by Host: ask.fm URL: https://ask.fm/banjostove4487 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:1e00:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 68bbd771eecb76f98639a65674facba6df78abad6550a712aff0d30fefe11c71 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 20 Sep 2021 09:00:23 GMT content-encoding gzip vary Accept-Encoding age 693457 x-cache Hit from cloudfront strict-transport-security max-age=63072000 access-control-allow-origin https://ask.fm last-modified Mon, 20 Sep 2021 08:56:04 GMT server Ask.FM Web Service etag W/"61484ca4-35fe0" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript via 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront) cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop FRA50-C1 x-amz-cf-id J8U-uyt1h0xuMSSYSHovBQJCN0-cGGekDB59oiD0tZn2Cm1a8XIbYw== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	askfm_4249.js Show response ads.vidoomy.com/	5 KB 5 KB	370ms 127ms	Script application/javascript	3.129.250.65 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ads.vidoomy.com/askfm_4249.js Requested by Host: ask.fm URL: https://ask.fm/banjostove4487 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 3.129.250.65 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-129-250-65.us-east-2.compute.amazonaws.com Software Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33 Resource Hash 9adcb66c5787b7cfea40f01e917238c3a90ff74423e96a5d551ed2411ef29754 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 28 Sep 2021 09:38:01 GMT Server Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 X-Powered-By PHP/7.0.33 Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 Connection Keep-Alive Keep-Alive timeout=2, max=300 Content-Length 4963
GET H2	200	account-suspended.gif d3r6ceqp4shltl.cloudfront.net/images/errors/	380 KB 380 KB	20ms 20ms	Image image/gif	2600:9000:2156:1e00:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d3r6ceqp4shltl.cloudfront.net/images/errors/account-suspended.gif Requested by Host: ask.fm URL: https://ask.fm/banjostove4487 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:1e00:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash b570d38ee9fb9d3c62cdd3395021b23cf0c1b8d6e55aa0f4c31496723a30c202 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 15:38:28 GMT via 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront) age 3520772 x-cache Hit from cloudfront content-length 388641 last-modified Wed, 18 Aug 2021 12:19:47 GMT server Ask.FM Web Service etag "611cfae3-5ee21" strict-transport-security max-age=63072000 content-type image/gif cache-control max-age=315360000, public content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop FRA50-C1 accept-ranges bytes x-amz-cf-id 8OmVfC-NGmUoDxDmHesRsvO0SfvBKsB6BW3TzoILD9qwzWCBJ1IJMg== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	v2doydDDr7mj6NrgHnAK5ak-qxBmJSRZTUAYuHM-2FpCgUsDt2NNH9aFlN0Jtm2lc Show response colossalcoat.com/	103 KB 30 KB	69ms 20ms	Script text/javascript	35.201.96.133 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://colossalcoat.com/v2doydDDr7mj6NrgHnAK5ak-qxBmJSRZTUAYuHM-2FpCgUsDt2NNH9aFlN0Jtm2lc Requested by Host: ask.fm URL: https://ask.fm/banjostove4487 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 133.96.201.35.bc.googleusercontent.com Software / Resource Hash 672f691393b6f3af0a388cdf591cfea7b65357d813c1dd6d8a96966b15008c63 Security Headers Name Value Strict-Transport-Security max-age=15724800; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15724800; preload content-encoding br x-datacenter gce-europe-west1 etag "7796c0b3069549379f0bb7e2e12b057a0e4c4c779190a66b7178ee145e3c6d43" vary Accept-Encoding, Accept-Language x-hostname c984a0b3 content-type text/javascript; charset=utf-8 cache-control private, must-revalidate, max-age=21600 date Tue, 28 Sep 2021 09:38:00 GMT timing-allow-origin *
GET H/1.1	200	scripts Show response esputnik.com/scripts/v1/public/	36 KB 11 KB	149ms 52ms	Script application/javascript	2a05:d018:ac8:b920:9466:f230:a20d:7fc0 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://esputnik.com/scripts/v1/public/scripts?apiKey=eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI0NTI0ZWZhYTJkYzI2MGRmYTM4YTE1NDBlMWFlYmU1M2QxYjUyMDE3MzM0OWZhOTIxZGExMGU3OWRmYzEwMDRmMjJhOGU1MzE1ZmJlYTIyZTBhMDMzY2FhODU3ZDgzNTY1MGFhYTM0NjEwNjUzNGMxZTcyMjRhOTU2ODVlYmQ0N2JkZDhlYjZkNmIyMDc0NWFhNDY3YjIyMWI0ODI0NTE2MGY4ZmU1OTY5MDU3In0.G6LVcfCiI7Js2CYtqG0BsrNJdgaviLhvqlodAVkkBkzVwQmSlSOsrIkTvP_QNoXGzaogwOdqcjtaXPMKvwWD0A&domain=1152F29B-9126-4F22-869C-ECC03B33FB2B Requested by Host: ask.fm URL: https://ask.fm/banjostove4487 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a05:d018:ac8:b920:9466:f230:a20d:7fc0 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 0df33bbf056c61ab7c3c2d0bbfe612a27d73899ff4e9379a65592d3894209531 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 28 Sep 2021 09:38:00 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server nginx X-Frame-Options SAMEORIGIN Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type application/javascript; charset=utf-8 Cache-Control max-age=300 Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding X-XSS-Protection 1; mode=block Expires Tue, 28 Sep 2021 09:43:00 GMT
GET H2	200	tag.js Show response mc.yandex.ru/metrika/	191 KB 65 KB	154ms 73ms	Script application/javascript	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/metrika/tag.js Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-f82948a8cf5896011175c1fbf42c5b3ad45aaa9cfae7d60fa0f42812eb0e410e.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 8ce174fc34969d02274382ec6da5a274b254802c3814de6971de6ec349c7dd6c Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 09:38:00 GMT content-encoding br last-modified Sat, 25 Sep 2021 10:27:39 GMT etag "614ecf6b-1031a" strict-transport-security max-age=31536000 content-type application/javascript access-control-allow-origin * cache-control max-age=3600 content-length 66330 expires Tue, 28 Sep 2021 10:38:00 GMT
GET H2	200	135958.jpg d16vsmxl4d5tw1.cloudfront.net/dd5/19ca2/e7b7/4a94/934d/4fcc5f6da715/thumb/	3 KB 3 KB	74ms 19ms	Image image/jpeg	2600:9000:2156:f200:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/dd5/19ca2/e7b7/4a94/934d/4fcc5f6da715/thumb/135958.jpg Requested by Host: ask.fm URL: https://ask.fm/banjostove4487 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:f200:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 519bfe4cfd23f2efe4e2b2a1178bff2678e8c6f02653dfa74f24bc3128053da4 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 08:23:40 GMT via 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront) last-modified Sat, 29 Dec 2018 14:37:40 GMT server AmazonS3 age 4460 etag "b15f4d607365cabb0ec9639b2b3d0136" x-edge-origin-shield-skipped 0 x-amz-version-id bjbKvBgzeRs0SPTzZYtt7VVDI.XrCvek x-amz-storage-class REDUCED_REDUNDANCY x-cache Hit from cloudfront x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type image/jpeg content-length 2863 x-amz-cf-id _OQ-8cowroIeyvbywJOlwEKSRf7cDKK69X8FQWQrWwiz3xSOZlipuw==
GET H2	200	fontello-6de8dcc952e62df3b6c6537122b71ee61f92674b1ae412f27efae801f9d65884.woff2 d3r6ceqp4shltl.cloudfront.net/assets/	17 KB 18 KB	34ms 10ms	Font application/octet-stream	2600:9000:2156:1e00:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/fontello-6de8dcc952e62df3b6c6537122b71ee61f92674b1ae412f27efae801f9d65884.woff2 Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-e431b1b76f357244f36acf55909bf2867bff80742139afe7b2313cff66aa5d39.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:1e00:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Referer https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-e431b1b76f357244f36acf55909bf2867bff80742139afe7b2313cff66aa5d39.css Origin https://ask.fm Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 10 Sep 2021 12:34:09 GMT via 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront) age 1544631 x-cache Hit from cloudfront access-control-max-age 3000 content-length 17880 last-modified Fri, 10 Sep 2021 12:31:15 GMT server Ask.FM Web Service etag "613b5013-45d8" strict-transport-security max-age=63072000 access-control-allow-methods GET content-type application/octet-stream access-control-allow-origin https://ask.fm cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop FRA50-C1 accept-ranges bytes x-amz-cf-id yBlpgvHX8ntUXPDviIBzdVolhG1PK_oSigEEohb1OOdRWUFKzyEh_A== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	proximanova-semibold-a2a83f94ebfbd8389d8941dd31fce0d6de92ab5054d892a53d3cf495980ce7de.woff2 d3r6ceqp4shltl.cloudfront.net/assets/	25 KB 25 KB	39ms 16ms	Font application/octet-stream	2600:9000:2156:1e00:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/proximanova-semibold-a2a83f94ebfbd8389d8941dd31fce0d6de92ab5054d892a53d3cf495980ce7de.woff2 Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-e431b1b76f357244f36acf55909bf2867bff80742139afe7b2313cff66aa5d39.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:1e00:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Referer https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-e431b1b76f357244f36acf55909bf2867bff80742139afe7b2313cff66aa5d39.css Origin https://ask.fm Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 10 Sep 2021 12:34:09 GMT via 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront) age 1544631 x-cache Hit from cloudfront access-control-max-age 3000 content-length 25400 last-modified Fri, 10 Sep 2021 12:31:22 GMT server Ask.FM Web Service etag "613b501a-6338" strict-transport-security max-age=63072000 access-control-allow-methods GET content-type application/octet-stream access-control-allow-origin https://ask.fm cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop FRA50-C1 accept-ranges bytes x-amz-cf-id lq3Gw7fjN5gpJZfSJl6Jt_tMyZDf4TN6U7BgTdVDjJCBVCOLJITbDw== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	proximanovareg-160969822c078cfce7f0e80a45d30a168b9e4b202f5c2480a520bd09e47df7de.woff2 d3r6ceqp4shltl.cloudfront.net/assets/	51 KB 52 KB	41ms 19ms	Font application/octet-stream	2600:9000:2156:1e00:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/proximanovareg-160969822c078cfce7f0e80a45d30a168b9e4b202f5c2480a520bd09e47df7de.woff2 Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-e431b1b76f357244f36acf55909bf2867bff80742139afe7b2313cff66aa5d39.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:1e00:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Referer https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-e431b1b76f357244f36acf55909bf2867bff80742139afe7b2313cff66aa5d39.css Origin https://ask.fm Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 10 Sep 2021 12:34:09 GMT via 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront) age 1544631 x-cache Hit from cloudfront access-control-max-age 3000 content-length 52204 last-modified Fri, 10 Sep 2021 12:31:15 GMT server Ask.FM Web Service etag "613b5013-cbec" strict-transport-security max-age=63072000 access-control-allow-methods GET content-type application/octet-stream access-control-allow-origin https://ask.fm cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop FRA50-C1 accept-ranges bytes x-amz-cf-id MOFvFs4E9NCCFZEqG6WHPSYKo7BnY1IyC73odtSMAiHlZclUFkRubw== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	12895.jpg d16vsmxl4d5tw1.cloudfront.net/782/bcce6/4d97/4bfc/b965/94df8d06f585/thumb/	3 KB 4 KB	517ms 493ms	Image image/jpeg	2600:9000:2156:f200:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/782/bcce6/4d97/4bfc/b965/94df8d06f585/thumb/12895.jpg Requested by Host: ask.fm URL: https://ask.fm/banjostove4487 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:f200:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 65565dbfbf8bd28fd88f57ed1fab7c358c18529b60671d7141d997698ff53254 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 09:38:02 GMT via 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront) last-modified Sat, 13 Apr 2019 23:57:52 GMT server AmazonS3 x-edge-origin-shield-skipped 0 etag "0b67105a025252bfc40e45cd5dcfe4d1" x-cache Miss from cloudfront x-amz-version-id r8f_2Dqu8eHZIkRukKDhs0ppBCB78qDG x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type image/jpeg content-length 3398 x-amz-cf-id BM78wIDJbm3G74Qc8Jr8Xi6WOlnfc_lmvjU18rqoKMwc38ssbcn5dA==
GET H2	200	34867.jpg d16vsmxl4d5tw1.cloudfront.net/258/79670/cd72/439b/a45f/70f391601a6e/thumb/	663 B 1 KB	503ms 480ms	Image image/jpeg	2600:9000:2156:f200:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/258/79670/cd72/439b/a45f/70f391601a6e/thumb/34867.jpg Requested by Host: ask.fm URL: https://ask.fm/banjostove4487 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:f200:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 6c823d19d1733abc87b6fa5d6d838d0364e7d342da333f6bd71b7ecfa1b45017 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 09:38:02 GMT via 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront) last-modified Sat, 09 Jun 2018 10:58:38 GMT server AmazonS3 x-edge-origin-shield-skipped 0 etag "640465af08dfac1f7c9420750be53de6" x-cache Miss from cloudfront x-amz-version-id BuF_UmLl37x56mUY.SFYJL_M_sBkEDZs x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type image/jpeg content-length 663 x-amz-cf-id o1l7v72DHxsxK4cPAb-44_ExScGmpQyQ6QnPqtIOf3jn0VGRCtHr_Q==
GET H2	200	13438.png d16vsmxl4d5tw1.cloudfront.net/72e/8624b/d6bf/415c/a6ca/78d9850d5622/thumb/	17 KB 17 KB	42ms 18ms	Image image/png	2600:9000:2156:f200:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/72e/8624b/d6bf/415c/a6ca/78d9850d5622/thumb/13438.png Requested by Host: ask.fm URL: https://ask.fm/banjostove4487 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:f200:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b78879b00f30061bbba5a31547ab7d41aa18aaea30768fbf7b0d9a83b28924fc Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 07:52:26 GMT via 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront) last-modified Fri, 21 Jun 2019 11:40:59 GMT server AmazonS3 age 6335 etag "0f6adb64a6154a55c4daa55113286282" x-edge-origin-shield-skipped 0 x-amz-version-id cbhILBDSUQAPzCn_fcaSZ7Jmx1dIiUut x-amz-storage-class REDUCED_REDUNDANCY x-cache Hit from cloudfront x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type image/png content-length 17047 x-amz-cf-id GkIws51Jvx0M9yz6OJnmQYJqgnuMDr89pRkDQHV20YlQu0sNS4XavQ==
GET H2	200	63837.jpg d16vsmxl4d5tw1.cloudfront.net/8e8/56ad6/2ef2/4b4b/8c96/63086622c14a/thumb/	3 KB 3 KB	48ms 24ms	Image image/jpeg	2600:9000:2156:f200:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/8e8/56ad6/2ef2/4b4b/8c96/63086622c14a/thumb/63837.jpg Requested by Host: ask.fm URL: https://ask.fm/banjostove4487 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:f200:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7599d9f1ec2be6604c491c0b738fe91aff04d90f8e5e51c57ba049625720acef Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 09:31:04 GMT via 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront) last-modified Sat, 26 Jan 2019 18:03:46 GMT server AmazonS3 age 417 etag "fe968ca564bd0c8c26d600b755640ecd" x-edge-origin-shield-skipped 0 x-amz-version-id Ct1Rhyv9hLrkIU17EHg6FQMAW7yVmaTe x-amz-storage-class REDUCED_REDUNDANCY x-cache Hit from cloudfront x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type image/jpeg content-length 2696 x-amz-cf-id NOS4S8kacDMBesrPHrtONei9gQoxaB50o2kV96OAGCcDsGP8vS1V3Q==
GET H2	200	47646.jpg d16vsmxl4d5tw1.cloudfront.net/88f/f0bbe/f1c0/42ac/8911/620f9a013787/thumb/	2 KB 3 KB	37ms 14ms	Image image/jpeg	2600:9000:2156:f200:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/88f/f0bbe/f1c0/42ac/8911/620f9a013787/thumb/47646.jpg Requested by Host: ask.fm URL: https://ask.fm/banjostove4487 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:f200:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d4e6153e35ba057dce5561e5bf8afe2b55321121d057600918d3b6d561ce6e68 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id _gLPAABFW4PbHwGDKA_8L5_Jl.zUweFV via 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront) last-modified Tue, 29 Oct 2019 07:16:23 GMT server AmazonS3 age 2074 etag "7d83e7b9bc803b1bac86ed1b7d369a40" x-edge-origin-shield-skipped 0 content-type image/jpeg x-amz-storage-class REDUCED_REDUNDANCY date Tue, 28 Sep 2021 09:03:27 GMT x-cache Hit from cloudfront x-amz-cf-pop FRA50-C1 accept-ranges bytes content-length 2464 x-amz-cf-id 41ddCROeE_Y1VaTJzkvXyb7mSsQzY0gGQiQ-gkziKCpx29O6pjKRrg==
GET H2	200	102763.jpg dbq8hrmshvuto.cloudfront.net/d00/436ba/d2e8/4c03/814a/6c3c2359f6b7/thumb/	3 KB 3 KB	56ms 17ms	Image image/jpeg	2600:9000:2156:5800:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/d00/436ba/d2e8/4c03/814a/6c3c2359f6b7/thumb/102763.jpg Requested by Host: ask.fm URL: https://ask.fm/banjostove4487 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:5800:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 38a9ba2c87f1f91faa84b25c4fb4eeb4af06f1a7253833378e9ea30e273de291 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 07:52:26 GMT via 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront) last-modified Thu, 02 Jul 2020 22:15:55 GMT server AmazonS3 age 6335 etag "0ee532589b4d23ed4d17861baa9bd6e3" x-edge-origin-shield-skipped 0 x-amz-version-id LcGGVV9vbuO.tr1g8P_rwmqqGx72FobG x-amz-storage-class REDUCED_REDUNDANCY x-cache Hit from cloudfront x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type image/jpeg content-length 3075 x-amz-cf-id P_4JleB685HgbXvGZA4oiFFqMbGsR6goEhVRhzqWotKbweR5enCyYw==
GET H2	200	46973.jpg dbq8hrmshvuto.cloudfront.net/feb/6081a/2438/4bfd/b09c/8cdfddd06e4d/thumb/	5 KB 5 KB	35ms 16ms	Image image/jpeg	2600:9000:2156:5800:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/feb/6081a/2438/4bfd/b09c/8cdfddd06e4d/thumb/46973.jpg Requested by Host: ask.fm URL: https://ask.fm/banjostove4487 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:5800:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 2e175be6c86a9de05cbe963305ad7275e3327f37a138bcb5c1859870328caaff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 07:52:26 GMT via 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront) last-modified Fri, 24 Jan 2020 23:16:59 GMT server AmazonS3 age 6335 etag "b1a6862e3370cb010b355be68c3f1d7c" x-edge-origin-shield-skipped 0 x-amz-version-id q66GLaZJMn2E4Zyfr9UkS2M5e6iCLCel x-amz-storage-class REDUCED_REDUNDANCY x-cache Hit from cloudfront x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type image/jpeg content-length 4722 x-amz-cf-id cGk5EaCpGFRCUMGaXPx9EsDNbt9ClUrZPkYKPEigZKScsvZXNl7rkw==
GET H2	200	72639.jpg dbq8hrmshvuto.cloudfront.net/d5a/1d4e2/b3ce/4202/8010/90cd64efdf26/thumb/	4 KB 4 KB	30ms 10ms	Image image/jpeg	2600:9000:2156:5800:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/d5a/1d4e2/b3ce/4202/8010/90cd64efdf26/thumb/72639.jpg Requested by Host: ask.fm URL: https://ask.fm/banjostove4487 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:5800:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 61c66404b61e61f7eedfa2333e82c6e56cc0de0b22fe2f7477dfea7f408d4385 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 08:49:30 GMT via 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront) last-modified Fri, 21 Feb 2020 15:42:17 GMT server AmazonS3 age 2911 etag "db28d4d48987223a1fce39593f7456c0" x-edge-origin-shield-skipped 0 x-amz-version-id Zl.t9k5RQyhiYpoy3rSyQv50Ozkbmbq4 x-amz-storage-class REDUCED_REDUNDANCY x-cache Hit from cloudfront x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type image/jpeg content-length 4181 x-amz-cf-id qCzGeY7210atfNu7VpznAvvQqnTCm3lPQUtqxHET-CyEVbUgs8nmPw==
GET H2	200	153612.jpg d16vsmxl4d5tw1.cloudfront.net/012/099ec/96b3/43e6/a4e2/81baeae534bb/thumb/	4 KB 4 KB	23ms 21ms	Image image/jpeg	2600:9000:2156:f200:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/012/099ec/96b3/43e6/a4e2/81baeae534bb/thumb/153612.jpg Requested by Host: ask.fm URL: https://ask.fm/banjostove4487 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:f200:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash cbef4cc9260d7a4a9733c52b5fc79fbed33118ee0d74734d9cc8305912bedaa9 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 09:17:49 GMT via 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront) last-modified Sun, 27 Oct 2019 16:17:34 GMT server AmazonS3 age 1212 etag "a27cb580423969916aff9df01d331f58" x-edge-origin-shield-skipped 0 x-amz-version-id hnO1j.LIoi3Q.HfdUVMrHKuzawZIXfJn x-amz-storage-class REDUCED_REDUNDANCY x-cache Hit from cloudfront x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type image/jpeg content-length 3645 x-amz-cf-id d34JT_Td3OQbTMGkjffHa01Xy26Di4zsxUxYF0DUmhY388q-C8ENkw==
GET H2	200	12349.jpg d16vsmxl4d5tw1.cloudfront.net/132/fde30/7226/48de/bcca/61ff766c174e/thumb/	3 KB 3 KB	13ms 11ms	Image image/jpeg	2600:9000:2156:f200:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/132/fde30/7226/48de/bcca/61ff766c174e/thumb/12349.jpg Requested by Host: ask.fm URL: https://ask.fm/banjostove4487 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:f200:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash baa019700dc756c48b304f476a577ad942d90fa4dcd8685aceb11d9b58afdb24 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 03:14:11 GMT via 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront) last-modified Fri, 27 Dec 2019 12:57:27 GMT server AmazonS3 age 23030 etag "7b9e0ead6cccc7c6b584e5e922ec358f" x-edge-origin-shield-skipped 0 x-amz-version-id f5o1sEaAMbxitWxdVuutjVb2o_zX_ojW x-amz-storage-class REDUCED_REDUNDANCY x-cache Hit from cloudfront x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type image/jpeg content-length 2705 x-amz-cf-id nIAJc6Gc7P0Xdgw1vOgUlHjgO6UifSKcvi7FuC2SagbqeQk8J3zUbA==
GET H2	200	191552.jpg dbq8hrmshvuto.cloudfront.net/517/e8f21/4de3/40f2/a33a/ecbecfb6bfb2/thumb/	2 KB 2 KB	30ms 11ms	Image image/jpeg	2600:9000:2156:5800:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/517/e8f21/4de3/40f2/a33a/ecbecfb6bfb2/thumb/191552.jpg Requested by Host: ask.fm URL: https://ask.fm/banjostove4487 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:5800:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 317934c65e6dba661d7d467f660234121fff581553d54de286b888d46fbf4724 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 08:54:19 GMT via 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront) last-modified Fri, 06 Mar 2020 06:09:32 GMT server AmazonS3 age 2621 etag "9b80362961e03681eba0c0e6b2f541fa" x-edge-origin-shield-skipped 0 x-amz-version-id xt1hmBG5eKtzzn4xInbLm1Y8oVgFUNaz x-amz-storage-class REDUCED_REDUNDANCY x-cache Hit from cloudfront x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type image/jpeg content-length 2128 x-amz-cf-id 8wN6aXDz1RZnl5No-kZ89Zh_rfF6MuLmgHQSJ9tNaO8J1jMnDfcUOg==
GET H2	200	578.png d16vsmxl4d5tw1.cloudfront.net/be1/2b654/4228/4d88/87d5/7815d9956802/thumb/	16 KB 17 KB	29ms 26ms	Image image/png	2600:9000:2156:f200:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/be1/2b654/4228/4d88/87d5/7815d9956802/thumb/578.png Requested by Host: ask.fm URL: https://ask.fm/banjostove4487 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:f200:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 892793ec49b0e0db91d41c6e50fdaa1fa52a2110c29213fe9468c02845fdca32 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 07:52:48 GMT via 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront) last-modified Sun, 20 Oct 2019 07:50:53 GMT server AmazonS3 age 6313 etag "5abfe827abf22a5e433e686a4eebd001" x-edge-origin-shield-skipped 0 x-amz-version-id z.Jb0q3M48UNjPmESrRiRqaeOOfFjpC6 x-amz-storage-class REDUCED_REDUNDANCY x-cache Hit from cloudfront x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type image/png content-length 16692 x-amz-cf-id D7DVW9PCQXC3pi7w--B4qAlsdBHmyeJk6TQsCdwEGaKm0Qg2ZDox8g==
GET H2	200	77834.jpg d16vsmxl4d5tw1.cloudfront.net/94f/e8a59/bb53/4849/aab1/2005d34e3d71/thumb/	2 KB 2 KB	17ms 14ms	Image image/jpeg	2600:9000:2156:f200:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/94f/e8a59/bb53/4849/aab1/2005d34e3d71/thumb/77834.jpg Requested by Host: ask.fm URL: https://ask.fm/banjostove4487 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:f200:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 351291e89afecbf574986f9693f4474800ba4fde93b08aa65667b3ba06e42a5c Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 09:17:49 GMT via 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront) last-modified Sat, 27 Apr 2019 19:44:57 GMT server AmazonS3 age 1212 etag "f753138a59e06e596e2025c0ca6da7a7" x-edge-origin-shield-skipped 0 x-amz-version-id VFDcMH.OBs6DycHbgBa3Kp4HtTox0H5e x-amz-storage-class REDUCED_REDUNDANCY x-cache Hit from cloudfront x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type image/jpeg content-length 1771 x-amz-cf-id EoNMe-D0_rhWOgE0zZ18_OZbpkTIJ-Q5Pr0Zj3zQ4ODwL6XWKltdNg==
GET H2	200	138864.jpg dbq8hrmshvuto.cloudfront.net/0cd/d795a/d7be/428d/8239/f805b91dd031/thumb/	3 KB 3 KB	32ms 12ms	Image image/jpeg	2600:9000:2156:5800:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/0cd/d795a/d7be/428d/8239/f805b91dd031/thumb/138864.jpg Requested by Host: ask.fm URL: https://ask.fm/banjostove4487 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:5800:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8063360ad97cf3a3c984c7e1b8a812ac56354c523c247aa4dc877f32cb89e558 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 09:17:49 GMT via 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront) last-modified Wed, 25 Mar 2020 15:56:59 GMT server AmazonS3 age 1212 etag "ca0cf88c459c11e9b8749bfd06fc47ef" x-edge-origin-shield-skipped 0 x-amz-version-id neBWNt7aBFws4TRo5HwWLzesyrw5taJv x-amz-storage-class REDUCED_REDUNDANCY x-cache Hit from cloudfront x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type image/jpeg content-length 2863 x-amz-cf-id 7N63yjbd8d5XligBTBqFhwUsJc2iVqMguJHPFk_ynF-dQ2ji8LnxBw==
GET H2	200	104479.jpg d16vsmxl4d5tw1.cloudfront.net/697/dd5f0/a719/4ae1/9b09/a83bdc66b70f/thumb/	505 B 931 B	22ms 19ms	Image image/jpeg	2600:9000:2156:f200:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/697/dd5f0/a719/4ae1/9b09/a83bdc66b70f/thumb/104479.jpg Requested by Host: ask.fm URL: https://ask.fm/banjostove4487 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:f200:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 6eaa10f13d4f8d26ecc809aabb9d49592617f72feca35f7c5395036904a07d73 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 02:04:33 GMT via 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront) last-modified Mon, 17 Jun 2019 14:55:57 GMT server AmazonS3 age 27208 etag "9f48a371f2775d3a2306a5b94a36ae39" x-edge-origin-shield-skipped 0 x-amz-version-id 5c0AYI0vUHF9zh4F_OxcGZpASNX9EE5u x-amz-storage-class REDUCED_REDUNDANCY x-cache Hit from cloudfront x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type image/jpeg content-length 505 x-amz-cf-id 6CjpPBqTszDZPD-B7d0XR9mrNxL5NnkQpUJSFSv68Qqa5Dykn8I4Sg==
GET H2	200	9116.jpg d16vsmxl4d5tw1.cloudfront.net/472/c0b2c/d8ad/40f6/8820/85ad63a6a3f6/thumb/	4 KB 5 KB	14ms 10ms	Image image/jpeg	2600:9000:2156:f200:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/472/c0b2c/d8ad/40f6/8820/85ad63a6a3f6/thumb/9116.jpg Requested by Host: ask.fm URL: https://ask.fm/banjostove4487 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:f200:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8f614d049ba482f9099708f37fc111451df136b91d814cca6fe0a8cd18283aed Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 00:36:21 GMT via 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront) last-modified Fri, 30 Aug 2019 03:14:44 GMT server AmazonS3 age 32500 etag "36c9e83a085bbe8a11b51460ea605ee8" x-edge-origin-shield-skipped 0 x-amz-version-id CEHyLtr2Cle7YABilP82IRSR_QnwpAoy x-amz-storage-class REDUCED_REDUNDANCY x-cache Hit from cloudfront x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type image/jpeg content-length 4272 x-amz-cf-id 42i__SX63Nd5InJzeh9hma_PwfPliScz1Ag2ERdWeMmhSQ4iZ7hRpw==
GET H2	200	3170.jpg dbq8hrmshvuto.cloudfront.net/b3b/58245/2095/485c/99c6/4fbbcc61649d/thumb/	2 KB 3 KB	32ms 12ms	Image image/jpeg	2600:9000:2156:5800:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/b3b/58245/2095/485c/99c6/4fbbcc61649d/thumb/3170.jpg Requested by Host: ask.fm URL: https://ask.fm/banjostove4487 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:5800:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 6bd25a142a59c6c7a269cc05d6c17f5bfa0882adad784be0305d61e767352517 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 09:17:49 GMT via 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront) last-modified Wed, 11 Mar 2020 22:33:31 GMT server AmazonS3 age 1212 etag "6f5aeb0a2890f72328c692009e3c242c" x-edge-origin-shield-skipped 0 x-amz-version-id giLou4qYZVnQWpdupVYS6P3Oh9agPheL x-amz-storage-class REDUCED_REDUNDANCY x-cache Hit from cloudfront x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type image/jpeg content-length 2224 x-amz-cf-id _O_gaPy3yddfy6WuWzT55AXOLaoY4KOICJmsNrxFEXEClOywyb4Fgg==
GET H2	200	35867.jpg d16vsmxl4d5tw1.cloudfront.net/758/38c19/21f8/4f79/a8ae/43843646e901/thumb/	2 KB 3 KB	24ms 21ms	Image image/jpeg	2600:9000:2156:f200:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/758/38c19/21f8/4f79/a8ae/43843646e901/thumb/35867.jpg Requested by Host: ask.fm URL: https://ask.fm/banjostove4487 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:f200:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 43fa7ff19170d93f207f8a3c6aea0932d7d64eecf065aad41d058dbb8802c6d0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 07:38:53 GMT via 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront) last-modified Tue, 25 Jun 2019 04:32:47 GMT server AmazonS3 age 7148 etag "4b0e9b9cac0c72bc91a2d16bcacdf9d2" x-edge-origin-shield-skipped 0 x-amz-version-id MlBbP8bTHBNcCTAAdtmBmKnfaKrFO_sx x-amz-storage-class REDUCED_REDUNDANCY x-cache Hit from cloudfront x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type image/jpeg content-length 2343 x-amz-cf-id G-RXpQa9Io3w7vFljrd48mNImKEdEyrN98Pku4LdrczVpIsBDsAoEg==
GET H2	200	4240.jpg d16vsmxl4d5tw1.cloudfront.net/038/72745/02d2/42bc/9280/caf7515b9b18/thumb/	1 KB 2 KB	14ms 11ms	Image image/jpeg	2600:9000:2156:f200:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/038/72745/02d2/42bc/9280/caf7515b9b18/thumb/4240.jpg Requested by Host: ask.fm URL: https://ask.fm/banjostove4487 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:f200:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 73477d93bfad3363cd217b0d967a59f0a63b507ec730eff572f383bacc1cb04e Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 05:02:51 GMT via 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront) last-modified Sat, 07 Dec 2019 19:09:19 GMT server AmazonS3 age 16510 etag "2a28dfd85cda4b422d2975d64ba83fd1" x-edge-origin-shield-skipped 0 x-amz-version-id MpDU9CRZImuLXXy7Ri3mzyVvqs4hdgkI x-amz-storage-class REDUCED_REDUNDANCY x-cache Hit from cloudfront x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type image/jpeg content-length 1161 x-amz-cf-id dJwl-6MXNM17YnarAElOdyUk1fcg46xyBL6rCDobKArLsvGn3KOZJA==
GET H2	200	142569.jpg d16vsmxl4d5tw1.cloudfront.net/ea8/9021f/bc00/4a89/ba27/5a5e8eaa2526/thumb/	550 B 973 B	21ms 19ms	Image image/jpeg	2600:9000:2156:f200:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/ea8/9021f/bc00/4a89/ba27/5a5e8eaa2526/thumb/142569.jpg Requested by Host: ask.fm URL: https://ask.fm/banjostove4487 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:f200:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash afd4028d665cbe0af552f27007066ab922565ad6b1c9316d02f9d5bd03c11174 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 09:31:04 GMT via 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront) last-modified Thu, 03 May 2018 18:57:31 GMT server AmazonS3 age 417 etag "09049a070d2eba8198db5caf24188641" x-edge-origin-shield-skipped 0 x-amz-version-id Xk7WrOgxF014TPJ2WE3c2jaC06tUFfD8 x-amz-storage-class REDUCED_REDUNDANCY x-cache Hit from cloudfront x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type image/jpeg content-length 550 x-amz-cf-id ufn-TUdXAy75mo4IL5vYfKfFJvm_6q2CWbDZi162wbj7yUhW27FRvg==
GET H2	200	598312.jpg d16vsmxl4d5tw1.cloudfront.net/bf7/8b097/3a8a/4364/bddd/85737d43d247/thumb/	3 KB 4 KB	19ms 16ms	Image image/jpeg	2600:9000:2156:f200:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/bf7/8b097/3a8a/4364/bddd/85737d43d247/thumb/598312.jpg Requested by Host: ask.fm URL: https://ask.fm/banjostove4487 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:f200:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 618333d2a0883d9bb9ee1599cd65029eaadad73a776253b8ac4169524a0fb13d Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 07:48:21 GMT via 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront) last-modified Sat, 03 Nov 2018 00:22:46 GMT server AmazonS3 age 6580 etag "683861e5650888a551df017f49f35b59" x-edge-origin-shield-skipped 0 x-amz-version-id t03YoNDGzKtrn1PgvO_PjxlGvlRzjl6j x-amz-storage-class REDUCED_REDUNDANCY x-cache Hit from cloudfront x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type image/jpeg content-length 3548 x-amz-cf-id d5ldMRqgWjtQmWgZLtPacQsgirtgcaFEVxiV5oVNrJ3k_1Adpd9ucQ==
GET H2	200	467343.jpg dbq8hrmshvuto.cloudfront.net/9ac/7fd45/f81f/4c5a/a1d9/c40bc7c3ca6f/thumb/	4 KB 4 KB	31ms 12ms	Image image/jpeg	2600:9000:2156:5800:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/9ac/7fd45/f81f/4c5a/a1d9/c40bc7c3ca6f/thumb/467343.jpg Requested by Host: ask.fm URL: https://ask.fm/banjostove4487 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:5800:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 39a0d40f26c11a5101b0ddca7e6cd19a217dfd5a5b9d863922b21e9f6b6ccc48 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 00:18:30 GMT via 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront) last-modified Wed, 09 Sep 2020 19:51:18 GMT server AmazonS3 age 33571 etag "10c8d68816a0def73ac5e323fd48e013" x-edge-origin-shield-skipped 0 x-amz-version-id uiwc4Pp3wyYlzRXPH.P_yHEyH996Cy9U x-amz-storage-class REDUCED_REDUNDANCY x-cache Hit from cloudfront x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type image/jpeg content-length 3926 x-amz-cf-id 0V9tMfbHGQxRp9CBkQKwBUo4XIKW8yDLQMYrXDqhDUu1Uopz3IRJmw==
GET H2	200	24683.jpg dbq8hrmshvuto.cloudfront.net/26c/e5761/e47a/43a6/939e/755d84789cb4/thumb/	4 KB 5 KB	36ms 18ms	Image image/jpeg	2600:9000:2156:5800:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/26c/e5761/e47a/43a6/939e/755d84789cb4/thumb/24683.jpg Requested by Host: ask.fm URL: https://ask.fm/banjostove4487 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:5800:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d422b7b652bc93e13863832cbdd4af59e249f6c1cc9062885e211862088f4d6a Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 09:32:42 GMT via 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront) last-modified Tue, 17 Mar 2020 06:59:38 GMT server AmazonS3 age 319 etag "4cf1b408cdfcb3602cf9f6111561a756" x-edge-origin-shield-skipped 0 x-amz-version-id 8NLO9rH14DFt3gG2RvdET3bFm8NmBmLQ x-amz-storage-class REDUCED_REDUNDANCY x-cache Hit from cloudfront x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type image/jpeg content-length 4448 x-amz-cf-id C9lmC1i0O7pkmUawI3YeG2u5m73a8QlP6MXrKdoxgwCruvS-hVm6kQ==
GET H2	200	109164.jpg dbq8hrmshvuto.cloudfront.net/025/a10f0/2999/45e9/a076/0615b8635649/thumb/	5 KB 5 KB	36ms 16ms	Image image/jpeg	2600:9000:2156:5800:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/025/a10f0/2999/45e9/a076/0615b8635649/thumb/109164.jpg Requested by Host: ask.fm URL: https://ask.fm/banjostove4487 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:5800:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c0fbb5cd9e0c965ec7201b96c4d6a3c179ab043b30424f6c88edd286fea7a56b Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 07:38:53 GMT via 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront) last-modified Sun, 26 Jan 2020 19:09:49 GMT server AmazonS3 age 7148 etag "a504deb68f3eade1c89af4550112bafa" x-edge-origin-shield-skipped 0 x-amz-version-id d7.J8_Nw09ism2T_6QtCCHYOyfGTceXE x-amz-storage-class REDUCED_REDUNDANCY x-cache Hit from cloudfront x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type image/jpeg content-length 4788 x-amz-cf-id FhM1t5VUv_-vlEnAoe6xNmOGvjxCqCfpBj9B7sRWgYivgb8R6PuVTA==
GET H2	200	skeleton.gif static.adsafeprotected.com/	43 B 482 B	75ms 10ms	Image image/gif	2600:9000:2156:7000:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.adsafeprotected.com/skeleton.gif Requested by Host: ask.fm URL: https://ask.fm/banjostove4487 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:7000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 06 Aug 2021 16:14:35 GMT via 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront) age 4555406 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 43 last-modified Mon, 17 Aug 2020 23:55:15 GMT server AmazonS3 etag "45cf913e5d9d3c9b2058033056d3dd23" x-amz-version-id iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja cache-control max-age=315360000 x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type image/gif x-amz-cf-id qfUikXv8huIhKpg9vl4VVoLpegnfIckb9NxtEMB-DaYxD7Ks8JtQZg==
GET H2	400	sync_cookie_image_decide mc.yandex.com/ Redirect Chain https://mc.yandex.com/sync_cookie_image_check https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9410.iNnyc-I-kZaxUtvPWg57YW1uFL75om0SzJzbgPrSgAVisI8MmFgMasXISP9GjQPZ.z7HdkNH8paRTksRKhhm0XUjhUNQ%2C https://mc.yandex.com/sync_cookie_image_decide?token=9410.WsfpYi_SM7CKtloduV9P27vLILOv2IDfvco4L8spkbxtA_l2fVtW0zXtuONKPl9qjSZqgSm1Mrcyl5vYlUjbeg%2C%2C.icVxkABfJ9Ke8960KxyruX_C-HE%2C	75 B 75 B	41ms 40ms	Image text/html	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/sync_cookie_image_decide?token=9410.WsfpYi_SM7CKtloduV9P27vLILOv2IDfvco4L8spkbxtA_l2fVtW0zXtuONKPl9qjSZqgSm1Mrcyl5vYlUjbeg%2C%2C.icVxkABfJ9Ke8960KxyruX_C-HE%2C Requested by Host: ask.fm URL: https://ask.fm/banjostove4487 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 09:38:01 GMT strict-transport-security max-age=31536000 content-length 75 x-xss-protection 1; mode=block content-type text/html; charset=utf-8 Redirect headers location https://mc.yandex.com/sync_cookie_image_decide?token=9410.WsfpYi_SM7CKtloduV9P27vLILOv2IDfvco4L8spkbxtA_l2fVtW0zXtuONKPl9qjSZqgSm1Mrcyl5vYlUjbeg%2C%2C.icVxkABfJ9Ke8960KxyruX_C-HE%2C date Tue, 28 Sep 2021 09:38:01 GMT strict-transport-security max-age=31536000 x-xss-protection 1; mode=block
GET H2	200	advert.gif mc.yandex.com/metrika/	43 B 112 B	40ms 40ms	Image image/gif	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/metrika/advert.gif Requested by Host: ask.fm URL: https://ask.fm/banjostove4487 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 09:38:00 GMT last-modified Sat, 25 Sep 2021 10:27:39 GMT etag "614ecf6b-2b" strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes content-length 43 expires Tue, 28 Sep 2021 10:38:00 GMT
GET H2	200	formats.js Show response ad.lkqd.net/vpaid/ Frame 8E95	118 KB 35 KB	60ms 11ms	Script application/javascript	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://ad.lkqd.net/vpaid/formats.js Requested by Host: ask.fm URL: https://ask.fm/banjostove4487 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software / Resource Hash 7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 09:38:01 GMT content-encoding gzip last-modified Fri, 11 Dec 2020 00:09:23 GMT etag "286704660baa2c113268f28385080796" x-hw 1632821881.cds003.fr8.hn,1632821881.cds289.fr8.c content-type application/javascript access-control-allow-origin * cache-control public, max-age=1209600 accept-ranges bytes content-length 35765
GET H2	200	formats.js Show response ad.lkqd.net/vpaid/ Frame 8028	118 KB 35 KB	59ms 19ms	Script application/javascript	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://ad.lkqd.net/vpaid/formats.js Requested by Host: ask.fm URL: https://ask.fm/banjostove4487 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software / Resource Hash 7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 09:38:01 GMT content-encoding gzip last-modified Fri, 11 Dec 2020 00:09:23 GMT etag "286704660baa2c113268f28385080796" x-hw 1632821881.cds003.fr8.hn,1632821881.cds289.fr8.c content-type application/javascript access-control-allow-origin * cache-control public, max-age=1209600 accept-ranges bytes content-length 35765
GET H2	200	cookie Show response a.vidoomy.com/api/rtbserver/ Frame 6016 Redirect Chain https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent	43 B 290 B	53ms 8ms	Document image/gif	3.123.90.134 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent Requested by Host: ask.fm URL: https://ask.fm/banjostove4487 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.123.90.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-123-90-134.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers :method GET :authority a.vidoomy.com :scheme https :path /api/rtbserver/cookie?i=CEN&uid=no-consent pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ask.fm/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ Response headers date Tue, 28 Sep 2021 09:38:01 GMT content-type image/gif content-length 43 content-encoding none set-cookie vidoomy-uids=eyJ1aWRzIjp7IkNFTiI6eyJ1aWQiOiJuby1jb25zZW50IiwiZXhwaXJlcyI6MTYzNTQxMzg4MX19fQ==; Path=/; Domain=vidoomy.com; Expires=Wed, 28 Sep 2022 09:38:01 GMT; Secure; SameSite=None vary Origin Redirect headers cache-control max-age=0,no-cache,no-store pragma no-cache expires Tue, 11 Oct 1977 12:34:56 GMT p3p CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml" location https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent content-length 0 date Tue, 28 Sep 2021 09:38:00 GMT server AC1.1
GET H2	200	cookie a.vidoomy.com/api/rtbserver/ Redirect Chain https://x.bidswitch.net/sync?ssp=vidoomy&user_id=275956735.936474741745946401.7206281 https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=275956735.936474741745946401.7206281 https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=vidoomy&bsw_custom_parameter=eaf838cb-191e-48d1-80f3-724d848c4912 https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=vidoomy&bsw_custom_parameter=eaf838cb-191e-48d1-80f3-724d848c4912 https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=e02151d9-1f21-458e-99ef-1d631633f5c3&user_group=1&ssp=vidoomy&bsw_param=eaf838cb-191e-48d1-80f3-724d848c4912 https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=eaf838cb-191e-48d1-80f3-724d848c4912	43 B 368 B	8ms 8ms	Image image/gif	3.123.90.134 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=eaf838cb-191e-48d1-80f3-724d848c4912 Requested by Host: ask.fm URL: https://ask.fm/banjostove4487 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.123.90.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-123-90-134.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 09:38:01 GMT content-encoding none content-length 43 vary Origin content-type image/gif Redirect headers location //a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=eaf838cb-191e-48d1-80f3-724d848c4912 date Tue, 28 Sep 2021 09:38:01 GMT cache-control no-cache, no-store, must-revalidate content-length 0
GET H2	200	cookie a.vidoomy.com/api/rtbserver/ Redirect Chain https://sync.1rx.io/usersync2/vidoomy?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3D%5BRX_UUID%5D https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1707586293 https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1707586293 https://sync.1rx.io/usersync/tradedesk/2fd51d7a-96e8-4dab-aed2-31c2d78e64f8 https://sync.targeting.unrulymedia.com/csync/RX-263a6e0e-0a97-45ca-9bfb-5b72e0b1a67d-003?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3DRX-263a6e0e-0a97-45ca-9bfb-5b7... https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=RX-263a6e0e-0a97-45ca-9bfb-5b72e0b1a67d-003	43 B 457 B	10ms 9ms	Image image/gif	3.123.90.134 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=RX-263a6e0e-0a97-45ca-9bfb-5b72e0b1a67d-003 Requested by Host: ask.fm URL: https://ask.fm/banjostove4487 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.123.90.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-123-90-134.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 09:38:01 GMT content-encoding none content-length 43 vary Origin content-type image/gif Redirect headers location https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=RX-263a6e0e-0a97-45ca-9bfb-5b72e0b1a67d-003 date Tue, 28 Sep 2021 09:38:01 GMT server Tengine p3p CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why" etag RX263a6e0e0a9745ca9bfb5b72e0b1a67d003 content-type text/html
GET H/1.1	200 OK	auto-user-sync ads.stickyadstv.com/	43 B 599 B	168ms 30ms	Image image/gif	2.18.234.233 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ads.stickyadstv.com/auto-user-sync Requested by Host: ask.fm URL: https://ask.fm/banjostove4487 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-233.deploy.static.akamaitechnologies.com Software nginx / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 28 Sep 2021 09:38:01 GMT Server nginx Content-Type image/gif Access-Control-Allow-Origin * Cache-Control max-age=0, no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Content-Length 43 x-sticky-vk 1632821881213032-371 Expires Tue, 28 Sep 2021 09:38:01 GMT
GET H2	200	1 Show response mc.yandex.com/watch/48953915/ Redirect Chain https://mc.yandex.com/watch/48953915?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fbanjostove4487&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A669%3Afu%3A0%3Aen%3Autf-8%... https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fbanjostove4487&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A669%3Afu%3A0%3Aen%3Autf-...	383 B 465 B	41ms 41ms	XHR application/json	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fbanjostove4487&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A669%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A1170688306932%3Ahid%3A961285531%3Az%3A0%3Ai%3A20210928093800%3Aet%3A1632821881%3Ac%3A1%3Arn%3A283380361%3Arqn%3A1%3Au%3A1632821881983656102%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1632821880107%3Ads%3A28%2C333%2C164%2C103%2C0%2C0%2C%2C136%2C6%2C%2C%2C%2C665%3Adsn%3A28%2C333%2C164%2C103%2C0%2C0%2C%2C36%2C6%2C%2C%2C%2C665%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1632821881%3At%3AAccount%20Suspended%20-%20Ask.fm Requested by Host: ask.fm URL: https://ask.fm/banjostove4487 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash a5f484ae12479f44d800b1b470c17d16487df3d960811f5e65be2fc4940f4beb Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 28 Sep 2021 09:38:01 GMT x-content-type-options nosniff last-modified Tue, 28-Sep-2021 09:38:01 GMT strict-transport-security max-age=31536000 content-type application/json; charset=utf-8 access-control-allow-origin https://ask.fm cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 383 x-xss-protection 1; mode=block expires Tue, 28-Sep-2021 09:38:01 GMT Redirect headers pragma no-cache date Tue, 28 Sep 2021 09:38:01 GMT last-modified Tue, 28-Sep-2021 09:38:01 GMT location /watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fbanjostove4487&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A669%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A1170688306932%3Ahid%3A961285531%3Az%3A0%3Ai%3A20210928093800%3Aet%3A1632821881%3Ac%3A1%3Arn%3A283380361%3Arqn%3A1%3Au%3A1632821881983656102%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1632821880107%3Ads%3A28%2C333%2C164%2C103%2C0%2C0%2C%2C136%2C6%2C%2C%2C%2C665%3Adsn%3A28%2C333%2C164%2C103%2C0%2C0%2C%2C36%2C6%2C%2C%2C%2C665%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1632821881%3At%3AAccount%20Suspended%20-%20Ask.fm strict-transport-security max-age=31536000 access-control-allow-origin https://ask.fm cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block expires Tue, 28-Sep-2021 09:38:01 GMT
GET H2	200	usync.html Show response ad.lkqd.net/cookie-sync/ Frame C625	4 KB 2 KB	14ms 14ms	Document text/html	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://ad.lkqd.net/cookie-sync/usync.html Requested by Host: ad.lkqd.net URL: https://ad.lkqd.net/vpaid/formats.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software / Resource Hash 6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3 Request headers :method GET :authority ad.lkqd.net :scheme https :path /cookie-sync/usync.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Tue, 28 Sep 2021 09:38:01 GMT content-encoding gzip content-length 1868 content-type text/html last-modified Thu, 29 Jul 2021 21:50:27 GMT accept-ranges bytes etag "81f08e6987a7c8675462207e3514d72e" cache-control public, max-age=1209600 x-hw 1632821881.cds003.fr8.hn,1632821881.cds226.fr8.c access-control-allow-origin *
GET H2	200	ad Show response v.lkqd.net/ Frame 8E95	2 KB 2 KB	349ms 99ms	XHR application/xml	146.20.132.101 RACKSPACE
General Check archive.org Show headers Download Go to Full URL https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fbanjostove4487&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=68348274&m= Requested by Host: ad.lkqd.net URL: https://ad.lkqd.net/vpaid/formats.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.20.132.101 , United States, ASN27357 (RACKSPACE, US), Reverse DNS Software nginx / Resource Hash b312911a09ad7672da53e35afb40f8522daee4039b3544f724ed3d1a2bb04cba Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 09:38:01 GMT content-encoding gzip server nginx content-type application/xml; charset=UTF-8 access-control-allow-origin https://ask.fm cache-control max-age=0, no-cache, no-store access-control-allow-credentials true content-length 1360
GET H2	200	usync.html Show response ad.lkqd.net/cookie-sync/ Frame 26AF	4 KB 2 KB	11ms 10ms	Document text/html	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://ad.lkqd.net/cookie-sync/usync.html Requested by Host: ad.lkqd.net URL: https://ad.lkqd.net/vpaid/formats.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software / Resource Hash 6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3 Request headers :method GET :authority ad.lkqd.net :scheme https :path /cookie-sync/usync.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Tue, 28 Sep 2021 09:38:01 GMT content-encoding gzip content-length 1868 content-type text/html last-modified Thu, 29 Jul 2021 21:50:27 GMT accept-ranges bytes etag "81f08e6987a7c8675462207e3514d72e" cache-control public, max-age=1209600 x-hw 1632821881.cds003.fr8.hn,1632821881.cds226.fr8.c access-control-allow-origin *
GET H2	200	ad Show response v.lkqd.net/ Frame 8028	180 B 349 B	335ms 98ms	XHR application/xml	146.20.132.101 RACKSPACE
General Check archive.org Show headers Download Go to Full URL https://v.lkqd.net/ad?pid=430&sid=1148643&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fbanjostove4487&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=67444307&m= Requested by Host: ad.lkqd.net URL: https://ad.lkqd.net/vpaid/formats.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.20.132.101 , United States, ASN27357 (RACKSPACE, US), Reverse DNS Software nginx / Resource Hash 45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 09:38:01 GMT content-encoding gzip server nginx content-type application/xml; charset=UTF-8 access-control-allow-origin https://ask.fm cache-control max-age=0, no-cache, no-store access-control-allow-credentials true content-length 150
GET		cs cs.lkqd.net/ Frame C625	0 0
GET		cs cs.lkqd.net/ Frame C625	0 0
GET		cs cs.lkqd.net/ Frame C625	0 0
GET		cs cs.lkqd.net/ Frame C625	0 0
GET		cs cs.lkqd.net/ Frame C625 Redirect Chain https://ad.turn.com/r/cs?pid=65 https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3223517043209527669	0 0
GET		cs cs.lkqd.net/ Frame 26AF	0 0
GET		cs cs.lkqd.net/ Frame 26AF	0 0
GET		cs cs.lkqd.net/ Frame 26AF	0 0
GET		cs cs.lkqd.net/ Frame 26AF	0 0
GET		cs cs.lkqd.net/ Frame 26AF Redirect Chain https://ad.turn.com/r/cs?pid=65 https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3295574637247455605	0 0
OPTIONS H2	200	t t.lkqd.net/ Frame	0 0	334ms 97ms	Preflight text/plain	146.20.128.131 RACKSPACE
General Check archive.org Show headers Download Go to Full URL https://t.lkqd.net/t Protocol H2 Server 146.20.128.131 , United States, ASN27357 (RACKSPACE, US), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://ask.fm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers server nginx date Tue, 28 Sep 2021 09:38:01 GMT content-type text/plain; charset=UTF-8 content-length 0 access-control-allow-credentials true access-control-expose-headers Content-Type, Content-Disposition access-control-allow-headers Content-Type access-control-allow-methods GET, OPTIONS, POST cache-control max-age=300 access-control-max-age 300 access-control-allow-origin https://ask.fm
POST		t t.lkqd.net/ Frame BD07	0 0
OPTIONS H2	200	t t.lkqd.net/ Frame	0 0	322ms 96ms	Preflight text/plain	146.20.128.131 RACKSPACE
General Check archive.org Show headers Download Go to Full URL https://t.lkqd.net/t Protocol H2 Server 146.20.128.131 , United States, ASN27357 (RACKSPACE, US), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://ask.fm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers server nginx date Tue, 28 Sep 2021 09:38:01 GMT content-type text/plain; charset=UTF-8 content-length 0 access-control-allow-credentials true access-control-expose-headers Content-Type, Content-Disposition access-control-allow-headers Content-Type access-control-allow-methods GET, OPTIONS, POST cache-control max-age=300 access-control-max-age 300 access-control-allow-origin https://ask.fm
POST H2	200	t Show response t.lkqd.net/ Frame CDDD	0 159 B	291ms 95ms	XHR text/plain	146.20.128.131 RACKSPACE
General Check archive.org Show headers Download Go to Full URL https://t.lkqd.net/t Requested by Host: ad.lkqd.net URL: https://ad.lkqd.net/vpaid/formats.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.20.128.131 , United States, ASN27357 (RACKSPACE, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/json Response headers access-control-allow-origin https://ask.fm date Tue, 28 Sep 2021 09:38:02 GMT cache-control max-age=0, no-cache, no-store access-control-allow-credentials true server nginx content-length 0 content-type text/plain; charset=UTF-8
GET H2	200	vpaid.js Show response ad.lkqd.net/vpaid/ Frame 89A3	230 KB 61 KB	11ms 11ms	Script application/javascript	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0 Requested by Host: ad.lkqd.net URL: https://ad.lkqd.net/vpaid/formats.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software / Resource Hash ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 09:38:01 GMT content-encoding gzip last-modified Mon, 10 May 2021 16:09:54 GMT etag "18431b5d583ab7507824ab63424fc76a" x-hw 1632821881.cds003.fr8.hn,1632821881.cds107.fr8.c content-type application/javascript access-control-allow-origin * cache-control public, max-age=1209600 accept-ranges bytes content-length 62012
GET H2	200	usync.html Show response ad.lkqd.net/cookie-sync/ Frame 3259	4 KB 2 KB	10ms 9ms	Document text/html	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://ad.lkqd.net/cookie-sync/usync.html Requested by Host: ad.lkqd.net URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software / Resource Hash 6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3 Request headers :method GET :authority ad.lkqd.net :scheme https :path /cookie-sync/usync.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Tue, 28 Sep 2021 09:38:01 GMT content-encoding gzip content-length 1868 content-type text/html last-modified Thu, 29 Jul 2021 21:50:27 GMT accept-ranges bytes etag "81f08e6987a7c8675462207e3514d72e" cache-control public, max-age=1209600 x-hw 1632821881.cds003.fr8.hn,1632821881.cds226.fr8.c access-control-allow-origin *
OPTIONS H2	200	ad v.lkqd.net/ Frame	0 0	311ms 116ms	Preflight	146.20.132.101 RACKSPACE
General Check archive.org Show headers Download Go to Full URL https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fbanjostove4487&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=68348274&m=&rtv=1&thost=ask.fm Protocol H2 Server 146.20.132.101 , United States, ASN27357 (RACKSPACE, US), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://ask.fm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers server nginx date Tue, 28 Sep 2021 09:38:01 GMT content-length 0 access-control-allow-origin https://ask.fm access-control-max-age 300 cache-control max-age=300 access-control-allow-methods GET, POST, OPTIONS access-control-allow-headers Content-Type access-control-expose-headers Content-Type, Content-Disposition access-control-allow-credentials true
POST H2	200	ad Show response v.lkqd.net/ Frame 89A3	85 KB 6 KB	141ms 141ms	XHR application/json	146.20.132.101 RACKSPACE
General Check archive.org Show headers Download Go to Full URL https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fbanjostove4487&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=68348274&m=&rtv=1&thost=ask.fm Requested by Host: ad.lkqd.net URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.20.132.101 , United States, ASN27357 (RACKSPACE, US), Reverse DNS Software nginx / Resource Hash 4f1a6f3845e8b1af899eb6f295bd8632a6630a5efcf1841db1ccf2cd8f7e3270 Request headers Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/json Response headers date Tue, 28 Sep 2021 09:38:02 GMT content-encoding gzip server nginx content-type application/json access-control-allow-origin https://ask.fm cache-control max-age=0, no-cache, no-store access-control-allow-credentials true content-length 5823
GET DATA	200 OK	truncated /	5 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET		cs cs.lkqd.net/ Frame 3259	0 0
GET		cs cs.lkqd.net/ Frame 3259	0 0
GET		cs cs.lkqd.net/ Frame 3259	0 0
GET		cs cs.lkqd.net/ Frame 3259	0 0
GET		cs cs.lkqd.net/ Frame 3259 Redirect Chain https://ad.turn.com/r/cs?pid=65 https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3295574637247455605	0 0
POST H2	200	t Show response t.lkqd.net/ Frame D675	0 158 B	273ms 95ms	XHR text/plain	146.20.128.131 RACKSPACE
General Check archive.org Show headers Download Go to Full URL https://t.lkqd.net/t Requested by Host: ad.lkqd.net URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.20.128.131 , United States, ASN27357 (RACKSPACE, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/json Response headers access-control-allow-origin https://ask.fm date Tue, 28 Sep 2021 09:38:02 GMT cache-control max-age=0, no-cache, no-store access-control-allow-credentials true server nginx content-length 0 content-type text/plain; charset=UTF-8
OPTIONS H2	200	t t.lkqd.net/ Frame	0 0	95ms 95ms	Preflight text/plain	146.20.128.131 RACKSPACE
General Check archive.org Show headers Download Go to Full URL https://t.lkqd.net/t Protocol H2 Server 146.20.128.131 , United States, ASN27357 (RACKSPACE, US), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://ask.fm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers server nginx date Tue, 28 Sep 2021 09:38:01 GMT content-type text/plain; charset=UTF-8 content-length 0 access-control-allow-credentials true access-control-expose-headers Content-Type, Content-Disposition access-control-allow-headers Content-Type access-control-allow-methods GET, OPTIONS, POST cache-control max-age=300 access-control-max-age 300 access-control-allow-origin https://ask.fm
GET H2	200	/ Show response adx.adform.net/adx/	65 B 642 B	216ms 103ms	XHR text/xml	37.157.4.23 ADFORM
General Check archive.org Show headers Download Go to Full URL https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fask.fm%2Fbanjostove4487 Requested by Host: ad.lkqd.net URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.4.23 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 09:38:02 GMT content-encoding gzip vary Accept-Encoding p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" strict-transport-security max-age=31536000; includeSubDomains content-length 173 pragma no-cache server nginx access-control-max-age 86400 access-control-allow-methods GET, POST content-type text/xml; charset=utf-8 access-control-allow-origin https://ask.fm cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type, Cache-Control, Accept-Encoding, X-Requested-With expires -1
GET H/1.1	200 OK	swfIndex.php Show response ads.stickyadstv.com/www/delivery/	67 B 710 B	126ms 125ms	XHR application/xml	2.18.234.233 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=&_fw_gdpr=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C18361923586867908499096519157%2C%2C Requested by Host: ad.lkqd.net URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-233.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 28 Sep 2021 09:38:02 GMT Server nginx Content-Type application/xml;charset=UTF-8 Access-Control-Allow-Origin https://ask.fm Cache-Control max-age=0, no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Content-Length 67 x-sticky-vk 1632821881932077-361 Expires Tue, 28 Sep 2021 09:38:02 GMT
GET H/1.1	200 OK	218945 Show response search.spotxchange.com/vast/2.0/	67 B 1 KB	187ms 52ms	XHR text/xml	185.94.180.124 SPOTX-AMS
General Check archive.org Show headers Download Go to Full URL https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=https%3A%2F%2Fask.fm%2Fbanjostove4487&cb=840514408&player_width=400&player_height=225&regs[gdpr]=&user[consent]=&device[geo][lat]=&device[geo][lon]=&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C6867908499096519157367122321%2C%2C Requested by Host: ad.lkqd.net URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US), Reverse DNS Software nginx / Resource Hash 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 28 Sep 2021 09:38:02 GMT Content-Encoding gzip X-SpotX-Timing-Transform 0.001394 X-SpotX-Timing-SpotMarket 0.015515 X-SpotX-Timing-Page-Mux 0.001404 X-SpotX-Timing-Page-Require 0.000598 X-fe 007 Connection keep-alive X-SpotX-Timing-Page-Cookie 0.000035 Content-Length 77 X-SpotX-Timing-Page 0.023858 Pragma no-cache X-SpotX-Timing-Page-Context 0.000509 Last-Modified Tue, 28 Sep 2021 09:38:02 GMT Server nginx Cache-Control no-cache, must-revalidate, post-check=0, pre-check=0 Access-Control-Allow-Methods POST, GET, PATCH, DELETE, OPTIONS Vary Accept-Encoding X-SpotX-Timing-SpotMarket-Primary 0.015515 Content-Type text/xml;charset=UTF-8 Access-Control-Allow-Origin https://ask.fm X-SpotX-Timing-Page-Misc 0.004387 X-SpotX-Timing-Page-Exception 0.000000 X-SpotX-Timing-SpotMarket-Secondary 0.000000 X-SpotX-Timing-Page-URI 0.000016 Access-Control-Allow-Credentials true Access-Control-Allow-Headers Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	/ Show response adx.adform.net/adx/	65 B 643 B	182ms 73ms	XHR text/xml	37.157.4.23 ADFORM
General Check archive.org Show headers Download Go to Full URL https://adx.adform.net/adx/?mid=970530&url=https%3A%2F%2Fask.fm%2Fbanjostove4487&t=2 Requested by Host: ad.lkqd.net URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.4.23 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 09:38:02 GMT content-encoding gzip vary Accept-Encoding p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" strict-transport-security max-age=31536000; includeSubDomains content-length 173 pragma no-cache server nginx access-control-max-age 86400 access-control-allow-methods GET, POST content-type text/xml; charset=utf-8 access-control-allow-origin https://ask.fm cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type, Cache-Control, Accept-Encoding, X-Requested-With expires -1
GET H/1.1	200 OK	7585793 Show response ads.stickyadstv.com/vast/vpaid-adapter/	1 KB 2 KB	80ms 44ms	XHR application/xml	2.18.234.233 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C20658759456867908499096519157,, Requested by Host: ad.lkqd.net URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-233.deploy.static.akamaitechnologies.com Software nginx / Resource Hash b417ae56b892379b7a953e84bc7830d3cf4c5904617ba8fec690fe1668d33050 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 28 Sep 2021 09:38:02 GMT Server nginx Content-Type application/xml;charset=ISO-8859-1 Access-Control-Allow-Origin https://ask.fm Cache-Control max-age=0, no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Content-Length 1158 x-sticky-vk 1632821882001061-579 Expires Tue, 28 Sep 2021 09:38:02 GMT
GET H/1.1	200 OK	7585793 Show response ads.stickyadstv.com/vast/vpaid-adapter/	1 KB 2 KB	87ms 51ms	XHR application/xml	2.18.234.233 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C8590819206867908499096519157,, Requested by Host: ad.lkqd.net URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-233.deploy.static.akamaitechnologies.com Software nginx / Resource Hash f569e0e689966a13c8473714c87e395b216091c0c8d54a1df123bab1e0c75067 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 28 Sep 2021 09:38:02 GMT Server nginx Content-Type application/xml;charset=ISO-8859-1 Access-Control-Allow-Origin https://ask.fm Cache-Control max-age=0, no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Content-Length 1156 x-sticky-vk 1632821882015060-555 Expires Tue, 28 Sep 2021 09:38:02 GMT
GET H/1.1	200 OK	7585793 Show response ads.stickyadstv.com/vast/vpaid-adapter/	1 KB 2 KB	88ms 53ms	XHR application/xml	2.18.234.233 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C6867908499096519157308709585%2C%2C Requested by Host: ad.lkqd.net URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-233.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 75d33bbbb4440cdd86780cbd8cf3fc1785587fef64b9468d161e5e617b06a5e4 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 28 Sep 2021 09:38:02 GMT Server nginx Content-Type application/xml;charset=ISO-8859-1 Access-Control-Allow-Origin https://ask.fm Cache-Control max-age=0, no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Content-Length 1188 x-sticky-vk 1632821881929090-367 Expires Tue, 28 Sep 2021 09:38:02 GMT
GET H/1.1	200 OK	7585793 Show response ads.stickyadstv.com/vast/vpaid-adapter/	1 KB 2 KB	87ms 39ms	XHR application/xml	2.18.234.233 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C68679084990965191571876902297%2C%2C Requested by Host: ad.lkqd.net URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-233.deploy.static.akamaitechnologies.com Software nginx / Resource Hash cfe273a3bb841aa69d36b72da287cd0e1fbedf76bffdc992a9f777d6eb86cc9c Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 28 Sep 2021 09:38:02 GMT Server nginx Content-Type application/xml;charset=ISO-8859-1 Access-Control-Allow-Origin https://ask.fm Cache-Control max-age=0, no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Content-Length 1190 x-sticky-vk 1632821881955094-339 Expires Tue, 28 Sep 2021 09:38:02 GMT
GET H/1.1	200 OK	LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs= Show response ads.adaptv.advertising.com/a/h/	249 B 536 B	510ms 426ms	XHR text/xml	18.159.16.69 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=808749990&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fbanjostove4487&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1 Requested by Host: ad.lkqd.net URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.159.16.69 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-16-69.eu-central-1.compute.amazonaws.com Software adaptv/1.0 / Resource Hash 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000 content-encoding gzip server adaptv/1.0 content-type text/xml access-control-allow-origin https://ask.fm cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true Connection keep-alive Content-Length 192 expires 0
OPTIONS H2	200	t t.lkqd.net/ Frame	0 0	96ms 95ms	Preflight text/plain	146.20.128.131 RACKSPACE
General Check archive.org Show headers Download Go to Full URL https://t.lkqd.net/t Protocol H2 Server 146.20.128.131 , United States, ASN27357 (RACKSPACE, US), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://ask.fm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers server nginx date Tue, 28 Sep 2021 09:38:02 GMT content-type text/plain; charset=UTF-8 content-length 0 access-control-allow-credentials true access-control-expose-headers Content-Type, Content-Disposition access-control-allow-headers Content-Type access-control-allow-methods GET, OPTIONS, POST cache-control max-age=300 access-control-max-age 300 access-control-allow-origin https://ask.fm
POST H2	200	t Show response t.lkqd.net/ Frame D675	0 158 B	119ms 119ms	XHR text/plain	146.20.128.131 RACKSPACE
General Check archive.org Show headers Download Go to Full URL https://t.lkqd.net/t Requested by Host: ad.lkqd.net URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.20.128.131 , United States, ASN27357 (RACKSPACE, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/json Response headers access-control-allow-origin https://ask.fm date Tue, 28 Sep 2021 09:38:02 GMT cache-control max-age=0, no-cache, no-store access-control-allow-credentials true server nginx content-length 0 content-type text/plain; charset=UTF-8
GET H/1.1	200 OK	vpaid-adapter.min.js Show response cdn.stickyadstv.com/mustang/ Frame AA0C	337 KB 114 KB	158ms 21ms	Script application/x-javascript	2001:4de0:ac19::1:b:1b HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js Requested by Host: ad.lkqd.net URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software / Resource Hash 473f9af2c2b3673ff53946714c6fa377298cdfd1b440b76f672d54c47653b9ef Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 28 Sep 2021 09:38:02 GMT Content-Encoding gzip Last-Modified Thu, 23 Sep 2021 12:45:27 GMT ETag "1632401127" X-HW 1632821882.dop201.ml1.t,1632821882.cds211.ml1.shn,1632821882.cds211.ml1.c Content-Type application/x-javascript Access-Control-Allow-Origin * Cache-Control max-age=86400 Access-Control-Allow-Credentials true Connection Keep-Alive Accept-Ranges bytes Content-Length 116229
GET DATA	200 OK	truncated /	35 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/gif
OPTIONS H2	200	t t.lkqd.net/ Frame	0 0	96ms 96ms	Preflight text/plain	146.20.128.131 RACKSPACE
General Check archive.org Show headers Download Go to Full URL https://t.lkqd.net/t Protocol H2 Server 146.20.128.131 , United States, ASN27357 (RACKSPACE, US), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://ask.fm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers server nginx date Tue, 28 Sep 2021 09:38:02 GMT content-type text/plain; charset=UTF-8 content-length 0 access-control-allow-credentials true access-control-expose-headers Content-Type, Content-Disposition access-control-allow-headers Content-Type access-control-allow-methods GET, OPTIONS, POST cache-control max-age=300 access-control-max-age 300 access-control-allow-origin https://ask.fm
POST H2	200	t Show response t.lkqd.net/ Frame D675	0 158 B	96ms 95ms	XHR text/plain	146.20.128.131 RACKSPACE
General Check archive.org Show headers Download Go to Full URL https://t.lkqd.net/t Requested by Host: ad.lkqd.net URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.20.128.131 , United States, ASN27357 (RACKSPACE, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/json Response headers access-control-allow-origin https://ask.fm date Tue, 28 Sep 2021 09:38:02 GMT cache-control max-age=0, no-cache, no-store access-control-allow-credentials true server nginx content-length 0 content-type text/plain; charset=UTF-8
GET H/1.1	200 OK	bandwidth-test-25ko Show response cdn.stickyadstv.com/mustang/ Frame AA0C	25 KB 25 KB	67ms 16ms	XHR application/octet-stream	2001:4de0:ac19::1:b:1b HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1632821882813 Requested by Host: cdn.stickyadstv.com URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software / Resource Hash 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 28 Sep 2021 09:38:02 GMT Last-Modified Thu, 23 Sep 2021 12:45:27 GMT ETag "1632401127" X-HW 1632821882.dop006.ml1.t,1632821882.cds002.ml1.shn,1632821882.cds002.ml1.c Content-Type application/octet-stream Access-Control-Allow-Origin https://ask.fm Cache-Control max-age=86400 Access-Control-Allow-Credentials true Connection Keep-Alive Accept-Ranges bytes Content-Length 25600
GET		stv match.prod.bidr.io/cookie-sync/ Redirect Chain https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=132f62b11610b174b583f0357c80dea&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu... https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=pc027_7012916583384151697 https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=MTMyZjYyYjExNjEwYjE3NGI1ODNmMDM1N2M4MGRlYQ==&gdpr=0&gdpr_consent= https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESENLdialKrJBah3-Z2WXeNrE&google_cver=1&gdpr=0&gdpr_consent= https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=2fd51d7a-96e8-4dab-aed2-31c2d78e64f8 https://pr-bh.ybp.yahoo.com/sync/stickyads/132f62b11610b174b583f0357c80dea&gdpr=0&gdpr_consent=? https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-Y0vfpvVE2oMm8IT4gD7rjrGqUD7DqlZUZ1Ht_Umy~A https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=6812870236741216026 https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=35f36152-e27b-4100-bafa-6c0da5dc8420&gdpr=0&gdpr_consent= https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_co... https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YVLiewAAAJmRRgAT&gdpr=0&gdpr_consent= https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent= https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=1391974889377494002 https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_ https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_ https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=eB76Zhwp1Mv9yP5 https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=	0 0
GET H/1.1	200 OK	/ Show response ads.stickyadstv.com/additional-scripts/ Frame AA0C	301 B 846 B	32ms 31ms	XHR text/xml	2.18.234.233 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fask.fm%2Fbanjostove4487 Requested by Host: cdn.stickyadstv.com URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-233.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27 Request headers Accept application/xml, text/xml Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 28 Sep 2021 09:38:02 GMT Server nginx Access-Control-Allow-Origin https://ask.fm Cache-Control max-age=0, no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Content-Length 301 x-sticky-vk 1632821882780035-371 Expires Tue, 28 Sep 2021 09:38:02 GMT
GET H/1.1	200 OK	swfIndex.php Show response ads.stickyadstv.com/www/delivery/ Frame AA0C	67 B 710 B	132ms 131ms	XHR application/xml	2.18.234.233 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&schain=1.0%2C1!vidoomy.com%2C54345%2C1%2C20658759456867908499096519157%2C%2C&vav=b69a27d6ca01b8dc58aa6f97439b9ca1&vaviv=5ac4f803cd91be52ae7a838bf2644662&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.0.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fask.fm%2Fbanjostove4487&playerSize=400x225&supportsFlash=false&supportsJavascript=true Requested by Host: cdn.stickyadstv.com URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-233.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe Request headers Accept application/xml, text/xml Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 28 Sep 2021 09:38:02 GMT Server nginx Content-Type application/xml;charset=UTF-8 Access-Control-Allow-Origin https://ask.fm Cache-Control max-age=0, no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Content-Length 67 x-sticky-vk 1632821882864006-354 Expires Tue, 28 Sep 2021 09:38:02 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Redirect Chain https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MTMyZjYyYjExNjEwYjE3NGI1ODNmMDM1N2M4MGRlYQ==&gdpr=0&gdpr_consent= https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MTMyZjYyYjExNjEwYjE3NGI1ODNmMDM1N2M4MGRlYQ==&gdpr=0&gdpr_consent=&google_tc=	170 B 243 B	19ms 18ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MTMyZjYyYjExNjEwYjE3NGI1ODNmMDM1N2M4MGRlYQ==&gdpr=0&gdpr_consent=&google_tc= Requested by Host: ask.fm URL: https://ask.fm/banjostove4487 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 28 Sep 2021 09:38:03 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 28 Sep 2021 09:38:02 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MTMyZjYyYjExNjEwYjE3NGI1ODNmMDM1N2M4MGRlYQ==&gdpr=0&gdpr_consent=&google_tc= cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 363 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	ecm3 s.amazon-adsystem.com/ Redirect Chain https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= https://s.amazon-adsystem.com/ecm3?id=132f62b11610b174b583f0357c80dea&ex=freewheel.tv&gdpr=0&gdpr_consent=	43 B 556 B	331ms 103ms	Image image/gif	52.46.154.242 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/ecm3?id=132f62b11610b174b583f0357c80dea&ex=freewheel.tv&gdpr=0&gdpr_consent= Requested by Host: ask.fm URL: https://ask.fm/banjostove4487 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 28 Sep 2021 09:38:03 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid 59DWZEMQE0EZ7XPMESSS Strict-Transport-Security max-age=47474747; includeSubDomains; preload Content-Type image/gif Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Date Tue, 28 Sep 2021 09:38:02 GMT Server nginx Access-Control-Allow-Origin * Location https://s.amazon-adsystem.com/ecm3?id=132f62b11610b174b583f0357c80dea&ex=freewheel.tv&gdpr=0&gdpr_consent= Cache-Control max-age=0, no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Content-Length 0 x-sticky-vk 1632821882714097-360 Expires Tue, 28 Sep 2021 09:38:02 GMT
GET DATA	200 OK	truncated / Frame 89A3	35 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	vpaid_68c68ea6.js Show response vpaid.springserve.com/production/ Frame 0D79	491 KB 87 KB	88ms 10ms	Script application/javascript	2600:9000:2156:fc00:15:6f6c:b180:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vpaid.springserve.com/production/vpaid_68c68ea6.js Requested by Host: ad.lkqd.net URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:fc00:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a54b6501010a2a11a342b7f1459a10336ce2b96a98c523c015de676203f1e282 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 22 Sep 2021 17:36:21 GMT content-encoding br last-modified Wed, 22 Sep 2021 17:34:44 GMT server AmazonS3 age 489703 etag W/"c41b3f31e617ac05abbd6b79785bd64a" vary Accept-Encoding x-edge-origin-shield-skipped 0 content-type application/javascript via 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront) cache-control max-age=2678400 x-cache Hit from cloudfront x-amz-cf-pop FRA50-C1 x-amz-cf-id eY_HNW7WHeM-L4YFNP_eOTzRtL8nDpgHtLHIc4amZvRAnQ7b4R6B5A==
POST H2	200	t Show response t.lkqd.net/ Frame D675	0 158 B	95ms 95ms	XHR text/plain	146.20.128.131 RACKSPACE
General Check archive.org Show headers Download Go to Full URL https://t.lkqd.net/t Requested by Host: ad.lkqd.net URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.20.128.131 , United States, ASN27357 (RACKSPACE, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/json Response headers access-control-allow-origin https://ask.fm date Tue, 28 Sep 2021 09:38:03 GMT cache-control max-age=0, no-cache, no-store access-control-allow-credentials true server nginx content-length 0 content-type text/plain; charset=UTF-8
OPTIONS H2	200	t t.lkqd.net/ Frame	0 0	96ms 95ms	Preflight text/plain	146.20.128.131 RACKSPACE
General Check archive.org Show headers Download Go to Full URL https://t.lkqd.net/t Protocol H2 Server 146.20.128.131 , United States, ASN27357 (RACKSPACE, US), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://ask.fm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers server nginx date Tue, 28 Sep 2021 09:38:03 GMT content-type text/plain; charset=UTF-8 content-length 0 access-control-allow-credentials true access-control-expose-headers Content-Type, Content-Disposition access-control-allow-headers Content-Type access-control-allow-methods GET, OPTIONS, POST cache-control max-age=300 access-control-max-age 300 access-control-allow-origin https://ask.fm
GET H2	200	vadtag.html Show response vpaid.pubmatic.com/ads/video/ Frame 0D79	964 B 845 B	123ms 26ms	XHR application/xml	2.18.233.180 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fbanjostove4487&schain=1.0,1!vidoomy.com,54345,1,1632821881992,, Requested by Host: vpaid.springserve.com URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-233-180.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 7178971c81407726d1e03fc0bba1d5a7040873ad3961f17117cc820875f1d393 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 28 Sep 2021 09:38:03 GMT content-encoding gzip server Apache/2.2.15 (CentOS) etag "461ced-23ca-5c92d699e808f" vary Origin, Accept-Encoding content-type application/xml access-control-allow-origin https://ask.fm cache-control max-age=0, no-cache, no-store access-control-allow-credentials true content-length 593 expires Tue, 28 Sep 2021 09:38:03 GMT
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/ Frame 0D79	166 B 1 KB	83ms 53ms	XHR application/json	37.252.172.37 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: vpaid.springserve.com URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash 3274c06db1b02804db1d2194c3ed6aa98c34cf45f80452e1dbe2bda2b845c6a6 Security Headers Name Value X-Xss-Protection 0 Request headers Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Tue, 28 Sep 2021 09:38:03 GMT X-Proxy-Origin 194.36.108.19; 194.36.108.19; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid 3655ee28-268a-485c-b044-193d392ecd95 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://ask.fm Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 166 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/ Frame 0D79	166 B 1 KB	120ms 89ms	XHR application/json	37.252.172.37 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: vpaid.springserve.com URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash 8992d5a39fa473e6f79c9d8a95a159ed0ea20eeea09b8df84117242596f99cf5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Tue, 28 Sep 2021 09:38:03 GMT X-Proxy-Origin 194.36.108.19; 194.36.108.19; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid 188fcba7-8f66-4d8c-a83f-f3071c69081c Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://ask.fm Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 166 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H/1.1	204 No Content	openrtb Show response ads.adaptv.advertising.com/rtb/ Frame 0D79	0 207 B	222ms 222ms	XHR application/json	18.159.16.69 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy Requested by Host: vpaid.springserve.com URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.159.16.69 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-16-69.eu-central-1.compute.amazonaws.com Software adaptv/1.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://ask.fm access-control-allow-credentials true server adaptv/1.0 Connection keep-alive content-length 0 content-type application/json
GET H/1.1	204 No Content	sync ups.analytics.yahoo.com/ups/57304/ Frame 0D79 Redirect Chain https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPc6d26b4a-203f-11ec-aba4-06cb704d9496 https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPc6d26b4a-203f-11ec-aba4-06cb704d9496&verify=true https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVBjNmQyNmI0YS0yMDNmLTExZWMtYWJhNC0wNmNiNzA0ZDk0OTY%3D https://pixel.advertising.com/ups/57304/sync?uid=CAESEKCTItpBzaTRgp7BnBy6MHc&google_cver=1 https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEKCTItpBzaTRgp7BnBy6MHc&google_cver=1&apid=UPc6d26b4a-203f-11ec-aba4-06cb704d9496	0 1 KB	11ms 11ms	Image text/plain	18.156.0.31 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEKCTItpBzaTRgp7BnBy6MHc&google_cver=1&apid=UPc6d26b4a-203f-11ec-aba4-06cb704d9496 Requested by Host: ask.fm URL: https://ask.fm/banjostove4487 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-0-31.eu-central-1.compute.amazonaws.com Software ATS/7.1.2.138 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 28 Sep 2021 09:38:03 GMT Server ATS/7.1.2.138 Connection keep-alive Age 0 Strict-Transport-Security max-age=31536000 P3P CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Redirect headers location https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEKCTItpBzaTRgp7BnBy6MHc&google_cver=1&apid=UPc6d26b4a-203f-11ec-aba4-06cb704d9496 date Tue, 28 Sep 2021 09:38:03 GMT content-length 0 strict-transport-security max-age=31536000 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H/1.1	204 No Content	sync ups.analytics.yahoo.com/ups/55986/ Frame 0D79 Redirect Chain https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent= https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_... https://pixel.advertising.com/ups/55986/sync?uid=YVLiewAAAJmRRgAT&_origin=0&gdpr=0&gdpr_consent=&_test=YVLiewAAAJmRRgAT https://ups.analytics.yahoo.com/ups/55986/sync?uid=YVLiewAAAJmRRgAT&_origin=0&gdpr=0&gdpr_consent=&_test=YVLiewAAAJmRRgAT&apid=UPc6d26b4a-203f-11ec-aba4-06cb704d9496	0 1 KB	10ms 10ms	Image text/plain	18.156.0.31 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ups.analytics.yahoo.com/ups/55986/sync?uid=YVLiewAAAJmRRgAT&_origin=0&gdpr=0&gdpr_consent=&_test=YVLiewAAAJmRRgAT&apid=UPc6d26b4a-203f-11ec-aba4-06cb704d9496 Requested by Host: ask.fm URL: https://ask.fm/banjostove4487 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-0-31.eu-central-1.compute.amazonaws.com Software ATS/7.1.2.138 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 28 Sep 2021 09:38:03 GMT Server ATS/7.1.2.138 Connection keep-alive Age 0 Strict-Transport-Security max-age=31536000 P3P CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Redirect headers location https://ups.analytics.yahoo.com/ups/55986/sync?uid=YVLiewAAAJmRRgAT&_origin=0&gdpr=0&gdpr_consent=&_test=YVLiewAAAJmRRgAT&apid=UPc6d26b4a-203f-11ec-aba4-06cb704d9496 date Tue, 28 Sep 2021 09:38:03 GMT content-length 0 strict-transport-security max-age=31536000 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H/1.1	204 No Content	sync ups.analytics.yahoo.com/ups/55953/ Frame 0D79 Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 https://ups.analytics.yahoo.com/ups/55953/sync?uid=2fd51d7a-96e8-4dab-aed2-31c2d78e64f8&_origin=1&gdpr=1&gdpr_consent=	0 234 B	81ms 9ms	Image text/plain	18.156.0.31 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ups.analytics.yahoo.com/ups/55953/sync?uid=2fd51d7a-96e8-4dab-aed2-31c2d78e64f8&_origin=1&gdpr=1&gdpr_consent= Requested by Host: ask.fm URL: https://ask.fm/banjostove4487 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-0-31.eu-central-1.compute.amazonaws.com Software ATS/7.1.2.138 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 28 Sep 2021 09:38:03 GMT Server ATS/7.1.2.138 Connection keep-alive Age 0 Strict-Transport-Security max-age=31536000 P3P CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Redirect headers pragma no-cache date Tue, 28 Sep 2021 09:38:03 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://ups.analytics.yahoo.com/ups/55953/sync?uid=2fd51d7a-96e8-4dab-aed2-31c2d78e64f8&_origin=1&gdpr=1&gdpr_consent= cache-control private,no-cache, must-revalidate content-type text/html content-length 267
GET H2	200	PMAdMgr.js Show response vpaid.pubmatic.com/ads/video/ Frame FC60	152 KB 36 KB	34ms 34ms	Script text/javascript	2.18.233.180 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fbanjostove4487&schain=1.0,1!vidoomy.com,54345,1,1632821881992,, Requested by Host: blank URL: about:blank Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-233-180.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 09:38:03 GMT content-encoding gzip last-modified Tue, 10 Aug 2021 05:02:46 GMT server Apache/2.2.15 (CentOS) etag "1408294-25f9a-5c92d699d3c58" vary Accept-Encoding content-type text/javascript cache-control public, max-age=10800 accept-ranges bytes content-length 36260
GET H2	200	showad.js Show response ads.pubmatic.com/AdServer/js/ Frame F8FE	38 KB 14 KB	19ms 19ms	Document text/html	2.18.233.180 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/showad.js? Requested by Host: vpaid.pubmatic.com URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fbanjostove4487&schain=1.0,1!vidoomy.com,54345,1,1632821881992,, Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-233-180.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8 Request headers :method GET :authority ads.pubmatic.com :scheme https :path /AdServer/js/showad.js? pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers last-modified Tue, 15 Jun 2021 06:07:52 GMT etag "13006b6-974e-5c4c7cb53d8cb" server Apache/2.2.15 (CentOS) accept-ranges bytes content-encoding gzip p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 13946 content-type text/html; charset=UTF-8 cache-control public, max-age=105489 expires Wed, 29 Sep 2021 14:56:12 GMT date Tue, 28 Sep 2021 09:38:03 GMT vary Accept-Encoding
GET H2	200	showad.js Show response ads.pubmatic.com/AdServer/js/ Frame FC60	38 KB 14 KB	22ms 21ms	Script text/html	2.18.233.180 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/showad.js? Requested by Host: vpaid.pubmatic.com URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fbanjostove4487&schain=1.0,1!vidoomy.com,54345,1,1632821881992,, Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-233-180.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 09:38:03 GMT content-encoding gzip last-modified Tue, 15 Jun 2021 06:07:52 GMT server Apache/2.2.15 (CentOS) etag "13006b6-974e-5c4c7cb53d8cb" vary Accept-Encoding p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" cache-control public, max-age=105489 accept-ranges bytes content-type text/html; charset=UTF-8 content-length 13946 expires Wed, 29 Sep 2021 14:56:12 GMT
GET H2	200	PugMaster Show response image6.pubmatic.com/AdServer/ Frame F8FE	2 KB 3 KB	68ms 18ms	Script text/html	185.64.190.78 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=93944851&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/showad.js? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash 17c4a21b2a63370b44d53ec45143384a25a3f685b1a10551c05c72d324e20149 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 09:38:03 GMT content-type text/html; charset=UTF-8 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
POST H2	200	48953915 Show response mc.yandex.com/webvisor/	43 B 145 B	41ms 41ms	XHR image/gif	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=1&wv-hit=961285531&page-url=https%3A%2F%2Fask.fm%2Fbanjostove4487&rn=1027860570&wv-type=5&browser-info=gdpr%3A14%3Aet%3A1632821883%3Aw%3A1600x1200%3Av%3A660%3Az%3A0%3Ai%3A20210928093803%3Au%3A1632821881983656102%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1632821883 Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://ask.fm/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 28 Sep 2021 09:38:03 GMT last-modified Tue, 28-Sep-2021 09:38:03 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://ask.fm cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Tue, 28-Sep-2021 09:38:03 GMT
GET H2	200	match Show response c1.adform.net/serving/cookie/ Frame EFBB Redirect Chain https://c1.adform.net/serving/cookie/match?party=14&cid=E2F76566-ADC1-4F9F-B55D-CFC4CFCE2BA7 https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E2F76566-ADC1-4F9F-B55D-CFC4CFCE2BA7	35 B 477 B	23ms 23ms	Document image/gif	37.157.2.238 ADFORM
General Check archive.org Show headers Download Go to Full URL https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E2F76566-ADC1-4F9F-B55D-CFC4CFCE2BA7 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/showad.js? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.2.238 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers :method GET :authority c1.adform.net :scheme https :path /serving/cookie/match?CC=1&party=14&cid=E2F76566-ADC1-4F9F-B55D-CFC4CFCE2BA7 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ads.pubmatic.com/ accept-encoding gzip, deflate, br cookie C=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ Response headers server nginx date Tue, 28 Sep 2021 09:38:03 GMT content-type image/gif cache-control no-cache, no-store, must-revalidate, no-transform pragma no-cache expires -1 set-cookie uid=1206235595409733336; expires=Sat, 27 Nov 2021 09:38:03 GMT; domain=adform.net; path=/; secure; samesite=none access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With access-control-allow-methods GET access-control-allow-origin * access-control-max-age 86400 strict-transport-security max-age=31536000; includeSubDomains Redirect headers server nginx date Tue, 28 Sep 2021 09:38:03 GMT content-length 0 location https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E2F76566-ADC1-4F9F-B55D-CFC4CFCE2BA7 cache-control no-cache, no-store, must-revalidate, no-transform pragma no-cache expires -1 set-cookie C=1; expires=Thu, 28 Oct 2021 09:38:03 GMT; domain=adform.net; path=/; secure; samesite=none access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With access-control-allow-methods GET access-control-allow-origin * access-control-max-age 86400 strict-transport-security max-age=31536000; includeSubDomains
GET H2	200	Pug Show response image2.pubmatic.com/AdServer/ Frame BF25 Redirect Chain https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3729764168184153385	42 B 210 B	14ms 14ms	Document image/gif	185.64.189.110 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3729764168184153385 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/showad.js? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002 Request headers :method GET :authority image2.pubmatic.com :scheme https :path /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3729764168184153385 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ads.pubmatic.com/ accept-encoding gzip, deflate, br cookie KADUSERCOOKIE=E2F76566-ADC1-4F9F-B55D-CFC4CFCE2BA7; chkChromeAb67Sec=1; DPSync3=1633996800%3A201_197_219%7C1632873600%3A174; SyncRTB3=1634083200%3A35%7C1633996800%3A220_161_8_7_3_21_13_54_56; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEPx7Et9Rr0RR-ca8LODc13Q&KRTB&16514-CAESEPx7Et9Rr0RR-ca8LODc13Q&KRTB&23025-CAESEPx7Et9Rr0RR-ca8LODc13Q; KRTBCOOKIE_57=22776-6812870236741216026; KRTBCOOKIE_153=19420-hGEs2NdiLoifZ32Pg2A02tNie9yfMXjThjPPt8d1&KRTB&22979-hGEs2NdiLoifZ32Pg2A02tNie9yfMXjThjPPt8d1; KRTBCOOKIE_27=16735-uid:68f16152-e27b-4c00-8de9-e9ae9f450b91&KRTB&16736-uid:68f16152-e27b-4c00-8de9-e9ae9f450b91&KRTB&23019-uid:68f16152-e27b-4c00-8de9-e9ae9f450b91&KRTB&23114-uid:68f16152-e27b-4c00-8de9-e9ae9f450b91; KRTBCOOKIE_391=22924-1391974889377494002&KRTB&23263-1391974889377494002; KRTBCOOKIE_377=6810-2fd51d7a-96e8-4dab-aed2-31c2d78e64f8&KRTB&22918-2fd51d7a-96e8-4dab-aed2-31c2d78e64f8&KRTB&23031-2fd51d7a-96e8-4dab-aed2-31c2d78e64f8; PugT=1632821883 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ Response headers server nginx date Tue, 28 Sep 2021 09:38:02 GMT content-type image/gif; charset=utf-8 content-length 42 set-cookie KRTBCOOKIE_336=5844-3729764168184153385; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 28-Oct-2021 09:38:02 GMT; path=/ PugT=1632821882; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 28-Oct-2021 09:38:02 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 27-Dec-2021 09:38:02 GMT; path=/ x-lat amspug016:0:361 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" cache-control no-store, no-cache, private Redirect headers location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3729764168184153385 content-length 0 p3p CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
GET H2	200	usersync.aspx Show response dis.criteo.com/dis/ Frame 394B	43 B 334 B	61ms 17ms	Document image/gif	178.250.2.151 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/showad.js? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers :method GET :authority dis.criteo.com :scheme https :path /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ads.pubmatic.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ Response headers date Tue, 28 Sep 2021 09:38:02 GMT content-type image/gif server Kestrel cache-control no-cache pragma no-cache expires Tue, 28 Sep 2021 00:00:00 GMT x-errorlevel 0 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 656175
GET H2	200	user_sync.html ads.pubmatic.com/AdServer/js/ Frame F8FE Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4vdlZq3BT5-1Xc_Ez84rpw%3D%3D https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=	14 KB 14 KB	22ms 22ms	Image text/html	2.18.233.180 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/showad.js? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-233-180.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 09:38:03 GMT content-encoding gzip last-modified Tue, 15 Jun 2021 06:08:03 GMT server Apache/2.2.15 (CentOS) etag "1300708-3945-5c4c7cc02bd56" vary Accept-Encoding p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" cache-control max-age=74540 accept-ranges bytes content-type text/html; charset=UTF-8 content-length 5054 expires Wed, 29 Sep 2021 06:20:23 GMT Redirect headers pragma no-cache date Tue, 28 Sep 2021 09:38:03 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect= cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 272 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	SPug image4.pubmatic.com/AdServer/ Frame F8FE Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=6adf6152-e27b-4300-9bfc-c45e90cb58ce	0 260 B	86ms 15ms	Image text/plain	185.64.189.114 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=6adf6152-e27b-4300-9bfc-c45e90cb58ce Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/showad.js? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 09:38:02 GMT cache-control no-store, no-cache, private server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers Date Tue, 28 Sep 2021 09:38:03 GMT Server MT3 3984 0e3af3b master zrh-pixel-x25 config:1.0.0 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=6adf6152-e27b-4300-9bfc-c45e90cb58ce Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Tue, 28 Sep 2021 09:38:02 GMT
GET H2	200	mw mwzeom.zeotap.com/ Frame F8FE Redirect Chain https://pixel.onaudience.com/?partner=214&mapped=E2F76566-ADC1-4F9F-B55D-CFC4CFCE2BA7 https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 https://pixel.onaudience.com/?partner=147&mapped=2fd51d7a-96e8-4dab-aed2-31c2d78e64f8&icm https://spl.zeotap.com/?zdid=1332&zcluid=28be819b1bea199d https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=7159e30b-39c0-4071-6f4c-fcb06e72f413&reqId=80e92764-d98c-4e88-6cc3-d5832b301960&zclui... https://mwzeom.zeotap.com/mw?google_gid=CAESENoO5vHlFO7UnXJmtscB4Cw&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=7159e30b-39c0-4071-6f4c-fcb06e72f413&reqId=80e92764-d98c-4e88-6cc3-d58...	95 B 164 B	44ms 19ms	Image image/png	2606:4700:10::ac43:db6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mwzeom.zeotap.com/mw?google_gid=CAESENoO5vHlFO7UnXJmtscB4Cw&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=7159e30b-39c0-4071-6f4c-fcb06e72f413&reqId=80e92764-d98c-4e88-6cc3-d5832b301960&zcluid=28be819b1bea199d&zdid=1332 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/showad.js? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 09:38:03 GMT via 1.1 google cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin content-type image/png access-control-allow-origin https://ads.pubmatic.com access-control-allow-credentials true cf-ray 695bff24fb344e61-FRA access-control-allow-headers * content-length 95 Redirect headers pragma no-cache date Tue, 28 Sep 2021 09:38:03 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://mwzeom.zeotap.com/mw?google_gid=CAESENoO5vHlFO7UnXJmtscB4Cw&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=7159e30b-39c0-4071-6f4c-fcb06e72f413&reqId=80e92764-d98c-4e88-6cc3-d5832b301960&zcluid=28be819b1bea199d&zdid=1332 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 469 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame F8FE Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTJGNzY1NjYtQURDMS00RjlGLUI1NUQtQ0ZDNENGQ0UyQkE3&gdpr=0&gdpr_consent= https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=	42 B 340 B	76ms 14ms	Image image/gif	185.64.189.110 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/showad.js? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 09:38:01 GMT cache-control no-store, no-cache, private x-lat amspug019:0:353 server nginx content-type image/gif; charset=utf-8 content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Tue, 28 Sep 2021 09:38:03 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame F8FE Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPx7Et9Rr0RR-ca8LODc13Q&google_cver=1	42 B 435 B	75ms 15ms	Image image/gif	185.64.189.110 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPx7Et9Rr0RR-ca8LODc13Q&google_cver=1 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/showad.js? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 09:38:02 GMT cache-control no-store, no-cache, private x-lat amspug003:0:455 server nginx content-type image/gif; charset=utf-8 content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Tue, 28 Sep 2021 09:38:03 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPx7Et9Rr0RR-ca8LODc13Q&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 379 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pubmatic um.simpli.fi/ Frame F8FE	43 B 610 B	79ms 19ms	Image image/gif	169.50.137.190 SOFTLAYER
General Check archive.org Show headers Download Go to Show image Full URL https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/showad.js? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 169.50.137.190 , United States, ASN36351 (SOFTLAYER, US), Reverse DNS be.89.32a9.ip4.static.sl-reverse.com Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 09:38:03 GMT x-content-type-options nosniff last-modified Mon, 28 Sep 1970 06:00:00 GMT strict-transport-security max-age=63072000; includeSubdomains; preload access-control-allow-methods GET, POST, OPTIONS content-type image/gif access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 43 expires Mon, 27 Sep 2021 09:38:03 GMT
GET H2	200	Pug simage2.pubmatic.com/AdServer/ Frame F8FE Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2fd51d7a-96e8-4dab-aed2-31c2d78e64f8	42 B 450 B	94ms 17ms	Image image/gif	185.64.189.110 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2fd51d7a-96e8-4dab-aed2-31c2d78e64f8 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/showad.js? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 09:38:03 GMT cache-control no-store, no-cache, private x-lat amspug013:0:2240 server nginx content-type image/gif; charset=utf-8 content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Tue, 28 Sep 2021 09:38:03 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2fd51d7a-96e8-4dab-aed2-31c2d78e64f8 cache-control private,no-cache, must-revalidate content-type text/html content-length 313
GET H2	200	Pug simage2.pubmatic.com/AdServer/ Frame F8FE Redirect Chain https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO... https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%... https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1391974889377494002	42 B 234 B	14ms 14ms	Image image/gif	185.64.189.110 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1391974889377494002 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/showad.js? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 09:38:02 GMT cache-control no-store, no-cache, private x-lat amspug010:0:505 server nginx content-type image/gif; charset=utf-8 content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Tue, 28 Sep 2021 09:38:03 GMT server nginx location https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1391974889377494002 access-control-max-age 86400 access-control-allow-methods GET access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H2	200	Pug simage2.pubmatic.com/AdServer/ Frame F8FE Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3... https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:68f16152-e27b-4c00-8de9-e9ae9f450b91&gdpr=0&gdpr_consent=	42 B 648 B	69ms 16ms	Image image/gif	185.64.189.110 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:68f16152-e27b-4c00-8de9-e9ae9f450b91&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/showad.js? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 09:38:02 GMT cache-control no-store, no-cache, private x-lat amspug011:0:480 server nginx content-type image/gif; charset=utf-8 content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers Date Tue, 28 Sep 2021 09:38:03 GMT Server MT3 3984 0e3af3b master zrh-pixel-x27 config:1.0.0 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:68f16152-e27b-4c00-8de9-e9ae9f450b91&gdpr=0&gdpr_consent= Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Tue, 28 Sep 2021 09:38:02 GMT
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame F8FE Redirect Chain https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6812870236741216026&gdpr=0&gdpr_consent=	42 B 209 B	88ms 15ms	Image image/gif	185.64.189.110 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6812870236741216026&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/showad.js? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 09:38:02 GMT cache-control no-store, no-cache, private x-lat amspug005:0:369 server nginx content-type image/gif; charset=utf-8 content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers Pragma no-cache Date Tue, 28 Sep 2021 09:38:03 GMT X-Proxy-Origin 194.36.108.19; 194.36.108.19; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid a685076e-f7bc-4d88-a7b1-ab0b6aa82765 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6812870236741216026&gdpr=0&gdpr_consent= Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame F8FE Redirect Chain https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=hGEs2NdiLoifZ32Pg2A02tNie9yfMXjThjPPt8d1	42 B 424 B	24ms 15ms	Image image/gif	185.64.189.110 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=hGEs2NdiLoifZ32Pg2A02tNie9yfMXjThjPPt8d1 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/showad.js? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 09:38:03 GMT cache-control no-store, no-cache, private x-lat amspug002:0:487 server nginx content-type image/gif; charset=utf-8 content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Tue, 28 Sep 2021 09:38:03 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" location https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=hGEs2NdiLoifZ32Pg2A02tNie9yfMXjThjPPt8d1 cache-control private, no-cache, no-store, proxy-revalidate content-length 0 expires Fri, 04 Aug 1978 12:00:00 GMT
POST H2	200	48953915 Show response mc.yandex.com/webvisor/	43 B 73 B	109ms 109ms	XHR image/gif	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=1&wv-hit=961285531&page-url=https%3A%2F%2Fask.fm%2Fbanjostove4487&rn=856503689&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1632821884%3Aw%3A1600x1200%3Av%3A660%3Az%3A0%3Ai%3A20210928093803%3Au%3A1632821881983656102%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1632821884 Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://ask.fm/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 28 Sep 2021 09:38:03 GMT last-modified Tue, 28-Sep-2021 09:38:03 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://ask.fm cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Tue, 28-Sep-2021 09:38:03 GMT
GET H2	200	AdServerServlet vid.pubmatic.com/AdServer/ Frame FC60	27 B 0	192ms 102ms	XHR application/xml	185.64.190.75 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fbanjostove4487&schain=1.0,1!vidoomy.com,54345,1,1632821881992,,&us_privacy=&cb=1632821883333&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fask.fm%252Fbanjostove4487&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fask.fm%252Fbanjostove4487&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-9-28%209:38:3&ranreq=0.6720800627849446&timezone=0&depth=0 Requested by Host: vpaid.pubmatic.com URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fbanjostove4487&schain=1.0,1!vidoomy.com,54345,1,1632821881992,, Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 09:38:04 GMT content-encoding gzip server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" access-control-allow-origin https://ask.fm cache-control no-store, no-cache, private access-control-allow-credentials true x-vdbg 1:0/165:-1 content-type application/xml; charset=utf-8
POST H2	200	i Show response vid-io-cle.springserve.com/vd/ Frame 0D79	0 111 B	363ms 113ms	XHR text/plain	3.12.29.116 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vid-io-cle.springserve.com/vd/i?suuid=ebb7f5c5&ps_id=357265&batch=1 Requested by Host: vpaid.springserve.com URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.12.29.116 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-12-29-116.us-east-2.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://ask.fm date Tue, 28 Sep 2021 09:38:04 GMT access-control-allow-credentials true server nginx content-length 0
GET H2	200	track aktrack.pubmatic.com/ Frame 0D79	0 61 B	54ms 20ms	Image text/html	2.18.233.180 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1632821883&wa=0&e=96&ier=901 Requested by Host: ask.fm URL: https://ask.fm/banjostove4487 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-233-180.deploy.static.akamaitechnologies.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 09:38:04 GMT content-length 0 content-type text/html
OPTIONS H2	200	t t.lkqd.net/ Frame	0 0	96ms 96ms	Preflight text/plain	146.20.128.131 RACKSPACE
General Check archive.org Show headers Download Go to Full URL https://t.lkqd.net/t Protocol H2 Server 146.20.128.131 , United States, ASN27357 (RACKSPACE, US), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://ask.fm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers server nginx date Tue, 28 Sep 2021 09:38:04 GMT content-type text/plain; charset=UTF-8 content-length 0 access-control-allow-credentials true access-control-expose-headers Content-Type, Content-Disposition access-control-allow-headers Content-Type access-control-allow-methods GET, OPTIONS, POST cache-control max-age=300 access-control-max-age 300 access-control-allow-origin https://ask.fm
POST H2	200	t Show response t.lkqd.net/ Frame D675	0 158 B	95ms 95ms	XHR text/plain	146.20.128.131 RACKSPACE
General Check archive.org Show headers Download Go to Full URL https://t.lkqd.net/t Requested by Host: ad.lkqd.net URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.20.128.131 , United States, ASN27357 (RACKSPACE, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/json Response headers access-control-allow-origin https://ask.fm date Tue, 28 Sep 2021 09:38:04 GMT cache-control max-age=0, no-cache, no-store access-control-allow-credentials true server nginx content-length 0 content-type text/plain; charset=UTF-8
GET H2	200	ad Show response v.lkqd.net/ Frame 8E95	2 KB 2 KB	99ms 98ms	XHR application/xml	146.20.132.101 RACKSPACE
General Check archive.org Show headers Download Go to Full URL https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fbanjostove4487&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=30986575&m= Requested by Host: ad.lkqd.net URL: https://ad.lkqd.net/vpaid/formats.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.20.132.101 , United States, ASN27357 (RACKSPACE, US), Reverse DNS Software nginx / Resource Hash 662e93e74f685666b1a25539153471fe4cf9f6336723f531c001b5d19ec34d74 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 09:38:04 GMT content-encoding gzip server nginx content-type application/xml; charset=UTF-8 access-control-allow-origin https://ask.fm cache-control max-age=0, no-cache, no-store access-control-allow-credentials true content-length 1358
GET H2	200	vpaid.js Show response ad.lkqd.net/vpaid/ Frame 2E79	230 KB 61 KB	11ms 11ms	Script application/javascript	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0 Requested by Host: ad.lkqd.net URL: https://ad.lkqd.net/vpaid/formats.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software / Resource Hash ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 28 Sep 2021 09:38:05 GMT content-encoding gzip last-modified Mon, 10 May 2021 16:09:54 GMT etag "18431b5d583ab7507824ab63424fc76a" x-hw 1632821885.cds003.fr8.hn,1632821885.cds107.fr8.c content-type application/javascript access-control-allow-origin * cache-control public, max-age=1209600 accept-ranges bytes content-length 62012
GET H2	200	usync.html Show response ad.lkqd.net/cookie-sync/ Frame 8D8B	4 KB 2 KB	10ms 9ms	Document text/html	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://ad.lkqd.net/cookie-sync/usync.html Requested by Host: ad.lkqd.net URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software / Resource Hash 6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3 Request headers :method GET :authority ad.lkqd.net :scheme https :path /cookie-sync/usync.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Tue, 28 Sep 2021 09:38:05 GMT content-encoding gzip content-length 1868 content-type text/html last-modified Thu, 29 Jul 2021 21:50:27 GMT accept-ranges bytes etag "81f08e6987a7c8675462207e3514d72e" cache-control public, max-age=1209600 x-hw 1632821885.cds003.fr8.hn,1632821885.cds226.fr8.c access-control-allow-origin *
OPTIONS H2	200	ad v.lkqd.net/ Frame	0 0	94ms 94ms	Preflight	146.20.132.101 RACKSPACE
General Check archive.org Show headers Download Go to Full URL https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fbanjostove4487&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=30986575&m=&rtv=1&thost=ask.fm Protocol H2 Server 146.20.132.101 , United States, ASN27357 (RACKSPACE, US), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://ask.fm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers server nginx date Tue, 28 Sep 2021 09:38:05 GMT content-length 0 access-control-allow-origin https://ask.fm access-control-max-age 300 cache-control max-age=300 access-control-allow-methods GET, POST, OPTIONS access-control-allow-headers Content-Type access-control-expose-headers Content-Type, Content-Disposition access-control-allow-credentials true
POST		ad v.lkqd.net/ Frame 2E79	0 0
GET		cs cs.lkqd.net/ Frame 8D8B	0 0
GET		cs cs.lkqd.net/ Frame 8D8B	0 0
GET		cs cs.lkqd.net/ Frame 8D8B	0 0
GET		cs cs.lkqd.net/ Frame 8D8B	0 0
GET		cs cs.lkqd.net/ Frame 8D8B Redirect Chain https://ad.turn.com/r/cs?pid=65 https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3295574637247455605	0 0
POST H2	200	t Show response t.lkqd.net/ Frame DB94	0 158 B	95ms 94ms	XHR text/plain	146.20.128.131 RACKSPACE
General Check archive.org Show headers Download Go to Full URL https://t.lkqd.net/t Requested by Host: ad.lkqd.net URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.20.128.131 , United States, ASN27357 (RACKSPACE, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/json Response headers access-control-allow-origin https://ask.fm date Tue, 28 Sep 2021 09:38:05 GMT cache-control max-age=0, no-cache, no-store access-control-allow-credentials true server nginx content-length 0 content-type text/plain; charset=UTF-8
OPTIONS H2	200	t t.lkqd.net/ Frame	0 0	96ms 95ms	Preflight text/plain	146.20.128.131 RACKSPACE
General Check archive.org Show headers Download Go to Full URL https://t.lkqd.net/t Protocol H2 Server 146.20.128.131 , United States, ASN27357 (RACKSPACE, US), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://ask.fm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers server nginx date Tue, 28 Sep 2021 09:38:05 GMT content-type text/plain; charset=UTF-8 content-length 0 access-control-allow-credentials true access-control-expose-headers Content-Type, Content-Disposition access-control-allow-headers Content-Type access-control-allow-methods GET, OPTIONS, POST cache-control max-age=300 access-control-max-age 300 access-control-allow-origin https://ask.fm
POST H2	200	48953915 Show response mc.yandex.com/webvisor/	43 B 145 B	44ms 43ms	XHR image/gif	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=2&wv-hit=961285531&page-url=https%3A%2F%2Fask.fm%2Fbanjostove4487&rn=945670252&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1632821885%3Aw%3A1600x1200%3Av%3A660%3Az%3A0%3Ai%3A20210928093805%3Au%3A1632821881983656102%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1632821885 Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://ask.fm/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 28 Sep 2021 09:38:05 GMT last-modified Tue, 28-Sep-2021 09:38:05 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://ask.fm cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Tue, 28-Sep-2021 09:38:05 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

cs.lkqd.net

URL

https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if

Domain

cs.lkqd.net

URL

https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if

Domain

cs.lkqd.net

URL

https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if

Domain

cs.lkqd.net

URL

https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if

Domain

cs.lkqd.net

URL

https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3223517043209527669

Domain

cs.lkqd.net

URL

https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if

Domain

cs.lkqd.net

URL

https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if

Domain

cs.lkqd.net

URL

https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if

Domain

cs.lkqd.net

URL

https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if

Domain

cs.lkqd.net

URL

https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3295574637247455605

Domain

t.lkqd.net

URL

https://t.lkqd.net/t

Domain

cs.lkqd.net

URL

https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if

Domain

cs.lkqd.net

URL

https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if

Domain

cs.lkqd.net

URL

https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if

Domain

cs.lkqd.net

URL

https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if

Domain

cs.lkqd.net

URL

https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3295574637247455605

Domain

match.prod.bidr.io

URL

https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=

Domain

v.lkqd.net

URL

https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fbanjostove4487&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=30986575&m=&rtv=1&thost=ask.fm

Domain

cs.lkqd.net

URL

https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if

Domain

cs.lkqd.net

URL

https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if

Domain

cs.lkqd.net

URL

https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if

Domain

cs.lkqd.net

URL

https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if

Domain

cs.lkqd.net

URL

https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3295574637247455605