urlscan.io logo urlscan.io
SecurityTrails logo

ask.fm Open in urlscan Pro
193.138.77.145  Public Scan

Go To Rescan Add Verdict Report
URL: https://ask.fm/lycrastraw05
Submission: On September 19 via manual from GB — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 106 IPs in 11 countries across 109 domains to perform 333 HTTP transactions. The main IP is 193.138.77.145, located in Latvia and belongs to ASK-FM, US. The main domain is ask.fm.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on September 15th 2021. Valid for: a year.
This is the only time ask.fm was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 193.138.77.145 395754 (ASK-FM)
6 52.222.206.223 16509 (AMAZON-02)
1 3.129.250.65 16509 (AMAZON-02)
3 35.201.96.133 15169 (GOOGLE)
3 14 77.88.21.119 13238 (YANDEX)
20 143.204.101.224 16509 (AMAZON-02)
5 52.222.250.165 16509 (AMAZON-02)
1 52.49.37.161 16509 (AMAZON-02)
8 151.139.128.11 20446 (HIGHWINDS3)
5 5 66.155.71.150 13768 (COGECO-PEER1)
2 4 34.254.143.3 16509 (AMAZON-02)
2 3 35.227.248.159 15169 (GOOGLE)
2 3.123.90.134 16509 (AMAZON-02)
2 4 99.86.4.12 16509 (AMAZON-02)
12 12 3.124.16.134 16509 (AMAZON-02)
3 34.98.67.61 15169 (GOOGLE)
10 11 213.19.147.44 3356 (LEVEL3)
6 8 13.248.242.197 16509 (AMAZON-02)
10 23 2.21.142.210 16625 (AKAMAI-AS)
7 146.20.132.147 27357 (RACKSPACE)
14 43 146.20.128.38 27357 (RACKSPACE)
14 15 142.250.185.130 15169 (GOOGLE)
3 47.252.78.131 45102 (CNNIC-ALI...)
3 3 8.2.110.134 46636 (NATCOWEB)
3 34.246.212.58 16509 (AMAZON-02)
5 5 46.228.164.11 56396 (AMOBEE)
8 146.20.128.41 27357 (RACKSPACE)
2 31.13.92.14 32934 (FACEBOOK)
1 172.217.16.136 15169 (GOOGLE)
1 18.66.97.70 16509 (AMAZON-02)
2 18.66.139.111 16509 (AMAZON-02)
2 23.111.211.20 7979 (SERVERS-COM)
2 172.217.16.142 15169 (GOOGLE)
1 31.13.92.36 32934 (FACEBOOK)
1 173.237.60.36 7979 (SERVERS-COM)
2 23.111.115.244 7979 (SERVERS-COM)
1 52.3.173.52 14618 (AMAZON-AES)
2 2 54.93.179.96 16509 (AMAZON-02)
8 8 34.253.137.48 16509 (AMAZON-02)
4 4 51.178.20.140 16276 (OVH)
1 1 54.159.9.91 14618 (AMAZON-AES)
1 1 46.228.164.13 56396 (AMOBEE)
1 1 34.248.156.174 16509 (AMAZON-02)
2 3 104.90.192.27 16625 (AKAMAI-AS)
3 4 151.101.194.49 54113 (FASTLY)
2 3 198.148.27.139 19189 (PULSEPOINT)
1 35.244.174.68 15169 (GOOGLE)
1 2 91.228.74.134 16509 (AMAZON-02)
3 52.16.151.94 16509 (AMAZON-02)
2 2 104.18.12.5 13335 (CLOUDFLAR...)
1 2 193.0.160.129 54312 (ROCKETFUEL)
1 1 34.107.184.81 15169 (GOOGLE)
1 1 54.175.198.118 14618 (AMAZON-AES)
2 2 52.209.129.133 16509 (AMAZON-02)
1 142.250.13.157 15169 (GOOGLE)
6 7 52.28.70.35 16509 (AMAZON-02)
5 7 212.82.100.176 34010 (YAHOO-IRD)
5 5 18.159.118.206 16509 (AMAZON-02)
3 8 3.126.56.137 16509 (AMAZON-02)
3 185.94.180.124 35220 (SPOTX-AMS)
1 35.186.236.204 15169 (GOOGLE)
4 37.157.4.28 198622 (ADFORM)
8 2.21.141.175 16625 (AKAMAI-AS)
2 23.111.115.172 7979 (SERVERS-COM)
1 151.101.193.229 54113 (FASTLY)
2 104.18.15.161 13335 (CLOUDFLAR...)
2 178.250.0.157 44788 (ASN-CRITE...)
1 13 172.67.42.198 13335 (CLOUDFLAR...)
1 2.21.111.28 16625 (AKAMAI-AS)
6 14 185.33.221.88 29990 (ASN-APPNEX)
7 96.46.183.20 7979 (SERVERS-COM)
5 51.38.120.206 16276 (OVH)
1 147.75.38.124 54825 (PACKET)
1 185.86.138.121 201081 (SMARTADSE...)
1 2 35.244.159.8 15169 (GOOGLE)
2 205.185.216.42 20446 (HIGHWINDS3)
1 23.111.119.12 7979 (SERVERS-COM)
1 1 18.134.84.15 16509 (AMAZON-02)
5 5 185.29.134.248 30419 (MEDIAMATH...)
4 5 37.157.4.29 198622 (ADFORM)
2 5 209.54.177.54 16509 (AMAZON-02)
1 13.32.121.75 16509 (AMAZON-02)
1 80.64.106.149 20764 (RASCOM-AS...)
1 23.111.115.236 7979 (SERVERS-COM)
1 195.209.108.47 52007 (ADRIVER-AS)
1 35.186.238.232 15169 (GOOGLE)
6 92.223.103.5 199524 (GCORE)
1 2 188.34.131.130 24940 (HETZNER-AS)
1 192.96.200.41 30633 (LEASEWEB-...)
1 2 185.15.175.131 43226 (SAFEDATA ...)
1 185.94.180.125 35220 (SPOTX-AMS)
2 185.64.190.78 62713 (AS-PUBMATIC)
2 2 213.155.156.185 1299 (TELIANET ...)
13 185.64.189.110 62713 (AS-PUBMATIC)
1 178.250.0.163 44788 (ASN-CRITE...)
2 185.64.189.114 62713 (AS-PUBMATIC)
2 2 51.210.112.63 16276 (OVH)
1 159.253.128.183 36351 (SOFTLAYER)
5 213.180.204.90 13238 (YANDEX)
1 185.64.190.75 62713 (AS-PUBMATIC)
5 178.154.131.216 13238 (YANDEX)
1 3.128.15.210 16509 (AMAZON-02)
1 92.223.103.52 ()
1 92.223.103.191 ()
1 92.38.162.23 ()
1 92.38.138.42 ()
6 144.76.120.254 ()
2 52.28.33.143 ()
1 172.67.8.174 ()
2 151.101.65.108 ()
2 12 2.21.141.232 ()
2 2 3.123.96.39 ()
2 2 193.232.148.151 ()
4 4 72.251.249.14 ()
8 8 31.172.81.172 ()
1 151.236.71.19 ()
1 104.21.192.29 ()
1 1 35.186.193.173 ()
1 2 51.89.21.8 ()
1 7 178.162.133.149 ()
1 1 35.158.223.21 ()
1 185.33.221.89 ()
2 3 92.123.21.100 ()
1 1 85.114.159.118 ()
2 2 35.201.96.126 ()
1 185.64.190.87 ()
2 4 77.243.60.138 ()
1 104.22.25.87 ()
1 89.207.16.204 ()
1 1 178.62.202.251 ()
1 1 146.0.227.109 ()
1 52.85.49.127 ()
2 2 89.108.119.43 ()
1 1 31.172.81.158 ()
1 3 104.92.74.8 ()
1 69.173.144.139 ()
333 106
3    193.138.77.145 (Latvia)

ASN395754 (ASK-FM, US)
ask.fm
6    52.222.206.223 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-223.fra56.r.cloudfront.net
d3r6ceqp4shltl.cloudfront.net
1    3.129.250.65 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-129-250-65.us-east-2.compute.amazonaws.com
ads.vidoomy.com
3    35.201.96.133 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 133.96.201.35.bc.googleusercontent.com
colossalcoat.com
14    77.88.21.119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru
mc.yandex.ru
mc.yandex.com
20    143.204.101.224 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-224.fra50.r.cloudfront.net
d16vsmxl4d5tw1.cloudfront.net
5    52.222.250.165 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-165.fra60.r.cloudfront.net
dbq8hrmshvuto.cloudfront.net
1    52.49.37.161 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-37-161.eu-west-1.compute.amazonaws.com
static.adsafeprotected.com
8    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
ad.lkqd.net
5    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
4    34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
loadm.exelator.com
3    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
2    3.123.90.134 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-90-134.eu-central-1.compute.amazonaws.com
a.vidoomy.com
4    99.86.4.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-12.fra6.r.cloudfront.net
sb.scorecardresearch.com
12    3.124.16.134 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-16-134.eu-central-1.compute.amazonaws.com
x.bidswitch.net
3    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
11    213.19.147.44 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
8    13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
23    2.21.142.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-142-210.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
7    146.20.132.147 (United States)

ASN27357 (RACKSPACE, US)
v.lkqd.net
43    146.20.128.38 (United States)

ASN27357 (RACKSPACE, US)
cs.lkqd.net
t.lkqd.net
15    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
cm.g.doubleclick.net
3    47.252.78.131 (United States)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)
event.clientgear.com
3    8.2.110.134 (United States)

ASN46636 (NATCOWEB, US)
cs.krushmedia.com
3    34.246.212.58 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-212-58.eu-west-1.compute.amazonaws.com
c.deployads.com
5    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
8    146.20.128.41 (United States)

ASN27357 (RACKSPACE, US)
t.lkqd.net
2    31.13.92.14 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frt3.fbcdn.net
connect.facebook.net
1    172.217.16.136 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f136.1e100.net
www.googletagmanager.com
1    18.66.97.70 (United States)

ASN16509 (AMAZON-02, US)
cmp.optad360.io
2    18.66.139.111 (United States)

ASN16509 (AMAZON-02, US)
get.optad360.io
2    23.111.211.20 (Russian Federation)

ASN7979 (SERVERS-COM, US)
viadata.store
2    172.217.16.142 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f142.1e100.net
www.google-analytics.com
1    31.13.92.36 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-frt3.facebook.com
www.facebook.com
1    173.237.60.36 (United States)

ASN7979 (SERVERS-COM, US)
uscdn.viadata.store
2    23.111.115.244 (Russian Federation)

ASN7979 (SERVERS-COM, US)
logs.viadata.store
1    52.3.173.52 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-173-52.compute-1.amazonaws.com
rtb.adentifi.com
2    54.93.179.96 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-179-96.eu-central-1.compute.amazonaws.com
pm.w55c.net
8    34.253.137.48 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-137-48.eu-west-1.compute.amazonaws.com
sync.tidaltv.com
4    51.178.20.140 (France)

ASN16276 (OVH, FR)
PTR: ns31193670.ip-51-178-20.eu
gu.dyntrk.com
1    54.159.9.91 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-159-9-91.compute-1.amazonaws.com
media.sabio.us
1    46.228.164.13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
1    34.248.156.174 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-156-174.eu-west-1.compute.amazonaws.com
dpm.demdex.net
3    104.90.192.27 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-192-27.deploy.static.akamaitechnologies.com
tags.bluekai.com
4    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
2    91.228.74.134 (United Kingdom)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
pixel.quantserve.com
3    52.16.151.94 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-151-94.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    104.18.12.5 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    34.107.184.81 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 81.184.107.34.bc.googleusercontent.com
nxd.adhaven.com
1    54.175.198.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-198-118.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    52.209.129.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-129-133.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    142.250.13.157 (United States)

ASN15169 (GOOGLE, US)
PTR: we-in-f157.1e100.net
stats.g.doubleclick.net
7    52.28.70.35 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-70-35.eu-central-1.compute.amazonaws.com
ads.adaptv.advertising.com
7    212.82.100.176 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: pr-bh-ing.pbp.vip.ir2.yahoo.com
pr-bh.ybp.yahoo.com
5    18.159.118.206 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-118-206.eu-central-1.compute.amazonaws.com
pixel.advertising.com
8    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    185.94.180.124 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
1    35.186.236.204 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 204.236.186.35.bc.googleusercontent.com
x.vindicosuite.com
4    37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
8    2.21.141.175 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-175.deploy.static.akamaitechnologies.com
vpaid.pubmatic.com
ads.pubmatic.com
aktrack.pubmatic.com
2    23.111.115.172 (Russian Federation)

ASN7979 (SERVERS-COM, US)
cdn.viadata.store
1    151.101.193.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    104.18.15.161 (None, )

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
13    172.67.42.198 (United States)

ASN13335 (CLOUDFLARENET, US)
useast.quantumdex.io
sync.quantumdex.io
ms.quantumdex.io
1    2.21.111.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-111-28.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
14    185.33.221.88 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
7    96.46.183.20 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
5    51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
1    147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    185.86.138.121 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
vidoomy-d.openx.net
2    205.185.216.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net
cdn.stickyadstv.com
1    23.111.119.12 (Russian Federation)

ASN7979 (SERVERS-COM, US)
pl.viadata.store
1    18.134.84.15 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-134-84-15.eu-west-2.compute.amazonaws.com
1f2e7.v.fwmrm.net
5    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
5    37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
5    209.54.177.54 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    13.32.121.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-75.fra60.r.cloudfront.net
vpaid.springserve.com
1    80.64.106.149 (Russian Federation)

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr4.rutarget.ru
clientside-video-bidder.rutarget.ru
1    23.111.115.236 (Russian Federation)

ASN7979 (SERVERS-COM, US)
rtb-msk-2.viadata.store
1    195.209.108.47 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)
ad.adriver.ru
1    35.186.238.232 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 232.238.186.35.bc.googleusercontent.com
ads.viralize.tv
6    92.223.103.5 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
PTR: f22.moevideo.net
moevideo.biz
2    188.34.131.130 (Tann, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.130.131.34.188.clients.your-server.de
adx.com.ru
1    192.96.200.41 (Washington, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ads.aralego.com
2    185.15.175.131 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)
dmg.digitaltarget.ru
1    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    213.155.156.185 (Uppsala, Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-185.teliacarrier-cust.com
d5p.de17a.com
13    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
2    51.210.112.63 (France)

ASN16276 (OVH, FR)
PTR: pikafka-3.cloudy.ovh
pixel.onaudience.com
1    159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
5    213.180.204.90 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: bs.yandex.ru
an.yandex.ru
1    185.64.190.75 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
vid.pubmatic.com
5    178.154.131.216 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: static.yandex.net
yastatic.net
1    3.128.15.210 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-128-15-210.us-east-2.compute.amazonaws.com
vid-io-cle.springserve.com
1    92.223.103.52 (None, )

ASN- ()
playreplay.me
1    92.223.103.191 (None, )

ASN- ()
thesame.tv
1    92.38.162.23 (None, )

ASN- ()
cs-0.moevideo.biz
1    92.38.138.42 (None, )

ASN- ()
playreplay.net
6    144.76.120.254 (None, )

ASN- ()
serving.stat-rock.com
2    52.28.33.143 (None, )

ASN- ()
ads-eu.v.ssp.yahoo.com
1    172.67.8.174 (None, )

ASN- ()
cdn.connectad.io
2    151.101.65.108 (None, )

ASN- ()
acdn.adnxs.com
12    2.21.141.232 (None, )

ASN- ()
js-sec.indexww.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
2    3.123.96.39 (None, )

ASN- ()
ads.creative-serving.com
2    193.232.148.151 (None, )

ASN- ()
px.adhigh.net
4    72.251.249.14 (None, )

ASN- ()
ap.lijit.com
8    31.172.81.172 (None, )

ASN- ()
sync.bumlam.com
sync3.adsniper.ru
1    151.236.71.19 (None, )

ASN- ()
cache.betweendigital.com
1    104.21.192.29 (None, )

ASN- ()
ad4m.at
1    35.186.193.173 (None, )

ASN- ()
cm.ctnsnet.com
2    51.89.21.8 (None, )

ASN- ()
id5-sync.com
7    178.162.133.149 (None, )

ASN- ()
sync.go.sonobi.com
1    35.158.223.21 (None, )

ASN- ()
match.sharethrough.com
1    185.33.221.89 (None, )

ASN- ()
secure.adnxs.com
3    92.123.21.100 (None, )

ASN- ()
px.owneriq.net
1    85.114.159.118 (None, )

ASN- ()
dsp.adfarm1.adition.com
2    35.201.96.126 (None, )

ASN- ()
visitor.fiftyt.com
1    185.64.190.87 (None, )

ASN- ()
aud.pubmatic.com
4    77.243.60.138 (None, )

ASN- ()
uipglob.semasio.net
1    104.22.25.87 (None, )

ASN- ()
mwzeom.zeotap.com
1    89.207.16.204 (None, )

ASN- ()
pubmatic-match.dotomi.com
1    178.62.202.251 (None, )

ASN- ()
match.adsby.bidtheatre.com
1    146.0.227.109 (None, )

ASN- ()
inv-nets.admixer.net
1    52.85.49.127 (None, )

ASN- ()
api.intentiq.com
2    89.108.119.43 (None, )

ASN- ()
x01.aidata.io
1    31.172.81.158 (None, )

ASN- ()
sync3.sniperlog.ru
3    104.92.74.8 (None, )

ASN- ()
secure-assets.rubiconproject.com
eus.rubiconproject.com
1    69.173.144.139 (None, )

ASN- ()
token.rubiconproject.com
Apex Domain
Subdomains		 Transfer
66 lkqd.net
ad.lkqd.net
v.lkqd.net
cs.lkqd.net
t.lkqd.net
233 KB
31 cloudfront.net
d3r6ceqp4shltl.cloudfront.net
d16vsmxl4d5tw1.cloudfront.net
dbq8hrmshvuto.cloudfront.net
748 KB
27 pubmatic.com
vpaid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
simage2.pubmatic.com
vid.pubmatic.com
aktrack.pubmatic.com
aud.pubmatic.com
95 KB
25 stickyadstv.com
ads.stickyadstv.com
cdn.stickyadstv.com
158 KB
17 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
46 KB
17 yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
ads-eu.v.ssp.yahoo.com
14 KB
16 doubleclick.net
cm.g.doubleclick.net
stats.g.doubleclick.net
2 KB
13 quantumdex.io
useast.quantumdex.io
sync.quantumdex.io
ms.quantumdex.io
2 KB
12 advertising.com
ads.adaptv.advertising.com
pixel.advertising.com
7 KB
12 bidswitch.net
x.bidswitch.net
6 KB
12 yandex.com
mc.yandex.com
3 KB
11 casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
12 KB
9 adform.net
adx.adform.net
c1.adform.net
5 KB
9 viadata.store
viadata.store
uscdn.viadata.store
logs.viadata.store
cdn.viadata.store
pl.viadata.store
rtb-msk-2.viadata.store
192 KB
8 betweendigital.com
ads.betweendigital.com
cache.betweendigital.com
6 KB
8 tidaltv.com
sync.tidaltv.com
3 KB
8 adsrvr.org
match.adsrvr.org
3 KB
8 1rx.io
sync.1rx.io
5 KB
7 sonobi.com
sync.go.sonobi.com
9 KB
7 moevideo.biz
moevideo.biz
cs-0.moevideo.biz
619 KB
7 yandex.ru
mc.yandex.ru
an.yandex.ru
146 KB
6 bumlam.com
sync.bumlam.com
4 KB
6 stat-rock.com
serving.stat-rock.com
97 KB
6 turn.com
ad.turn.com
d.turn.com
3 KB
5 yastatic.net
yastatic.net
296 KB
5 amazon-adsystem.com
s.amazon-adsystem.com
3 KB
5 mathtag.com
sync.mathtag.com
3 KB
5 onetag-sys.com
onetag-sys.com
3 KB
5 sitescout.com
pixel-sync.sitescout.com
4 KB
4 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
11 KB
4 semasio.net
uipglob.semasio.net
2 KB
4 lijit.com
ap.lijit.com
2 KB
4 spotxchange.com
search.spotxchange.com
sync.search.spotxchange.com
4 KB
4 everesttech.net
sync-tm.everesttech.net
1 KB
4 dyntrk.com
gu.dyntrk.com
2 KB
4 scorecardresearch.com
sb.scorecardresearch.com
2 KB
4 exelator.com
loadm.exelator.com
3 KB
3 owneriq.net
px.owneriq.net
1 KB
3 criteo.com
gum.criteo.com
dis.criteo.com
928 B
3 bidr.io
match.prod.bidr.io
333 B
3 contextweb.com
bh.contextweb.com
1 KB
3 bluekai.com
tags.bluekai.com
1 KB
3 optad360.io
cmp.optad360.io
get.optad360.io
226 KB
3 deployads.com
c.deployads.com
853 B
3 krushmedia.com
cs.krushmedia.com
2 KB
3 clientgear.com
event.clientgear.com
398 B
3 unrulymedia.com
sync.targeting.unrulymedia.com
1 KB
3 mookie1.com
odr.mookie1.com
1 KB
3 tapad.com
pixel.tapad.com
1 KB
3 colossalcoat.com
colossalcoat.com
30 KB
3 vidoomy.com
ads.vidoomy.com
a.vidoomy.com
7 KB
3 ask.fm
ask.fm
40 KB
2 aidata.io
x01.aidata.io
1 KB
2 fiftyt.com
visitor.fiftyt.com
1 KB
2 id5-sync.com
id5-sync.com
3 KB
2 adsniper.ru
sync3.adsniper.ru
1 KB
2 adhigh.net
px.adhigh.net
822 B
2 creative-serving.com
ads.creative-serving.com
1 KB
2 indexww.com
js-sec.indexww.com
2 KB
2 onaudience.com
pixel.onaudience.com
719 B
2 de17a.com
d5p.de17a.com
637 B
2 digitaltarget.ru
dmg.digitaltarget.ru
1 KB
2 com.ru
adx.com.ru
625 B
2 springserve.com
vpaid.springserve.com
vid-io-cle.springserve.com
87 KB
2 openx.net
vidoomy-d.openx.net
756 B
2 4dex.io
script.4dex.io
22 KB
2 crwdcntrl.net
bcp.crwdcntrl.net
sync.crwdcntrl.net Failed
1 KB
2 rfihub.com
p.rfihub.com
1 KB
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 quantserve.com
cms.quantserve.com
pixel.quantserve.com
812 B
2 w55c.net
pm.w55c.net
2 KB
2 google-analytics.com
www.google-analytics.com
20 KB
2 facebook.net
connect.facebook.net
68 KB
1 sniperlog.ru
sync3.sniperlog.ru
297 B
1 intentiq.com
api.intentiq.com
662 B
1 admixer.net
inv-nets.admixer.net
567 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 zeotap.com
mwzeom.zeotap.com
455 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 sharethrough.com
match.sharethrough.com
240 B
1 ctnsnet.com
cm.ctnsnet.com
412 B
1 ad4m.at
ad4m.at
1 playreplay.net
playreplay.net
332 B
1 thesame.tv
thesame.tv
332 B
1 playreplay.me
playreplay.me
332 B
1 simpli.fi
um.simpli.fi
610 B
1 aralego.com
ads.aralego.com
514 B
1 viralize.tv
ads.viralize.tv
302 B
1 adriver.ru
ad.adriver.ru
6 KB
1 rutarget.ru
clientside-video-bidder.rutarget.ru
687 B
1 fwmrm.net
1f2e7.v.fwmrm.net
511 B
1 smartadserver.com
prg.smartadserver.com
314 B
1 connectad.io
i.connectad.io Failed
cdn.connectad.io
1 a-mo.net
prebid.a-mo.net
164 B
1 jsdelivr.net
cdn.jsdelivr.net
1 KB
1 vindicosuite.com
x.vindicosuite.com
759 B
1 stackadapt.com
sync.srv.stackadapt.com
594 B
1 adhaven.com
nxd.adhaven.com
244 B
1 rlcdn.com
idsync.rlcdn.com
66 B
1 demdex.net
dpm.demdex.net
566 B
1 sabio.us
media.sabio.us
235 B
1 adentifi.com
rtb.adentifi.com
88 B
1 facebook.com
www.facebook.com
313 B
1 googletagmanager.com
www.googletagmanager.com
35 KB
1 adsafeprotected.com
static.adsafeprotected.com
259 B
0 tns-counter.ru Failed
www.tns-counter.ru Failed
0 thrtle.com Failed
thrtle.com Failed
0 moe.video Failed
moe.video Failed
333 109
Domain Requested by
35 cs.lkqd.net 14 redirects ad.lkqd.net
23 ads.stickyadstv.com 10 redirects ask.fm
ad.lkqd.net
cdn.stickyadstv.com
vpaid.springserve.com
20 d16vsmxl4d5tw1.cloudfront.net ask.fm
16 t.lkqd.net ad.lkqd.net
15 cm.g.doubleclick.net 14 redirects
14 ib.adnxs.com 6 redirects get.optad360.io
vpaid.springserve.com
acdn.adnxs.com
12 x.bidswitch.net 12 redirects
12 mc.yandex.com 2 redirects ask.fm
mc.yandex.ru
11 sync.quantumdex.io get.optad360.io
sync.quantumdex.io
ssum-sec.casalemedia.com
ads.pubmatic.com
8 ups.analytics.yahoo.com 3 redirects ssum-sec.casalemedia.com
8 sync.tidaltv.com 8 redirects
8 match.adsrvr.org 6 redirects ssum-sec.casalemedia.com
8 sync.1rx.io 7 redirects sync.quantumdex.io
8 ad.lkqd.net ask.fm
ad.lkqd.net
7 sync.go.sonobi.com 1 redirects sync.quantumdex.io
sync.go.sonobi.com
7 simage2.pubmatic.com ads.pubmatic.com
7 ads.betweendigital.com get.optad360.io
ads.betweendigital.com
7 pr-bh.ybp.yahoo.com 5 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
7 ads.adaptv.advertising.com 6 redirects vpaid.springserve.com
7 v.lkqd.net ad.lkqd.net
6 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
6 sync.bumlam.com 6 redirects
6 serving.stat-rock.com get.optad360.io
6 image2.pubmatic.com ads.pubmatic.com
6 moevideo.biz ask.fm
moevideo.biz
6 d3r6ceqp4shltl.cloudfront.net ask.fm
d3r6ceqp4shltl.cloudfront.net
5 yastatic.net an.yandex.ru
5 an.yandex.ru ask.fm
an.yandex.ru
5 s.amazon-adsystem.com 2 redirects ssum-sec.casalemedia.com
5 c1.adform.net 4 redirects ads.pubmatic.com
5 sync.mathtag.com 5 redirects
5 onetag-sys.com get.optad360.io
sync.quantumdex.io
5 pixel.advertising.com 5 redirects
5 ad.turn.com 5 redirects
5 pixel-sync.sitescout.com 5 redirects
5 dbq8hrmshvuto.cloudfront.net ask.fm
4 uipglob.semasio.net 2 redirects ads.pubmatic.com
sync.go.sonobi.com
4 ap.lijit.com 4 redirects
4 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
sync.quantumdex.io
4 ads.pubmatic.com vpaid.pubmatic.com
ads.pubmatic.com
sync.quantumdex.io
4 adx.adform.net ad.lkqd.net
get.optad360.io
4 sync-tm.everesttech.net 3 redirects ssum-sec.casalemedia.com
4 gu.dyntrk.com 4 redirects
4 sb.scorecardresearch.com 2 redirects ask.fm
4 loadm.exelator.com 2 redirects ads.pubmatic.com
3 px.owneriq.net 2 redirects ssum-sec.casalemedia.com
3 vpaid.pubmatic.com ad.lkqd.net
vpaid.springserve.com
blank
3 search.spotxchange.com ad.lkqd.net
3 match.prod.bidr.io ads.pubmatic.com
3 bh.contextweb.com 2 redirects sync.go.sonobi.com
3 tags.bluekai.com 2 redirects ads.pubmatic.com
3 c.deployads.com ad.lkqd.net
3 cs.krushmedia.com 3 redirects
3 event.clientgear.com ad.lkqd.net
3 sync.targeting.unrulymedia.com 3 redirects
3 odr.mookie1.com ask.fm
ads.pubmatic.com
sync.go.sonobi.com
3 pixel.tapad.com 2 redirects sync.go.sonobi.com
3 colossalcoat.com ask.fm
colossalcoat.com
3 ask.fm serving.stat-rock.com
2 eus.rubiconproject.com cache.betweendigital.com
eus.rubiconproject.com
2 x01.aidata.io 2 redirects
2 visitor.fiftyt.com 2 redirects
2 id5-sync.com 1 redirects sync.quantumdex.io
2 sync3.adsniper.ru 2 redirects
2 px.adhigh.net 2 redirects
2 ads.creative-serving.com 2 redirects
2 js-sec.indexww.com get.optad360.io
ssum-sec.casalemedia.com
2 acdn.adnxs.com get.optad360.io
2 ads-eu.v.ssp.yahoo.com
2 pixel.onaudience.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 image6.pubmatic.com ads.pubmatic.com
2 dmg.digitaltarget.ru 1 redirects
2 adx.com.ru 1 redirects
2 cdn.stickyadstv.com ad.lkqd.net
cdn.stickyadstv.com
2 vidoomy-d.openx.net 1 redirects
2 gum.criteo.com get.optad360.io
2 script.4dex.io get.optad360.io
script.4dex.io
2 cdn.viadata.store ask.fm
2 bcp.crwdcntrl.net 2 redirects
2 p.rfihub.com 1 redirects
2 pm.w55c.net 2 redirects
2 logs.viadata.store
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 viadata.store d3r6ceqp4shltl.cloudfront.net
ask.fm
2 get.optad360.io d3r6ceqp4shltl.cloudfront.net
get.optad360.io
2 connect.facebook.net d3r6ceqp4shltl.cloudfront.net
connect.facebook.net
2 a.vidoomy.com ask.fm
2 mc.yandex.ru 1 redirects d3r6ceqp4shltl.cloudfront.net
1 token.rubiconproject.com eus.rubiconproject.com
1 secure-assets.rubiconproject.com 1 redirects
1 sync3.sniperlog.ru 1 redirects
1 api.intentiq.com sync.go.sonobi.com
1 inv-nets.admixer.net 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 pixel.quantserve.com 1 redirects
1 mwzeom.zeotap.com ads.pubmatic.com
1 aud.pubmatic.com ads.pubmatic.com
1 dsp.adfarm1.adition.com 1 redirects
1 secure.adnxs.com ssum-sec.casalemedia.com
1 match.sharethrough.com 1 redirects
1 ms.quantumdex.io 1 redirects
1 cm.ctnsnet.com 1 redirects
1 ad4m.at ssum-sec.casalemedia.com
1 cache.betweendigital.com ads.betweendigital.com
1 cdn.connectad.io get.optad360.io
1 playreplay.net moevideo.biz
1 cs-0.moevideo.biz moevideo.biz
1 thesame.tv moevideo.biz
1 playreplay.me moevideo.biz
1 aktrack.pubmatic.com
1 vid-io-cle.springserve.com vpaid.springserve.com
1 vid.pubmatic.com vpaid.pubmatic.com
1 um.simpli.fi ads.pubmatic.com
1 dis.criteo.com ads.pubmatic.com
1 sync.search.spotxchange.com
1 ads.aralego.com ask.fm
1 ads.viralize.tv ask.fm
1 ad.adriver.ru ask.fm
1 rtb-msk-2.viadata.store ask.fm
1 clientside-video-bidder.rutarget.ru ask.fm
1 vpaid.springserve.com ad.lkqd.net
1 1f2e7.v.fwmrm.net 1 redirects
1 pl.viadata.store ask.fm
1 prg.smartadserver.com get.optad360.io
1 prebid.a-mo.net get.optad360.io
1 htlb.casalemedia.com get.optad360.io
1 useast.quantumdex.io get.optad360.io
1 cdn.jsdelivr.net get.optad360.io
1 x.vindicosuite.com ad.lkqd.net
1 stats.g.doubleclick.net www.google-analytics.com
1 sync.srv.stackadapt.com 1 redirects
1 nxd.adhaven.com 1 redirects
1 s.tribalfusion.com 1 redirects
1 a.tribalfusion.com 1 redirects
1 cms.quantserve.com
1 idsync.rlcdn.com
1 dpm.demdex.net 1 redirects
1 d.turn.com 1 redirects
1 media.sabio.us 1 redirects
1 rtb.adentifi.com
1 uscdn.viadata.store ask.fm
1 www.facebook.com
1 cmp.optad360.io d3r6ceqp4shltl.cloudfront.net
1 www.googletagmanager.com d3r6ceqp4shltl.cloudfront.net
1 static.adsafeprotected.com ask.fm
1 ads.vidoomy.com ask.fm
0 www.tns-counter.ru Failed
0 sync.crwdcntrl.net Failed sync.go.sonobi.com
0 thrtle.com Failed sync.go.sonobi.com
0 moe.video Failed moevideo.biz
0 i.connectad.io Failed get.optad360.io
333 154

This site contains links to these domains. Also see Links.

Domain
about.ask.fm
safety.ask.fm
support.ask.fm
www.facebook.com
instagram.com
twitter.com
vk.com
Subject Issuer Validity Valid
*.ask.fm
AlphaSSL CA - SHA256 - G2		 2021-09-15 -
2022-10-17		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2021-08-06 -
2022-09-05		 a year crt.sh
colossalcoat.com
R3		 2021-09-11 -
2021-12-10		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2021-07-28 -
2022-01-07		 5 months crt.sh
static.adsafeprotected.com
Amazon		 2021-01-06 -
2022-02-04		 a year crt.sh
ad.lkqd.net
R3		 2021-07-25 -
2021-10-23		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-11-17		 a year crt.sh
*.lkqd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-09 -
2022-07-14		 a year crt.sh
*.clientgear.com
Go Daddy Secure Certificate Authority - G2		 2020-12-24 -
2022-01-25		 a year crt.sh
*.deployads.com
Amazon		 2021-06-04 -
2022-07-03		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-09 -
2021-12-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.optad360.io
Amazon		 2020-12-17 -
2022-01-15		 a year crt.sh
*.viadata.store
Sectigo RSA Domain Validation Secure Server CA		 2020-11-17 -
2021-11-27		 a year crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-02 -
2022-06-07		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
*.rfihub.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-18 -
2022-06-18		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-17 -
2022-02-09		 6 months crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2021-03-10 -
2022-03-29		 a year crt.sh
mpp.vindicosuite.com
GTS CA 1D4		 2021-08-25 -
2021-11-23		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-30 -
2022-06-01		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-08 -
2022-07-07		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-19 -
2021-12-20		 a year crt.sh
onetag-sys.com
R3		 2021-07-26 -
2021-10-24		 3 months crt.sh
*.a-mo.net
R3		 2021-07-16 -
2021-10-14		 3 months crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.stickyadstv.com
DigiCert SHA2 High Assurance Server CA		 2019-11-25 -
2022-02-18		 2 years crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
*.springserve.com
Amazon		 2021-04-30 -
2022-05-29		 a year crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-05-24 -
2021-11-17		 6 months crt.sh
*.rutarget.ru
Thawte RSA CA 2018		 2021-05-17 -
2022-06-17		 a year crt.sh
*.adriver.ru
RapidSSL RSA CA 2018		 2020-04-03 -
2022-04-24		 2 years crt.sh
*.viralize.tv
Sectigo RSA Domain Validation Secure Server CA		 2019-10-21 -
2021-11-18		 2 years crt.sh
*.moevideo.biz
AlphaSSL CA - SHA256 - G2		 2021-04-27 -
2022-05-29		 a year crt.sh
*.adx.com.ru
Sectigo RSA Domain Validation Secure Server CA		 2021-05-04 -
2022-05-04		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-23 -
2021-11-21		 2 years crt.sh
dmg.digitaltarget.ru
R3		 2021-08-17 -
2021-11-15		 3 months crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2021-04-08 -
2022-05-09		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-04-25 -
2022-04-26		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
bs.yandex.ru
Yandex CA		 2021-05-31 -
2021-11-29		 6 months crt.sh
*.yastatic.net
Yandex CA		 2021-08-18 -
2022-02-16		 6 months crt.sh
*.playreplay.me
AlphaSSL CA - SHA256 - G2		 2021-02-11 -
2022-03-15		 a year crt.sh
*.thesame.tv
AlphaSSL CA - SHA256 - G2		 2021-06-09 -
2022-07-11		 a year crt.sh
*.playreplay.net
AlphaSSL CA - SHA256 - G2		 2020-10-01 -
2021-11-02		 a year crt.sh
serving.stat-rock.com
R3		 2021-08-22 -
2021-11-20		 3 months crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2021-05-16 -
2022-05-15		 a year crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
cache.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2019-11-08 -
2022-02-05		 2 years crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
*.id5-sync.com
R3		 2021-07-13 -
2021-10-11		 3 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
*.pbp.bf2.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-18 -
2021-11-17		 3 months crt.sh
*.owneriq.net
GeoTrust RSA CA 2018		 2021-01-29 -
2022-02-02		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-09 -
2022-04-10		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2020-05-07 -
2022-05-12		 2 years crt.sh
*.intentiq.com
Amazon		 2021-04-04 -
2022-05-03		 a year crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA		 2020-10-05 -
2021-11-06		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh

This page contains 43 frames:

Primary Page: https://ask.fm/lycrastraw05
Frame ID: DD262BAB04F35C0F9D432B6CF86929D8
Requests: 143 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 7A2A3B782F74AC83F74DCD56B15BEA77
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: C674918F4E7288A4490993E9EFA3B66F
Requests: 2 HTTP requests in this frame

Frame: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=ed2b088e-c783-4afa-979f-b886e4a939b8-6147148c-5553
Frame ID: E086DE0258F77BF52ED73F63EAFBA21D
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 3E284EF870A8D4F99E8947890FBE96C1
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 9F9209D9F14263F63DFD7ECDB0498B1B
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: E0B2D6ABFD759FE62D6C9D9D6E4D2CC4
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 1DD4E9C7758807DE8448326DEBF29AF4
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: FE27794D1D1B5B221ED5076F5D943743
Requests: 21 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 63F365400868CB47C582136142321424
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 75176D9CD118ECAE9CBF89090FC93C62
Requests: 5 HTTP requests in this frame

Frame: https://cdn.viadata.store/js/player/210830.js
Frame ID: DD3EBECF2A56632E5E92AD2665B623D1
Requests: 12 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 5033791026142B1422F5B3152291936E
Requests: 4 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_44854a27.js
Frame ID: 723C447B27696EBC570682684CAA0A7B
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Flycrastraw05&schain=1.0,1!vidoomy.com,54345,1,1632048269690,,
Frame ID: D42254336AA4DD793D939C5CE2329059
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: AF4E384179E600BEFF72E7A3D6716C5D
Requests: 13 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F6956387-2234-4DCC-A664-B7F021559DFF
Frame ID: 78FCB05433236BCF355352B491562B4E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2010685131617161665
Frame ID: 2540F5F2BF3659DF7A236DC96C39D705
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 7A06ADB38BFD4235CE2A585CD130EF6C
Requests: 1 HTTP requests in this frame

Frame: https://moevideo.biz/embed/player/1709/vpaid/vpaid.min.js
Frame ID: F0D3B233A68D410BD9ADAE83AC713A62
Requests: 1 HTTP requests in this frame

Frame: https://moevideo.biz/embed/vpaid?token=aJfn%2B3ZiwaILh2VwXgVNdGMpjxfzoF1hMSaTwZ32RDxZTfanUc%2FF7RBy05EillCa&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Flycrastraw05&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1709
Frame ID: A80B2AA3ADDA1670319A09E043F1FC53
Requests: 9 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 2338B65CFFAB315C6E44226CA1FA5B29
Requests: 2 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: 200BC0C8B64DDD216497C0DF15684099
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 87D38E60B33CFBEB8FCF3074CDA3FB6E
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 9F7EB7AF0CED0380E8F88C5BE84C1384
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: BA404BA636F59D2EA525DDA07CD820F3
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1632048272932
Frame ID: E66CE41668DED943BE57A81F9BE9A56E
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1632048270340
Frame ID: 7F9818DA625795D53BF1673D69734470
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5C65572B8BF9203BCF7DBF851BF2459B
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C5B8C327F1BBEB558D21E47C81ACBB01
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: B331EF5BF878CA516982583FD3EF3881
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: 7866D300A10943F669EE0BFD80456D76
Requests: 11 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 70947BD6FE2CD83E1DE48DF9BFDC42ED
Requests: 5 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: F8717C27E03FC2435D3B0F66189A79D2
Requests: 10 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=9e892092-e903-5306-ad7d-a9bfcc3abd31&CACHEBUSTER=75751
Frame ID: 8CD7CD14CB0B07AACB7BCCD17CB0D55D
Requests: 4 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 12F2CFA2C651014FE79C47A5A731DE22
Requests: 10 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 2B42505A71C27B8CA4382CF48E06B5D3
Requests: 13 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 75C08D4F03DE101EDA3AA7506CA14D43
Requests: 14 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 9EA62D4D046C7CC02C262C3EB9BC41C8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7009593958061176981
Frame ID: 069D8A277EC2FC724FBF4B9C191EF4C6
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
Frame ID: 0E23B5265152D9A34E2DDB28315E2F4A
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=F6956387-2234-4DCC-A664-B7F021559DFF
Frame ID: 7FBE4A09A75AEDD57B55165205374990
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: 7053E5DB88079D9FD7E72A5AFCE0813E
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Account Suspended - Ask.fm

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:adriver\.core\.\d\.js|https?://(?:content|ad|masterh\d)\.adriver\.ru/)
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

333
Requests

98 %
HTTPS

0 %
IPv6

109
Domains

154
Subdomains

106
IPs

11
Countries

3232 kB
Transfer

8140 kB
Size

155
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9401.pnGcAikYK9Mi961lMGVd3-cgfza-fL5i49kFX2qNIRO3hTcUFPHzwJgK5mDRDJ1H.UYphlb2hhgKPORrEQ7Ho1rie2jM%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9401.bPojp0JScTbDiQ_A375aKF8X-dB3VXdGuyIKnQlmekrY69gFrHysaKBSLs_BlL6DmLSMlByXmHuA5WB7V4A2-g%2C%2C.4aPmggkg_abnLJdt9u0tKBdsltM%2C
Request Chain 37
  • https://mc.yandex.com/watch/48953915?wmode=7&page-url=https%3A%2F%2Fask.fm%2Flycrastraw05&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A747%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A644%3Acn%3A1%3Adp%3A0%3Als%3A802044181640%3Ahid%3A168314377%3Az%3A0%3Ai%3A202109190104428%3Aet%3A1632048269%3Ac%3A1%3Arn%3A94775074%3Arqn%3A1%3Au%3A1632048269587269209%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1632048267662%3Ads%3A0%2C330%2C275%2C1%2C0%2C0%2C%2C97%2C4%2C%2C%2C%2C706%3Adsn%3A0%2C330%2C275%2C1%2C0%2C0%2C%2C100%2C3%2C%2C%2C%2C707%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1632048269%3At%3AAccount%20Suspended%20-%20Ask.fm HTTP 302
  • https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Flycrastraw05&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A747%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A644%3Acn%3A1%3Adp%3A0%3Als%3A802044181640%3Ahid%3A168314377%3Az%3A0%3Ai%3A202109190104428%3Aet%3A1632048269%3Ac%3A1%3Arn%3A94775074%3Arqn%3A1%3Au%3A1632048269587269209%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1632048267662%3Ads%3A0%2C330%2C275%2C1%2C0%2C0%2C%2C97%2C4%2C%2C%2C%2C706%3Adsn%3A0%2C330%2C275%2C1%2C0%2C0%2C%2C100%2C3%2C%2C%2C%2C707%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1632048269%3At%3AAccount%20Suspended%20-%20Ask.fm
Request Chain 40
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=ed2b088e-c783-4afa-979f-b886e4a939b8-6147148c-5553&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Ded2b088e-c783-4afa-979f-b886e4a939b8-6147148c-5553%26partner_url%3Dhttps%253A%252F%252Fa.vidoomy.com%252Fapi%252Frtbserver%252Fcookie%253Fi%253DCEN%2526uid%253Ded2b088e-c783-4afa-979f-b886e4a939b8-6147148c-5553 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=ed2b088e-c783-4afa-979f-b886e4a939b8-6147148c-5553&partner_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3Ded2b088e-c783-4afa-979f-b886e4a939b8-6147148c-5553 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=ed2b088e-c783-4afa-979f-b886e4a939b8-6147148c-5553&partner_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3Ded2b088e-c783-4afa-979f-b886e4a939b8-6147148c-5553 HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=ed2b088e-c783-4afa-979f-b886e4a939b8-6147148c-5553
Request Chain 41
  • https://sb.scorecardresearch.com/p?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=954547&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va&ns_st_cl=0&ns_st_pt=0&c3=vidoomynet&c4=&c6=&ns_ts=1632048268 HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=954547&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va&ns_st_cl=0&ns_st_pt=0&c3=vidoomynet&c4=&c6=&ns_ts=1632048268
Request Chain 42
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=6336512.3865259941882040986.8194181 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=6336512.3865259941882040986.8194181 HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=309b7fe6-7282-4794-81be-0bd85dd04cb6&ssp=vidoomy&gdpr=&gdpr_consent=
Request Chain 43
  • https://sync.1rx.io/usersync2/vidoomy?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8651987332 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8651987332 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/e6d21897-77c4-4383-9f0a-fc391dcd53d0 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-0afc7e10-ea87-479b-a08c-cdacc41f2960-003?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3DRX-0afc7e10-ea87-479b-a08c-cdacc41f2960-003 HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=RX-0afc7e10-ea87-479b-a08c-cdacc41f2960-003
Request Chain 49
  • https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&google_hm=elVaY0x1bGJtSDA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm=&google_hm=elVaY0x1bGJtSDA&google_tc= HTTP 302
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEOYE-hvigrhK2JcEMDv5LTw&google_cver=1
Request Chain 50
  • https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
  • https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=Ooizg53MgUw
Request Chain 51
  • https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if HTTP 302
  • https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=qH9kiAVY20g&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D HTTP 302
  • https://cs.lkqd.net/cs?partnerId=102&partnerUserId=0043dd03-fec9-4359-a7a9-7c2cb21d8f48
Request Chain 52
  • https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
  • https://c.deployads.com/cs/NXST?b=mLZH1DsR1Ro
Request Chain 53
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3935393462290813528
Request Chain 54
  • https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&google_hm=d05FTjhiclpzV1E HTTP 302
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEOYE-hvigrhK2JcEMDv5LTw&google_cver=1
Request Chain 55
  • https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
  • https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=Jfa1ZtB_3K0
Request Chain 56
  • https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if HTTP 302
  • https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=XOXPKuJxLCo&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D HTTP 302
  • https://cs.lkqd.net/cs?partnerId=102&partnerUserId=a19dc026-d682-40f2-b9b2-582f0c5c4e70
Request Chain 57
  • https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
  • https://c.deployads.com/cs/NXST?b=9sv3qdPbOxM
Request Chain 58
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3575105492101173848
Request Chain 68
  • https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&google_hm=SmloZnM4SWYtMU0 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEOYE-hvigrhK2JcEMDv5LTw&google_cver=1
Request Chain 69
  • https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
  • https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=Jihfs8If-1M
Request Chain 70
  • https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if HTTP 302
  • https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=Jihfs8If-1M&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D HTTP 302
  • https://cs.lkqd.net/cs?partnerId=102&partnerUserId=da939857-8493-49f0-9a8e-0e27f15610e8
Request Chain 71
  • https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
  • https://c.deployads.com/cs/NXST?b=Jihfs8If-1M
Request Chain 72
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3575105492101173848
Request Chain 90
  • https://sync.1rx.io/usersync2/lkqd HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-0afc7e10-ea87-479b-a08c-cdacc41f2960-003&rndcb=1554849082 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=309b7fe6-7282-4794-81be-0bd85dd04cb6&google_hm=MzA5YjdmZTYtNzI4Mi00Nzk0LTgxYmUtMGJkODVkZDA0Y2I2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEDlSM0N0GTxyGTkpYdCw8wg&google_cver=1&ssp=adconductor&bsw_param=309b7fe6-7282-4794-81be-0bd85dd04cb6 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/309b7fe6-7282-4794-81be-0bd85dd04cb6?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-0afc7e10-ea87-479b-a08c-cdacc41f2960-003?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D7%26partnerUserId%3DRX-0afc7e10-ea87-479b-a08c-cdacc41f2960-003 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=7&partnerUserId=RX-0afc7e10-ea87-479b-a08c-cdacc41f2960-003
Request Chain 91
  • https://x.bidswitch.net/sync?ssp=lkqd HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dlkqd%26bsw_param%3D309b7fe6-7282-4794-81be-0bd85dd04cb6 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dlkqd%26bsw_param%3D309b7fe6-7282-4794-81be-0bd85dd04cb6 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=79&user_id=cGhfxgCM1MrUjb5&expires=30&ssp=lkqd&bsw_param=309b7fe6-7282-4794-81be-0bd85dd04cb6 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=12&partnerUserId=309b7fe6-7282-4794-81be-0bd85dd04cb6&redirect=%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D43%26partnerUserId%3D309b7fe6-7282-4794-81be-0bd85dd04cb6%26redirect%3D%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D46%2526partnerUserId%253D309b7fe6-7282-4794-81be-0bd85dd04cb6 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=43&partnerUserId=309b7fe6-7282-4794-81be-0bd85dd04cb6&redirect=//cs.lkqd.net/cs?partnerId%3D46%26partnerUserId%3D309b7fe6-7282-4794-81be-0bd85dd04cb6 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=46&partnerUserId=309b7fe6-7282-4794-81be-0bd85dd04cb6
Request Chain 92
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=e0d6q5j&ttd_tpi=1 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=22&partnerUserId=e6d21897-77c4-4383-9f0a-fc391dcd53d0
Request Chain 93
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3162 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3162&s_h=1 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=23&partnerUserId=9e53bc2a-b413-4b69-9bb8-aaae9d4067c9&gdpr=1&gdpr_consent=
Request Chain 94
  • https://gu.dyntrk.com/adx/lkqd/us.php?dynk=l1k4q1d4&gdpr=&gdpr_consent= HTTP 302
  • https://gu.dyntrk.com/adx/lkqd/us.php?dynk=l1k4q1d4&gdpr=&gdpr_consent=&prevuid=03030001_6147148de301c&knw=0 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=25&partnerUserId=03030001_6147148de301c
Request Chain 95
  • https://media.sabio.us/imp_pixel?invsrc=11&secure=1 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=39&partnerUserId=2929066073851811149
Request Chain 96
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd&s_h=1 HTTP 302
  • https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=9e53bc2a-b413-4b69-9bb8-aaae9d4067c9&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1266 HTTP 302
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/9e53bc2a-b413-4b69-9bb8-aaae9d4067c9/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=445&dpuuid=9e53bc2a-b413-4b69-9bb8-aaae9d4067c9?redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1262&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1262 HTTP 302
  • https://tags.bluekai.com/site/5379?id=9e53bc2a-b413-4b69-9bb8-aaae9d4067c9&redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1263&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1263 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=281&buid=9e53bc2a-b413-4b69-9bb8-aaae9d4067c9&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
Request Chain 97
  • https://sync-tm.everesttech.net/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D&_test=YUcUjQACtM9MRQAR HTTP 302
  • https://cs.lkqd.net/cs?partnerId=52&partnerUserId=YUcUjQACtM9MRQAR&_test=YUcUjQACtM9MRQAR
Request Chain 98
  • https://bh.contextweb.com/bh/rtset?pid=561322&ev=1&rurl=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D53%26partnerUserId%3D%25%25VGUID%25%25 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=53&partnerUserId=2gEDIch4uyZM&ev=1&pid=561322
Request Chain 102
  • https://a.tribalfusion.com/i.match?p=b30&u=Ooizg53MgUw&redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D85%26partnerUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b30&u=Ooizg53MgUw&redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D85%26partnerUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=85&partnerUserId=18072662189313244133
Request Chain 104
  • https://nxd.adhaven.com/bid-engine/cs/2e288610711ad6050acd86a3fc72a6c3/v1?rd=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D90%26partnerUserId%3D%24UID HTTP 302
  • https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_ff0adb9d-f533-4871-baac-494f3e9d14cc
Request Chain 105
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=rdyLQCDWQitXDViO_ljYldiDct8
Request Chain 106
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=118 HTTP 302
  • https://tags.bluekai.com/site/17724?id=ed2b088e-c783-4afa-979f-b886e4a939b8-6147148c-5553&redir=https%3A%2F%2Fbcp.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3Ded2b088e-c783-4afa-979f-b886e4a939b8-6147148c-5553%3Fhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D97%2526partnerUserId%253Ded2b088e-c783-4afa-979f-b886e4a939b8-6147148c-5553 HTTP 302
  • https://bcp.crwdcntrl.net/map/c=1389/tp=STSC/tpid=ed2b088e-c783-4afa-979f-b886e4a939b8-6147148c-5553?https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D97%26partnerUserId%3Ded2b088e-c783-4afa-979f-b886e4a939b8-6147148c-5553 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=1389/tp=STSC/tpid=ed2b088e-c783-4afa-979f-b886e4a939b8-6147148c-5553?https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D97%26partnerUserId%3Ded2b088e-c783-4afa-979f-b886e4a939b8-6147148c-5553 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=97&partnerUserId=ed2b088e-c783-4afa-979f-b886e4a939b8-6147148c-5553
Request Chain 108
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1476296260&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fask.fm%2Flycrastraw05&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/adtech/VA9196595a-1936-11ec-aa37-0257f42588d2?gdpr=0&gdpr_consent=&nsync=1 HTTP 302
  • https://pixel.advertising.com/ups/56465/sync?uid=y-mEwG1EBE2p46qH5ce6sozz_zexG4Pe7lEgVl~A&_origin=0&nsync=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-mEwG1EBE2p46qH5ce6sozz_zexG4Pe7lEgVl~A&_origin=0&nsync=1&apid=VA91756621-1936-11ec-b66c-068ca93f1b73
Request Chain 110
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1765061027&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fask.fm%2Flycrastraw05&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/adtech/VA90d3e422-1936-11ec-9b4e-06f94beed07d?gdpr=0&gdpr_consent=&nsync=1 HTTP 302
  • https://pixel.advertising.com/ups/56465/sync?uid=y-L2MJ7WBE2p7tO8gjFAodRjbtdevMuj4aGggJ~A&_origin=0&nsync=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-L2MJ7WBE2p7tO8gjFAodRjbtdevMuj4aGggJ~A&_origin=0&nsync=1&apid=VA91756621-1936-11ec-b66c-068ca93f1b73
Request Chain 111
  • https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fask.fm%2Flycrastraw05&cb=1498346751&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C5532748520917190917957048773,, HTTP 302
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fask.fm%2Flycrastraw05&cb=1498346751&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C5532748520917190917957048773,, HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjBlNWEwNDMtNjI4OS02MjhmLTQ3ODMtMWUwOGJhZjNmOWUx
Request Chain 112
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHuEXTfdKx9AY=?cb=1687434424&pageUrl=https%3A%2F%2Fask.fm%2Flycrastraw05&duration=&id=&title=&url=&pi.width=400&pi.height=225&pi.viewable=1&eov=eov&scpid=54345&hp=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/adtech/VA91723f68-1936-11ec-900f-06975d144474?gdpr=0&gdpr_consent=&nsync=1 HTTP 302
  • https://pixel.advertising.com/ups/56465/sync?uid=y-aRSVnWBE2p7r8Cpu.SYSYpDVJgXEZE1ys.Wx~A&_origin=0&nsync=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-aRSVnWBE2p7r8Cpu.SYSYpDVJgXEZE1ys.Wx~A&_origin=0&nsync=1&apid=VA91756621-1936-11ec-b66c-068ca93f1b73
Request Chain 122
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=991917654&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Flycrastraw05&eov=eov&pi.width=400&pi.height=225&pi.viewable=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/adtech/VA91756621-1936-11ec-b66c-068ca93f1b73?gdpr=0&gdpr_consent=&nsync=1 HTTP 302
  • https://pixel.advertising.com/ups/56465/sync?uid=y-EnLpL7xE2p4kkxr8BU9FhbChWGMt1p1gru00~A&_origin=0&nsync=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-EnLpL7xE2p4kkxr8BU9FhbChWGMt1p1gru00~A&_origin=0&nsync=1&apid=VA91756621-1936-11ec-b66c-068ca93f1b73
Request Chain 138
  • https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fask.fm%2Flycrastraw05&cb=1498346751&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C5532748520917190917957048773,, HTTP 302
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fask.fm%2Flycrastraw05&cb=1498346751&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C5532748520917190917957048773,,
Request Chain 159
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=4c50b0259ffd9f3d63c8814f698bab&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l0772_7009593949438367262 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NGM1MGIwMjU5ZmZkOWYzZDYzYzg4MTRmNjk4YmFi&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESECelEJRtQrBrXXwV5-1rZdE&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=e6d21897-77c4-4383-9f0a-fc391dcd53d0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/4c50b0259ffd9f3d63c8814f698bab&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-KOr2.a5E2oMV1csvKhPsI9quO5ibLLtE5OVYUnZy~A HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.stickyadstv.com%252Fuser-registering%253FdataProviderId%253D209%26gdpr%3D0%26gdpr_consent%3D%2526userId%253D%24UID HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=7552174661885202278 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=a4566147-148f-4800-8abb-b8d07b7d6973&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=1915452342602404608 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
Request Chain 162
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NGM1MGIwMjU5ZmZkOWYzZDYzYzg4MTRmNjk4YmFi&gdpr=0&gdpr_consent=
Request Chain 163
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=4c50b0259ffd9f3d63c8814f698bab&ex=freewheel.tv&gdpr=0&gdpr_consent=
Request Chain 174
  • https://adx.com.ru/viads-vast?vpaid=true&rolltype=outstream&referer=https%3A%2F%2Fask.fm%2Flycrastraw05&uid=8b1f2123-6d83-4d8f-ad47-06de7104bd67&cbb=2048271005 HTTP 302
  • https://adx.com.ru/viads-vast?confirm=1&referer=https%3A%2F%2Fask.fm%2Flycrastraw05&rolltype=content-roll&uid=8b1f2123-6d83-4d8f-ad47-06de7104bd67&vpaid=false
Request Chain 176
  • https://dmg.digitaltarget.ru/1/7205/i/i?a=945&e=8b1f2123-6d83-4d8f-ad47-06de7104bd67&i=1632048270 HTTP 307
  • https://dmg.digitaltarget.ru/awg/custom/7205/i/i?call_source=awg&a=945&e=8b1f2123-6d83-4d8f-ad47-06de7104bd67&i=1632048270
Request Chain 188
  • https://c1.adform.net/serving/cookie/match?party=14&cid=F6956387-2234-4DCC-A664-B7F021559DFF HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F6956387-2234-4DCC-A664-B7F021559DFF
Request Chain 189
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2010685131617161665
Request Chain 191
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9pVjhyI0TcymZLfwIVWd_w%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 192
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=656e6147-148f-4c00-95ba-047d7d98c16c
Request Chain 193
  • https://pixel.onaudience.com/?partner=214&mapped=F6956387-2234-4DCC-A664-B7F021559DFF HTTP 302
  • https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
  • https://tags.bluekai.com/site/33141?&id=06e18569725ef99b
Request Chain 194
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjY5NTYzODctMjIzNC00RENDLUE2NjQtQjdGMDIxNTU5REZG&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 195
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEB-ARIe0ebetWzlRQn5HYCE&google_cver=1
Request Chain 197
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6236202188917376246
Request Chain 198
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c4ee6147-148f-4400-bd1b-c0137ae18172&gdpr=0&gdpr_consent=
Request Chain 199
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e6d21897-77c4-4383-9f0a-fc391dcd53d0
Request Chain 200
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7552174661885202278&gdpr=0&gdpr_consent=
Request Chain 201
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F6956387-2234-4DCC-A664-B7F021559DFF&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Qdp5BV1E2uUk4czFqvgCWX3JKbOzdyM-~A&gdpr=0&gdpr_consent=
Request Chain 248
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHuEXTfdKx9AY=?cb=1874170799&pageUrl=https%3A%2F%2Fask.fm%2Flycrastraw05&duration=&id=&title=&url=&pi.width=400&pi.height=225&pi.viewable=1&eov=eov&scpid=54345&hp=1 HTTP 302
  • https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHuEXTfdKx9AY=?cb=1874170799&pageUrl=https%3A%2F%2Fask.fm%2Flycrastraw05&duration=&id=&title=&url=&pi.width=400&pi.height=225&pi.viewable=1&eov=eov&scpid=54345&hp=1&a.y_rid=ef842351-55b8-4d25-be40-492241ba44ec&a.is_yahoo=3&redirect_y=dHM9MTYzMjA0ODI3MzI5MC40NzkwMDQ6dXVpZD0iMjE2NTg3MDYxNzM0OTUxOTIwX19USU1FX18yMDIxLTA5LTE5KzAzJTNBNDQlM0EzMCI6YXBpZD1WQTkxNzU2NjIxLTE5MzYtMTFlYy1iNjZjLTA2OGNhOTNmMWI3MzpyZXF1ZXN0X2lkPWVmODQyMzUxLTU1YjgtNGQyNS1iZTQwLTQ5MjI0MWJhNDRlYw==
Request Chain 256
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1705485577&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Flycrastraw05&eov=eov&pi.width=400&pi.height=225&pi.viewable=1 HTTP 302
  • https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1705485577&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Flycrastraw05&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=0b3245fb-a994-4d68-bffe-7e809b900348&a.is_yahoo=3&redirect_y=dHM9MTYzMjA0ODI3MzI4Ni4yMzA3MTM6dXVpZD0iMjE2NTg3MDYxNzM0OTUxOTIwX19USU1FX18yMDIxLTA5LTE5KzAzJTNBNDQlM0EzMCI6YXBpZD1WQTkxNzU2NjIxLTE5MzYtMTFlYy1iNjZjLTA2OGNhOTNmMWI3MzpyZXF1ZXN0X2lkPTBiMzI0NWZiLWE5OTQtNGQ2OC1iZmZlLTdlODA5YjkwMDM0OA==
Request Chain 270
  • https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 271
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=309b7fe6-7282-4794-81be-0bd85dd04cb6 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=309b7fe6-7282-4794-81be-0bd85dd04cb6 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=4480dc6e-fe87-44d5-acba-ccec77bf627e&ssp=between&expires=30&user_group=5&bsw_param=309b7fe6-7282-4794-81be-0bd85dd04cb6 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=309b7fe6-7282-4794-81be-0bd85dd04cb6
Request Chain 272
  • https://px.adhigh.net/p/cm/btw HTTP 302
  • https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=u7b3omNlOKAR.AikABlF7_ahZmQ
Request Chain 273
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.betweendigital.com/match?bidder_id=114&external_user_id=031335c8d552ed242f81a912
Request Chain 274
  • https://sync.bumlam.com/?src=bw1&uid=9e892092-e903-5306-ad7d-a9bfcc3abd31 HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiRqZyKBlIFvp7KygpiJDllODkyMDkyLWU5MDMtNTMwNi1hZDdkLWE5YmZjYzNhYmQzMQ** HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiRqZyKBlIFvp7KygpiJDllODkyMDkyLWU5MDMtNTMwNi1hZDdkLWE5YmZjYzNhYmQzMaIBEJOrCjgZNhHspukAJZDIJDc* HTTP 302
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQABiRqZyKBmIkOWU4OTIwOTItZTkwMy01MzA2LWFkN2QtYTliZmNjM2FiZDMxogEQk6sKOBk2Eeym6QAlkMgkNw** HTTP 302
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQARiRqZyKBmIkOWU4OTIwOTItZTkwMy01MzA2LWFkN2QtYTliZmNjM2FiZDMxogEQk6sKOBk2Eeym6QAlkMgkNw** HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=18&external_user_id=93ab0a38-1936-11ec-a6e9-002590c82437
Request Chain 276
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YUcUkdb7XbajWacn3am5dQAABJAAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YUcUkdb7XbajWacn3am5dQAABJAAAAIB&dcc=t
Request Chain 277
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YUcUkdb7XbajWacn3am5dQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDFqeTomoQ_Ymc15KsMqfa4&google_cver=1&gdpr=1
Request Chain 278
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YUcUkdb7XbajWacn3am5dQAABJAAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPxZmSt5ln91K5Y64jMoYN4&google_cver=1
Request Chain 281
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 283
  • https://cm.ctnsnet.com/int/cm?exc=19&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=407174d116544d388dfede98d8164bc5&expiration=1634640273
Request Chain 285
  • https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F2064%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=7691283569 HTTP 302
  • https://sync.1rx.io/usersync3/centro/2064/ed2b088e-c783-4afa-979f-b886e4a939b8-6147148c-5553?zcc=0&sspret=1&rndcb=7691283569
Request Chain 286
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-iGxdz7pE2uHWgo0kMiaXFqhCrdu83ZBQFLHeaHk-~A
Request Chain 287
  • https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=9359d251-acf6-449e-aa1f-7a3ab56ed05e
Request Chain 288
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7552174661885202278
Request Chain 289
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=VA91756621-1936-11ec-b66c-068ca93f1b73 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=VA91756621-1936-11ec-b66c-068ca93f1b73
Request Chain 290
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Request Chain 291
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sonobi&uid=4f993473-8b2c-4562-8833-87e9f4dbf18f
Request Chain 292
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7552174661885202278
Request Chain 293
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=bf08edc6-a639-45b6-b095-52d4eb2b8e3a
Request Chain 294
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=031335c8d552ed242f81a912
Request Chain 305
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3575105492101173848
Request Chain 306
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=a4566147-148f-4800-8abb-b8d07b7d6973&gdpr=1&gdpr_consent=
Request Chain 307
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6853346731919031008&uid=Q6853346731919031008&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 308
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YUcUkdb7XbajWacn3am5dQAABJAAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YUcUkdb7XbajWacn3am5dQAABJAAAAIB&dcc=t
Request Chain 312
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7009593958061176981
Request Chain 315
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=F6956387-2234-4DCC-A664-B7F021559DFF&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=F6956387-2234-4DCC-A664-B7F021559DFF&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=F6956387-2234-4DCC-A664-B7F021559DFF&addseg=10,33,39
Request Chain 316
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=F6956387-2234-4DCC-A664-B7F021559DFF&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F6956387-2234-4DCC-A664-B7F021559DFF&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 318
  • https://loadm.exelator.com/load/?p=204&g=71&buid=F6956387-2234-4DCC-A664-B7F021559DFF&gdpr=0&gdpr_consent=&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=71&buid=F6956387-2234-4DCC-A664-B7F021559DFF&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
Request Chain 320
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=gRUpjYYQJd-aEHiLj0YwitUQeIiaFn7chhBTKUhF
Request Chain 321
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=309b7fe6-7282-4794-81be-0bd85dd04cb6&ssp=pubmatic&gdpr=0&gdpr_consent=
Request Chain 323
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YUcUjQACtM9MRQAR&gdpr=0&gdpr_consent=
Request Chain 324
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3575105492101173848&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 325
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=ed2b088e-c783-4afa-979f-b886e4a939b8-6147148c-5553&gdpr=0&gdpr_consent=
Request Chain 326
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:91d1afc0-34b6-4f2e-b5d1-cd4e9c3ec438&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 327
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dbetween%26bsw_param%3D309b7fe6-7282-4794-81be-0bd85dd04cb6%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=42f3481193e34a4c9aaa0052f81a14c3&ssp=between&bsw_param=309b7fe6-7282-4794-81be-0bd85dd04cb6&gdpr=&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=309b7fe6-7282-4794-81be-0bd85dd04cb6
Request Chain 328
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=4d443a3ea2&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=e6d21897-77c4-4383-9f0a-fc391dcd53d0&pubid=4d443a3ea2
Request Chain 329
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=309b7fe6-7282-4794-81be-0bd85dd04cb6&ssp=sonobi&gdpr=0&gdpr_consent=
Request Chain 330
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=a4566147-148f-4800-8abb-b8d07b7d6973
Request Chain 331
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=82fcd8ef-9100-4893-8d59-9f3243213f28&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=THJMWjd3OHVHQnp0OTNQR2tldjVnZw&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEBltiWxCgYZqiJzfyv0ZpKI&google_cver=1
Request Chain 332
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1871878973183544013
Request Chain 333
  • https://px.britepool.com/sync?p=sonobi&id=82fcd8ef-9100-4893-8d59-9f3243213f28&idtype=GOID&r=int.new.t HTTP 302
  • https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=08c013a4-aef9-4ae2-90f5-ced9e1d513b8
Request Chain 334
  • https://sync.1rx.io/usersync2/sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F1512%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=21089159 HTTP 302
  • https://sync.1rx.io/usersync3/appnexus/1512/7552174661885202278?zcc=0&sspret=1&rndcb=21089159 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-0afc7e10-ea87-479b-a08c-cdacc41f2960-003?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Drhythmxchange%26nuid%3DRX-0afc7e10-ea87-479b-a08c-cdacc41f2960-003 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-0afc7e10-ea87-479b-a08c-cdacc41f2960-003
Request Chain 335
  • https://id5-sync.com/s/434/9.gif?puid=82fcd8ef-9100-4893-8d59-9f3243213f28&gdpr=0&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOfz9-6Tqkj5ZToyqZB5_CQzBHk6OyrzeR4JoKwQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F434%2F916%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOfz9-6Tqkj5ZToyqZB5_CQzBHk6OyrzeR4JoKwQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F434%2F916%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/434/916/8/2.gif?puid=299b64fe-b325-4b53-acf2-d0e8df68f841&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F441%2F7%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/441/7/3.gif?puid=e_0f3baa1e-3ab5-43ab-92b5-d7a47ffba00f&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOfz9-6Tqkj5ZToyqZB5_CQzBHk6OyrzeR4JoKwQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F434%2F124%2F6%2F4.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/434/124/6/4.gif?puid=299b64fe-b325-4b53-acf2-d0e8df68f841&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F146%2F5%2F5.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 301
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F146%2F5%2F5.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F146%2F5%2F5.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/434/146/5/5.gif?puid=87118e62-2909-4f94-9436-2ce91b33752c&gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEPUhFo_47FO243AWp4bycR8&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEPUhFo_47FO243AWp4bycR8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=7552174661885202278&opid=apx&ops=&utidl=tech:goo:CAESEPUhFo_47FO243AWp4bycR8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A20808168499&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/434/19/3/7.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
Request Chain 337
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=ODJmY2Q4ZWYtOTEwMC00ODkzLThkNTktOWYzMjQzMjEzZjI4 HTTP 302
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEFsFE_nARe_dEvtr7Xi3CT4&google_cver=1
Request Chain 338
  • https://uipglob.semasio.net/sonobi/1/info?sType=sync&sExtCookieId=82fcd8ef-9100-4893-8d59-9f3243213f28&sInitiator=external HTTP 302
  • https://uipglob.semasio.net/sonobi/1/info2?sType=sync&sExtCookieId=82fcd8ef-9100-4893-8d59-9f3243213f28&sInitiator=external
Request Chain 340
  • https://sync.bumlam.com/?src=aid0 HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=93ab0a38-1936-11ec-a6e9-002590c82437 HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=93ab0a38-1936-11ec-a6e9-002590c82437&bounce=1 HTTP 302
  • https://sync.bumlam.com/?src=aid1&uid=wIQP1t5AYGseMgixBYNtKA& HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=wIQP1t5AYGseMgixBYNtKA&extra2=aidata HTTP 302
  • https://sync3.sniperlog.ru/?src=ggl&extra1=wIQP1t5AYGseMgixBYNtKA&extra2=aidata&google_gid=CAESEO97b7dC2Zs1c8KScirO7hM&google_cver=1 HTTP 301
  • https://sync.bumlam.com/?src=ggl&extra1=wIQP1t5AYGseMgixBYNtKA&extra2=aidata&google_gid=CAESEO97b7dC2Zs1c8KScirO7hM&google_cver=1 HTTP 302
  • https://an.yandex.ru/setud/adsniper/3c894ceb9fb7c1b0?sign=2949398396
Request Chain 341
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

333 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set lycrastraw05
ask.fm/ 		12 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ask.fm/lycrastraw05
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.138.77.145 , Latvia, ASN395754 (ASK-FM, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
a59cca72696c7253e4e87502491367e030a5a58de1faa41d18eb3258e9cf8448
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
ask.fm
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Status
410 Gone
Cache-Control
no-cache
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Date
Sun, 19 Sep 2021 10:44:28 GMT
Set-Cookie
locale=de; path=/; expires=Mon, 19 Sep 2022 16:44:28 GMT uuid=95477300-0821-400f-8ddc-c005e63ddea4; path=/; expires=Mon, 19 Sep 2022 16:44:28 GMT; secure; HttpOnly country=DE; path=/; expires=Mon, 19 Sep 2022 16:44:28 GMT _m_ask_fm_session=aGR4allLcTBQbmRxUSt4MnVpSnE1WlBqakNWUjhaMTBjQ0JNbkNvRlVwSUpraEttbEpaTkhNZFJUVXpRWExiWGZQK2ZPdGI5eGpEdW52dXlZNVZJa01oUFJzRm5IOElRM3hseW1DRTlHL3VPSFRFZnl6ODVtRnJvMVkwWWRmZisyQUxBWHNva2JtK1NZeUV5cEg0VmJRK1JmRi9jc2hMSXVuVTZCVm1va3dua2h4aUUyWmdHQkVrQndqdU1mcFBDQkhuT0pqUzU3V29na2dzVHA3ZEhUODBtbEptem1PS1Aza05uc1hSMnZXQ3RaMUhranNxTU5kNmRIb1BzMVpoTS0tSE44dVJaV1UvRFlxSmdGelRWemovUT09--9a6505ae3fd032f43b0d596793ed134678b81628; path=/; expires=Wed, 22 Sep 2021 10:44:28 GMT; secure; HttpOnly
Server
Ask.FM Web Service
Content-Security-Policy
frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security
max-age=63072000
application_ltr-17d6102ab96d43b12cd76221dfb4655761cb0628d4e94725072fa93ae0242472.css
d3r6ceqp4shltl.cloudfront.net/assets/ 		184 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-17d6102ab96d43b12cd76221dfb4655761cb0628d4e94725072fa93ae0242472.css
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-223.fra56.r.cloudfront.net
Software
Ask.FM Web Service /
Resource Hash
64287b4c9a2645226cada97f6bbacf523f0a96db01c234df59b58c8b1e8367fa
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:34:08 GMT
content-encoding
gzip
vary
Accept-Encoding
age
771020
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000
access-control-allow-origin
https://ask.fm
last-modified
Fri, 10 Sep 2021 12:31:16 GMT
server
Ask.FM Web Service
etag
W/"613b5014-2e006"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
via
1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
cache-control
public, max-age=315360000, immutable
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
7a24T9fGA66Uwvv7GT_I5n4O3epUsWeetavJ3YP_-MRL8OlRfby0jA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
application-5886a07fe08429a9a8f3c3ecc69f3c8a139a1bb50ed619f7465c053e2d7bdce7.js
d3r6ceqp4shltl.cloudfront.net/assets/ 		217 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3r6ceqp4shltl.cloudfront.net/assets/application-5886a07fe08429a9a8f3c3ecc69f3c8a139a1bb50ed619f7465c053e2d7bdce7.js
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-223.fra56.r.cloudfront.net
Software
Ask.FM Web Service /
Resource Hash
67eab82c51941ed21bedc57e9863fadaa5dbe7594a0768fb4fc1ccc77691ce24
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:34:08 GMT
content-encoding
gzip
vary
Accept-Encoding
age
771020
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000
access-control-allow-origin
https://ask.fm
last-modified
Fri, 10 Sep 2021 12:31:22 GMT
server
Ask.FM Web Service
etag
W/"613b501a-363ac"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
cache-control
public, max-age=315360000, immutable
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
8wPJthKg_s3IjXBwbXFDX7vUhzl4RYrvB_tnLa3Vyv9o2A7MV8_qiA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
askfm_4249.js
ads.vidoomy.com/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.vidoomy.com/askfm_4249.js
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.129.250.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-129-250-65.us-east-2.compute.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash
fc35b6a76bb702a8e0aa388cf7382965c14420dbe7399dbddab0941b33c4eb82

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:28 GMT
Server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By
PHP/7.0.33
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=300
Content-Length
5938
account-suspended.gif
d3r6ceqp4shltl.cloudfront.net/images/errors/ 		380 KB
380 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3r6ceqp4shltl.cloudfront.net/images/errors/account-suspended.gif
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-223.fra56.r.cloudfront.net
Software
Ask.FM Web Service /
Resource Hash
b570d38ee9fb9d3c62cdd3395021b23cf0c1b8d6e55aa0f4c31496723a30c202
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 15:38:28 GMT
via
1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
age
2747160
x-cache
Hit from cloudfront
content-length
388641
last-modified
Wed, 18 Aug 2021 12:19:47 GMT
server
Ask.FM Web Service
etag
"611cfae3-5ee21"
strict-transport-security
max-age=63072000
content-type
image/gif
cache-control
max-age=315360000, public
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
x-amz-cf-id
z_LdxY1qM9c339QE-2NpLA5mFZ4K2u0FiZk63wAmepe2KFBnDmmhhg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
v2doydDDr7mj6NrgHnAK5ak-qxBmJSRZTUAYuHM-2FpCgUsDt2NNH9aFlN0Jtm2lc
colossalcoat.com/ 		103 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://colossalcoat.com/v2doydDDr7mj6NrgHnAK5ak-qxBmJSRZTUAYuHM-2FpCgUsDt2NNH9aFlN0Jtm2lc
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
133.96.201.35.bc.googleusercontent.com
Software
/
Resource Hash
ae6b6597b5dbeb4d943924484c1bbace158b755e4f13b1527bf4e66860e0d73c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"7796c0b3069549379f0bb7e2e12b057a0e4c4c779190a66b7178ee145e3c6d43"
vary
Accept-Encoding, Accept-Language
x-hostname
a26589ac
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Sun, 19 Sep 2021 10:44:28 GMT
timing-allow-origin
*
tag.js
mc.yandex.ru/metrika/ 		191 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-5886a07fe08429a9a8f3c3ecc69f3c8a139a1bb50ed619f7465c053e2d7bdce7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
8a9820e7a05173822b9285ee2c2815e16b058bd2c40bc7ca8ba5387f7a6840ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:28 GMT
content-encoding
br
last-modified
Thu, 16 Sep 2021 17:17:01 GMT
etag
"614349a8-1031b"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
66331
expires
Sun, 19 Sep 2021 11:44:28 GMT
551620.jpg
d16vsmxl4d5tw1.cloudfront.net/9db/27005/611a/4e58/acc3/387a15a69fc9/thumb/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/9db/27005/611a/4e58/acc3/387a15a69fc9/thumb/551620.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-224.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eae97793e78261613f01b2fd2ba98c6ed748ceb1741d47c38b12127940df136f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:07 GMT
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
last-modified
Fri, 25 May 2018 10:23:58 GMT
server
AmazonS3
age
22
etag
"4e9be8471883d9d210d993025fb4ffda"
x-cache
Hit from cloudfront
x-amz-version-id
.0colUn1LWrK486IhIZdKQ3AjeNjIPdh
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
4459
x-amz-cf-id
SCGnlky3K4Kc68YQV70vGsxzZ6gH4uQlOpU6MWD_LA6RRXd9kRULtw==
15127.jpg
d16vsmxl4d5tw1.cloudfront.net/a4e/81e8a/9bc9/443e/bfd0/065e7b18c5a9/thumb/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/a4e/81e8a/9bc9/443e/bfd0/065e7b18c5a9/thumb/15127.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-224.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
29fd98e701df1e6eb21877660f19fceb13f2503b1285a9b8b5339387f4221b36

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:34:00 GMT
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
last-modified
Sun, 06 Oct 2019 14:35:51 GMT
server
AmazonS3
age
629
etag
"ae45f1669d53ae2a37dfcf5836fdf2e2"
x-edge-origin-shield-skipped
0
x-amz-version-id
UM9LM3vicgpqTlhzz6MhiSvtv1FIkK5u
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
2406
x-amz-cf-id
-qDdR6dQgytZKA8SLy6KVx6M9r3PT6cvP3Ip6kZucIPscxvLw1yLDw==
3944179.jpg
d16vsmxl4d5tw1.cloudfront.net/8a4/0a85f/7276/4cc4/bda0/89d19bacf02b/thumb/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/8a4/0a85f/7276/4cc4/bda0/89d19bacf02b/thumb/3944179.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-224.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
faf7d60b05dcf53516a1bfc1b8f3e2e4906d7496a26376bf2c4ba03abb957eb4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 02:53:38 GMT
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
last-modified
Sat, 16 Sep 2017 23:28:12 GMT
server
AmazonS3
age
28251
etag
"507934e6e4a0ac503678d87d4c8921bd"
x-cache
Hit from cloudfront
x-amz-version-id
JELdrFXM1M0XIBkodbu8lj_Ot6S_7kqZ
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
4580
x-amz-cf-id
WrzaBMvkmM_dTySzR50eLvA1NQgoswaL6_biwW05G7GNaR-YKZ8ReQ==
45598.jpg
dbq8hrmshvuto.cloudfront.net/d49/31004/057d/4dde/8960/521ce9a6c920/thumb/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dbq8hrmshvuto.cloudfront.net/d49/31004/057d/4dde/8960/521ce9a6c920/thumb/45598.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-165.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9cd195601e09b99f750a06fc080e51c657cb34fc25fd02f654d219c2dcf1423c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 20:34:00 GMT
via
1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
last-modified
Tue, 21 Jan 2020 18:10:52 GMT
server
AmazonS3
age
51029
etag
"e35274d3d1c794f0146f7613999ee170"
x-cache
Hit from cloudfront
x-amz-version-id
L_0a0f.n9qwuQtTKfOHq0h..o2_zwwBd
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
image/jpeg
content-length
5630
x-amz-cf-id
Xr9hsEtDmOxnlG875Xq5U134a8YwLJ3yb6NPhTFnI4TEXUDfMq41qQ==
7385.jpg
d16vsmxl4d5tw1.cloudfront.net/3b2/c6534/00c9/487d/a9f7/85eef5bd011f/thumb/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/3b2/c6534/00c9/487d/a9f7/85eef5bd011f/thumb/7385.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-224.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1d10c0a4f06fd57f9cb66c5e491e735f39b3e42370aba499c167ba710dee2736

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:38:34 GMT
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
last-modified
Wed, 02 Oct 2019 19:57:50 GMT
server
AmazonS3
age
355
etag
"60baec3ddd7b52033aa8840458578702"
x-cache
Hit from cloudfront
x-amz-version-id
klhmdDJaojIkdaH6wTz0ottvlL0akkx1
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
3432
x-amz-cf-id
JvKEaGh8--I9Tjvm_i_Nv3e97zGZXvcFxkSTsgaKwRa7s2rXwyez6Q==
16108.png
dbq8hrmshvuto.cloudfront.net/d8e/568df/52ba/4208/a2cc/236c9d824408/thumb/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dbq8hrmshvuto.cloudfront.net/d8e/568df/52ba/4208/a2cc/236c9d824408/thumb/16108.png
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-165.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8a9be8bfc8419ebe2537d3f167ad5587714482dee40c092558b802710ac0a989

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 17:14:52 GMT
via
1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
last-modified
Tue, 07 Sep 2021 08:22:36 GMT
server
AmazonS3
age
62977
etag
"fc71fcd7e30e510df9fc71dc4971a2c4"
x-cache
Hit from cloudfront
x-amz-version-id
4hIJ7PAP90zeXL7.UufLZjGObnlpLuXg
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
image/png
content-length
15018
x-amz-cf-id
t9HK8_BkDmuLjb2zPHLx811Mp1TnPMnoRGWKo1vR2p6pfeCAiRCpzA==
313727.jpg
d16vsmxl4d5tw1.cloudfront.net/6df/09cb3/8cca/4f7d/b84d/6d192d733c18/thumb/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/6df/09cb3/8cca/4f7d/b84d/6d192d733c18/thumb/313727.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-224.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
92345f3e8fd3a1799dd256ab4a4ac5abb4fb44a733796defe8c694ebc00fde59

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:07 GMT
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
last-modified
Sat, 12 May 2018 16:09:42 GMT
server
AmazonS3
age
22
etag
"d32c5fc34087e3a0c23f9dad93c2a643"
x-cache
Hit from cloudfront
x-amz-version-id
yGdJuJsxiyCmgiX_3mMZFLM1kzKTXMRd
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
4371
x-amz-cf-id
ZYpm1fmTIKZNRqfQPuA6XPLhjHcJeqGc8WgtPeTpS76bNsX45rWb8w==
photo.jpg
dbq8hrmshvuto.cloudfront.net/assets2/033/822/569/472/normal/ 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dbq8hrmshvuto.cloudfront.net/assets2/033/822/569/472/normal/photo.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-165.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0aa30a272e507b84107d5fde0d3520d6ba45266a7140e33d87397ee9fe87e19d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 15:51:29 GMT
via
1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
last-modified
Fri, 27 Jun 2014 03:04:52 GMT
server
AmazonS3
age
67980
etag
"f992fd3ed84f9fbfc07b3dd3166de9a5"
x-cache
Hit from cloudfront
x-amz-version-id
null
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
image/jpeg
content-length
62611
x-amz-cf-id
X9kXIbx39Ihg_2U1le9tVGB9DR9muDr3_gZmaokqJAOd0qCdwWzYlQ==
expires
Mon, 01 Jan 2024 00:00:00 GMT
206067.jpg
d16vsmxl4d5tw1.cloudfront.net/d49/384f3/ca35/42fd/a764/a7414d901462/thumb/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/d49/384f3/ca35/42fd/a764/a7414d901462/thumb/206067.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-224.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24520828af527af21f4bfa4b53d2f0b98633c6ee0f067d3fb8660ad0bd848aa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:29 GMT
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
last-modified
Sat, 03 Nov 2018 01:12:40 GMT
server
AmazonS3
x-edge-origin-shield-skipped
0
etag
"10626902c9760305ed6232fb15f8f3d2"
x-cache
Miss from cloudfront
x-amz-version-id
hcKAX0I63wsKoleU1v.ACQWaNNSHSe0o
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
5002
x-amz-cf-id
lT6S3efUyhw9uweMt0mtngnm8cR1j_WPuAnDHCuT8pSkO-LbBaadFw==
134270.jpg
d16vsmxl4d5tw1.cloudfront.net/2c8/dc5af/604f/4ed0/8a22/d14bd66cefcc/thumb/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/2c8/dc5af/604f/4ed0/8a22/d14bd66cefcc/thumb/134270.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-224.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e8cf878439fe3eeac2af6117e89c70c9171ed5b8d91280fdaa90eb507bcc14c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 14:16:05 GMT
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
last-modified
Tue, 02 Oct 2018 04:51:15 GMT
server
AmazonS3
age
73704
etag
"26d68ad2fbab9b16fc8794fd3b92556f"
x-cache
Hit from cloudfront
x-amz-version-id
2PX3fCHcMWlU.eWr.3.BwW1PCiulL4sj
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
2581
x-amz-cf-id
OBQdIOGZFntUyHo4OrnIfXJO344N0PWCZm1A3m3QlSnJiCvXoDlO-g==
58244.jpg
d16vsmxl4d5tw1.cloudfront.net/241/bedaf/de32/4094/9b7d/4b48c0ddd569/thumb/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/241/bedaf/de32/4094/9b7d/4b48c0ddd569/thumb/58244.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-224.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
46dc458344b1457dd37d1d26b7abd0805791375c213d5b3dd3028d57c8272d40

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:29 GMT
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
last-modified
Wed, 20 Nov 2019 09:00:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"aaadd1fd9a4143ae624ddaeae7442180"
x-cache
Miss from cloudfront
x-amz-version-id
m340o7LRpIZGDhZXavGmY1qTGnDvtorJ
x-amz-storage-class
REDUCED_REDUNDANCY
accept-ranges
bytes
content-type
image/jpeg
content-length
5200
x-amz-cf-id
GxIb3XR1_cQuMKgD1-mnj6OZPp79IUXXWtJ0Jsw-cNGJZsGBWogSYQ==
220592.jpg
d16vsmxl4d5tw1.cloudfront.net/1dd/c0790/8cc7/4a05/b320/0bb0a7766236/thumb/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/1dd/c0790/8cc7/4a05/b320/0bb0a7766236/thumb/220592.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-224.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
da6bbf37241c9e0c4835441b408a729531bce734425a6b6692d33da138c19e19

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 20:45:25 GMT
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
last-modified
Thu, 29 Nov 2018 17:10:15 GMT
server
AmazonS3
age
50343
etag
"aa14e2d2568d8946bd4597b0284785ce"
x-cache
Hit from cloudfront
x-amz-version-id
Vbvje_3WcqLP2li9m.VZsuhJHmtBqzz_
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
2285
x-amz-cf-id
OPvNwnafTpi70Q4nrv5CuE4AhZIXtvoJYrrZX9AXQnEEbftpgs3F-Q==
16506.jpg
d16vsmxl4d5tw1.cloudfront.net/c98/21aa4/6a59/4ceb/ad4e/51d9bb7e63ce/thumb/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/c98/21aa4/6a59/4ceb/ad4e/51d9bb7e63ce/thumb/16506.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-224.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37dc6349b0c7e3f0136a63ca4d6fb646599963eaac9595a1e93927f6196af734

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
EXru9QaTe9TIXpe3mKGD8fd9xhjMn.B6
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
last-modified
Mon, 04 Nov 2019 22:21:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"28566c8e6245167caadc044079eb7c1d"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
x-amz-storage-class
REDUCED_REDUNDANCY
date
Sun, 19 Sep 2021 10:44:29 GMT
accept-ranges
bytes
content-length
4788
x-amz-cf-id
1dxQTROpa-kbACF_cSMpK9IOFasVimZC4hFPxqH5Hw26Kpk8BM8A2g==
200750.jpg
d16vsmxl4d5tw1.cloudfront.net/110/4de6e/1441/48fd/a4b5/de5e4adeab13/thumb/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/110/4de6e/1441/48fd/a4b5/de5e4adeab13/thumb/200750.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-224.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
103574d6ba5bb76a44dc4a2820c2b48a3cc8e53aec735ce81d7537ac1312d107

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 17:55:14 GMT
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
last-modified
Fri, 27 Sep 2019 00:15:32 GMT
server
AmazonS3
age
60554
etag
"7db3b5d3b02e65bc9e00ee9d2f0bb9ab"
x-cache
Hit from cloudfront
x-amz-version-id
ShVustbS4FFr0zdM2MTOCsx_uQLMr9rI
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
2271
x-amz-cf-id
JJTGq5zdlyio960ls0WoA7Sgia4iD20eL-kV9_AdmEmnQgS4B707zw==
250933.jpg
d16vsmxl4d5tw1.cloudfront.net/ac9/61bbf/d5ea/4737/84e6/9a9941742928/thumb/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/ac9/61bbf/d5ea/4737/84e6/9a9941742928/thumb/250933.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-224.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a00cf65999cec39f3cccd0aafebf075a26b3418a7e63de815b4c63f188bab71a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:29 GMT
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
last-modified
Wed, 09 May 2018 09:13:24 GMT
server
AmazonS3
x-edge-origin-shield-skipped
0
etag
"91e74df5b2f592f751a38889000370f3"
x-cache
Miss from cloudfront
x-amz-version-id
4kUg4O1Gp_IRB02q5IGGRR7YFT_4d7Al
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
2747
x-amz-cf-id
2SCMAkt5CwJofSRqIWemttarrN41ukE4Mdn9G-J7YEGWm8DC7X3gOg==
39329.jpg
d16vsmxl4d5tw1.cloudfront.net/551/5cdd1/4e81/4809/ab94/7a637e3683b2/thumb/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/551/5cdd1/4e81/4809/ab94/7a637e3683b2/thumb/39329.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-224.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
777bdd612275969868adc85cd970c0bf400897e46021fe666b547bbf946f5a3d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:29 GMT
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
last-modified
Sat, 28 Sep 2019 10:37:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"9b6d25e0426b2a5abfb06296b188f47f"
x-cache
Miss from cloudfront
x-amz-version-id
5MbM9bwlbrR5vMGWK7KgBGqE1BMePd2R
x-amz-storage-class
REDUCED_REDUNDANCY
accept-ranges
bytes
content-type
image/jpeg
content-length
3413
x-amz-cf-id
vdEgv_PR-YQvL4pN0VaEYiUPzFCoWIGm-ClH22JntrrozSDmUVku3Q==
9668.jpg
d16vsmxl4d5tw1.cloudfront.net/807/60bf3/f1c8/4062/ba98/95d9226cc894/thumb/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/807/60bf3/f1c8/4062/ba98/95d9226cc894/thumb/9668.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-224.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b284f4f7a795580338fa3c7e56e5d34d3da02e3c0949754741acc62789f9b743

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 14:16:05 GMT
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
last-modified
Tue, 03 Dec 2019 18:02:17 GMT
server
AmazonS3
age
73704
etag
"a22598b2fa758e046def0c261f710ebe"
x-cache
Hit from cloudfront
x-amz-version-id
smG_8aFq_wEXm5PLpTDoKXmWHqL9pvgx
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
3376
x-amz-cf-id
bmco1ul6jUKkoFpadb-w_PLZiYXJda-jiLd76BSxUImqVvOb5fv9Uw==
1459624.jpg
d16vsmxl4d5tw1.cloudfront.net/69e/eeea5/7247/45c8/a6e6/a0c7543eeaeb/thumb/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/69e/eeea5/7247/45c8/a6e6/a0c7543eeaeb/thumb/1459624.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-224.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0012ac0ff25413fc10aee0f5c3a50b5a8fb7e60a9e8ffd100e1ac7423ac230d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:29 GMT
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
last-modified
Fri, 28 Dec 2018 20:55:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"5d0650a5441923334011205159d7d174"
x-cache
Miss from cloudfront
x-amz-version-id
dhDGDTUW32b6.MlGcPjRzYjbKb16YPXv
x-amz-storage-class
REDUCED_REDUNDANCY
accept-ranges
bytes
content-type
image/jpeg
content-length
3853
x-amz-cf-id
cgDaSPl831JdRr74pl_VW7MYe_u7SmvTKOj8FH9Ax3z3hnTBpqLjiw==
20510.jpg
d16vsmxl4d5tw1.cloudfront.net/240/1d1e5/607c/4d49/9ae6/4f9a8c86d3a2/thumb/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/240/1d1e5/607c/4d49/9ae6/4f9a8c86d3a2/thumb/20510.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-224.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7fa53953fd497042fca425fdb560a6969517844da28633e0775b27466423edb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 01:51:23 GMT
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
last-modified
Thu, 15 Aug 2019 19:08:52 GMT
server
AmazonS3
age
31986
etag
"9603f63fb58d6081710d71690aad6d22"
x-cache
Hit from cloudfront
x-amz-version-id
l8MOQ.m67FDm69maszHYMXEdpZKdTK4h
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
1840
x-amz-cf-id
9SwOp4YYbdXz9ko_SQjluGzyklkMXHuHhOBAYDAWACsilGXJsc00Hw==
8937.jpg
d16vsmxl4d5tw1.cloudfront.net/c07/0df07/5483/4347/a210/b3cb1eb7b8e6/thumb/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/c07/0df07/5483/4347/a210/b3cb1eb7b8e6/thumb/8937.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-224.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fc274b274277e16849345b55e1f7f726dd2af16df68aac563da65364c5acdd0a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:29 GMT
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
last-modified
Fri, 15 Nov 2019 03:11:51 GMT
server
AmazonS3
x-edge-origin-shield-skipped
0
etag
"a1db771e3a9c12940dd2b89753d28085"
x-cache
Miss from cloudfront
x-amz-version-id
xfbPVficJQvLEa_c6gdT5qRFaHGztM7V
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
1976
x-amz-cf-id
yHVRw33AXTFuq5P_K5Pd4cL8VwRBVnLHxSu5YRy_XRiziooZKGCH2Q==
38721.jpg
dbq8hrmshvuto.cloudfront.net/f43/3e990/9f33/4b01/b344/7cb5f8dedad8/thumb/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dbq8hrmshvuto.cloudfront.net/f43/3e990/9f33/4b01/b344/7cb5f8dedad8/thumb/38721.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-165.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dd7534b74da675c6894627f9037f0f37f79ed31cc23d0b1087c53c5b0d1ef793

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:29 GMT
via
1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
last-modified
Thu, 16 Apr 2020 23:50:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"9bb07f3f42ae6f806ee8fbc05d2e94f7"
x-cache
Miss from cloudfront
x-amz-version-id
6rOWn6JlgpVK4XBGUy8xLjKmFy_UXtIb
x-amz-storage-class
REDUCED_REDUNDANCY
accept-ranges
bytes
content-type
image/jpeg
content-length
4311
x-amz-cf-id
uO2s7-w_C2XU4l2qMhgbjDaR1x3E7gm4im2UdM8YrfmKhTso8x4tgw==
158832.jpg
d16vsmxl4d5tw1.cloudfront.net/259/aa980/586c/4421/842f/798744e0ff3f/thumb/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/259/aa980/586c/4421/842f/798744e0ff3f/thumb/158832.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-224.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f50650870c808b86b5ec8ede776f7660b070cd57938f2be1cb2647ebe7c6fd2c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
AcqgzvHAf98f6QIxAXAirqG7vmd3Gkpo
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
last-modified
Wed, 21 Nov 2018 14:24:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"c3b8e1e867911015e6053f1e34fd2dc5"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-storage-class
REDUCED_REDUNDANCY
date
Sun, 19 Sep 2021 10:44:28 GMT
accept-ranges
bytes
content-length
2175
x-amz-cf-id
hzsSt8IJEZZujqR7VHcstNCZGMWmLfduBAg8cEX-7SJ4Gt2Uk8zRXg==
88003.jpg
d16vsmxl4d5tw1.cloudfront.net/21c/ed8ad/5a5c/4775/91ca/15cc3169d3e1/thumb/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/21c/ed8ad/5a5c/4775/91ca/15cc3169d3e1/thumb/88003.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-224.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5cc6e868a54fc5204b1fe4b960dedddabf6b6254952e5b8f9bd018edef3dcb50

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 18:02:27 GMT
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
last-modified
Fri, 06 Sep 2019 08:38:41 GMT
server
AmazonS3
age
60122
etag
"d32ff2fd4201e9361a90d1b70b73ff27"
x-cache
Hit from cloudfront
x-amz-version-id
Ulhr5hR9J_JKM5LpdFWBBJfl1YbJ3fH6
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
2681
x-amz-cf-id
OcbXLdakOTPKpegKk3ZvVW9VJUSXvjzffOo7pDTAb4RZNCqhZ6G4Zw==
45234.jpg
d16vsmxl4d5tw1.cloudfront.net/d43/4229f/5db9/49d3/8bd9/76cec119c0dc/thumb/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/d43/4229f/5db9/49d3/8bd9/76cec119c0dc/thumb/45234.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-224.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
475e1030c91148f296928cd904368353e0d0ba1f7d5ae7019dad9e3f37c02954

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 14:18:45 GMT
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
last-modified
Mon, 03 Sep 2018 11:26:29 GMT
server
AmazonS3
age
73544
etag
"6f83cdef9fd65355f23d56dd498ea583"
x-cache
Hit from cloudfront
x-amz-version-id
eNuf9xJ6KE6C7scM9Za.duvGUdxTxhRZ
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
3875
x-amz-cf-id
ubm4yw9N8osMnl7ZiijR-8_XY2LM5K3gabzG85cXfGjBsb-hoGR5Lw==
65451.jpg
dbq8hrmshvuto.cloudfront.net/fda/f5dba/62c6/44da/9ea8/54f60193d4e9/thumb/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dbq8hrmshvuto.cloudfront.net/fda/f5dba/62c6/44da/9ea8/54f60193d4e9/thumb/65451.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-165.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6140b5825a17e761bd661114496469788b01f3213d98fa10d36becb52c250fff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 15:32:54 GMT
via
1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
last-modified
Mon, 10 Aug 2020 03:13:47 GMT
server
AmazonS3
age
69095
etag
"919f799192d6b4082000cb415905947b"
x-cache
Hit from cloudfront
x-amz-version-id
IRd2D7Y5MdRxDuOWIH7bIPUFL.UlANRD
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
image/jpeg
content-length
3545
x-amz-cf-id
qRjV448SjYmvRBqFjcybBER_sftueJBhANBnKTKwOM_o2v6nPgm6EA==
fontello-6de8dcc952e62df3b6c6537122b71ee61f92674b1ae412f27efae801f9d65884.woff2
d3r6ceqp4shltl.cloudfront.net/assets/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3r6ceqp4shltl.cloudfront.net/assets/fontello-6de8dcc952e62df3b6c6537122b71ee61f92674b1ae412f27efae801f9d65884.woff2
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-17d6102ab96d43b12cd76221dfb4655761cb0628d4e94725072fa93ae0242472.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-223.fra56.r.cloudfront.net
Software
Ask.FM Web Service /
Resource Hash
4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-17d6102ab96d43b12cd76221dfb4655761cb0628d4e94725072fa93ae0242472.css
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:34:09 GMT
via
1.1 4360596ad590d8363ce70eb7bf282e43.cloudfront.net (CloudFront)
age
771019
x-cache
Hit from cloudfront
access-control-max-age
3000
content-length
17880
last-modified
Fri, 10 Sep 2021 12:31:15 GMT
server
Ask.FM Web Service
etag
"613b5013-45d8"
strict-transport-security
max-age=63072000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
https://ask.fm
cache-control
public, max-age=315360000, immutable
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
x-amz-cf-id
669KDl2E7TrLG_lzfBS6sFVRQQaaVP8YrsPpWMoO2CEWqXaoxw_9Gw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
proximanova-semibold-a2a83f94ebfbd8389d8941dd31fce0d6de92ab5054d892a53d3cf495980ce7de.woff2
d3r6ceqp4shltl.cloudfront.net/assets/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3r6ceqp4shltl.cloudfront.net/assets/proximanova-semibold-a2a83f94ebfbd8389d8941dd31fce0d6de92ab5054d892a53d3cf495980ce7de.woff2
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-17d6102ab96d43b12cd76221dfb4655761cb0628d4e94725072fa93ae0242472.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-223.fra56.r.cloudfront.net
Software
Ask.FM Web Service /
Resource Hash
41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-17d6102ab96d43b12cd76221dfb4655761cb0628d4e94725072fa93ae0242472.css
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:34:09 GMT
via
1.1 4360596ad590d8363ce70eb7bf282e43.cloudfront.net (CloudFront)
age
771019
x-cache
Hit from cloudfront
access-control-max-age
3000
content-length
25400
last-modified
Fri, 10 Sep 2021 12:31:22 GMT
server
Ask.FM Web Service
etag
"613b501a-6338"
strict-transport-security
max-age=63072000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
https://ask.fm
cache-control
public, max-age=315360000, immutable
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
x-amz-cf-id
0yKfQQVK_zET851ftGDhPs3Qz0EqsvYPiBwPjmDfmr8xTXdA9BwlZQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
proximanovareg-160969822c078cfce7f0e80a45d30a168b9e4b202f5c2480a520bd09e47df7de.woff2
d3r6ceqp4shltl.cloudfront.net/assets/ 		51 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3r6ceqp4shltl.cloudfront.net/assets/proximanovareg-160969822c078cfce7f0e80a45d30a168b9e4b202f5c2480a520bd09e47df7de.woff2
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-17d6102ab96d43b12cd76221dfb4655761cb0628d4e94725072fa93ae0242472.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-223.fra56.r.cloudfront.net
Software
Ask.FM Web Service /
Resource Hash
98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-17d6102ab96d43b12cd76221dfb4655761cb0628d4e94725072fa93ae0242472.css
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:34:09 GMT
via
1.1 4360596ad590d8363ce70eb7bf282e43.cloudfront.net (CloudFront)
age
771019
x-cache
Hit from cloudfront
access-control-max-age
3000
content-length
52204
last-modified
Fri, 10 Sep 2021 12:31:15 GMT
server
Ask.FM Web Service
etag
"613b5013-cbec"
strict-transport-security
max-age=63072000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
https://ask.fm
cache-control
public, max-age=315360000, immutable
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
x-amz-cf-id
HXKNU8rKfycbkL2qn5XVeUYm1PCWYfhk10E2-nOW8MDVmmstfOdLYg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
skeleton.gif
static.adsafeprotected.com/ 		43 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.37.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-37-161.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:28 GMT
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
nginx/1.16.1
age
16115587
etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-cache-status
HIT
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
content-length
43
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9401.pnGcAikYK9Mi961lMGVd3-cgfza-fL5i49kFX2qNIRO3hTcUFPHzwJgK5mDRDJ1H.UYphlb2hhgKPORrEQ7Ho1rie2jM%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9401.bPojp0JScTbDiQ_A375aKF8X-dB3VXdGuyIKnQlmekrY69gFrHysaKBSLs_BlL6DmLSMlByXmHuA5WB7V4A2-g%2C%2C.4aPmggkg_abnLJdt9u0tKBdsltM%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9401.bPojp0JScTbDiQ_A375aKF8X-dB3VXdGuyIKnQlmekrY69gFrHysaKBSLs_BlL6DmLSMlByXmHuA5WB7V4A2-g%2C%2C.4aPmggkg_abnLJdt9u0tKBdsltM%2C
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:28 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9401.bPojp0JScTbDiQ_A375aKF8X-dB3VXdGuyIKnQlmekrY69gFrHysaKBSLs_BlL6DmLSMlByXmHuA5WB7V4A2-g%2C%2C.4aPmggkg_abnLJdt9u0tKBdsltM%2C
date
Sun, 19 Sep 2021 10:44:28 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:28 GMT
last-modified
Thu, 16 Sep 2021 17:17:01 GMT
etag
"614351dd-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sun, 19 Sep 2021 11:44:28 GMT
1
mc.yandex.com/watch/48953915/
Redirect Chain
  • https://mc.yandex.com/watch/48953915?wmode=7&page-url=https%3A%2F%2Fask.fm%2Flycrastraw05&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A747%3Afu%3A0%3Aen%3Autf-8%3A...
  • https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Flycrastraw05&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A747%3Afu%3A0%3Aen%3Autf-8%...
383 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Flycrastraw05&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A747%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A644%3Acn%3A1%3Adp%3A0%3Als%3A802044181640%3Ahid%3A168314377%3Az%3A0%3Ai%3A202109190104428%3Aet%3A1632048269%3Ac%3A1%3Arn%3A94775074%3Arqn%3A1%3Au%3A1632048269587269209%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1632048267662%3Ads%3A0%2C330%2C275%2C1%2C0%2C0%2C%2C97%2C4%2C%2C%2C%2C706%3Adsn%3A0%2C330%2C275%2C1%2C0%2C0%2C%2C100%2C3%2C%2C%2C%2C707%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1632048269%3At%3AAccount%20Suspended%20-%20Ask.fm
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
2548d480fc7d02eb909e4594827dbd2ce11aa98590b963d050795a273629a044
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 19-Sep-2021 10:44:28 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
383
x-xss-protection
1; mode=block
expires
Sun, 19-Sep-2021 10:44:28 GMT

Redirect headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:28 GMT
last-modified
Sun, 19-Sep-2021 10:44:28 GMT
location
/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Flycrastraw05&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A747%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A644%3Acn%3A1%3Adp%3A0%3Als%3A802044181640%3Ahid%3A168314377%3Az%3A0%3Ai%3A202109190104428%3Aet%3A1632048269%3Ac%3A1%3Arn%3A94775074%3Arqn%3A1%3Au%3A1632048269587269209%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1632048267662%3Ads%3A0%2C330%2C275%2C1%2C0%2C0%2C%2C97%2C4%2C%2C%2C%2C706%3Adsn%3A0%2C330%2C275%2C1%2C0%2C0%2C%2C100%2C3%2C%2C%2C%2C707%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1632048269%3At%3AAccount%20Suspended%20-%20Ask.fm
strict-transport-security
max-age=31536000
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sun, 19-Sep-2021 10:44:28 GMT
formats.js
ad.lkqd.net/vpaid/ Frame 7A2A 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:28 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1632048268.cds017.fr8.hn,1632048268.cds289.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
formats.js
ad.lkqd.net/vpaid/ Frame C674 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:28 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1632048268.cds017.fr8.hn,1632048268.cds289.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
cookie
a.vidoomy.com/api/rtbserver/ Frame E086
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=ed2b088e-c783-4afa-979f-b886e4a939b8-6147148c-5553&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=ed2b088e-c783-4afa-979f-b886e4a939b8-6147148c-5553&partner_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3D...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=ed2b088e-c783-4afa-979f-b886e4a939b8-6147148c-5553&partner_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%...
  • https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=ed2b088e-c783-4afa-979f-b886e4a939b8-6147148c-5553
43 B
332 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=ed2b088e-c783-4afa-979f-b886e4a939b8-6147148c-5553
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.90.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-90-134.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

:method
GET
:authority
a.vidoomy.com
:scheme
https
:path
/api/rtbserver/cookie?i=CEN&uid=ed2b088e-c783-4afa-979f-b886e4a939b8-6147148c-5553
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ask.fm/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

date
Sun, 19 Sep 2021 10:44:29 GMT
content-type
image/gif
content-length
43
content-encoding
none
set-cookie
vidoomy-uids=eyJ1aWRzIjp7IkNFTiI6eyJ1aWQiOiJlZDJiMDg4ZS1jNzgzLTRhZmEtOTc5Zi1iODg2ZTRhOTM5YjgtNjE0NzE0OGMtNTU1MyIsImV4cGlyZXMiOjE2MzQ2NDAyNjl9fX0=; Path=/; Domain=vidoomy.com; Expires=Mon, 19 Sep 2022 10:44:29 GMT; Secure; SameSite=None
vary
Origin

Redirect headers

date
Sun, 19 Sep 2021 10:44:29 GMT
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie
TapAd_TS=1632048269101;Expires=Thu, 18 Nov 2021 10:44:29 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=94c063c7-898c-49fe-a5d3-9b6d9f6b0000;Expires=Thu, 18 Nov 2021 10:44:29 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_3WAY_SYNCS=;Expires=Thu, 18 Nov 2021 10:44:29 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=ed2b088e-c783-4afa-979f-b886e4a939b8-6147148c-5553
content-length
0
via
1.1 google
alt-svc
clear
p2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=954547&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va...
  • https://sb.scorecardresearch.com/p2?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=954547&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=v...
64 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=954547&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va&ns_st_cl=0&ns_st_pt=0&c3=vidoomynet&c4=&c6=&ns_ts=1632048268
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-12.fra6.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:28 GMT
via
1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
wNMjp7Ra6pu0HFvHxDTwqDqcPIhn8EF_qFKb_6SCkhvtEZkeOg7p4A==

Redirect headers

date
Sun, 19 Sep 2021 10:44:28 GMT
via
1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/p2?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=954547&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va&ns_st_cl=0&ns_st_pt=0&c3=vidoomynet&c4=&c6=&ns_ts=1632048268
content-length
281
x-amz-cf-id
fegaLTflSnN4XEQTp8t0_QYzTfTH7Hcty_wZQRgge04heY0wtZcG5Q==
sync
odr.mookie1.com/t/v2/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=6336512.3865259941882040986.8194181
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=6336512.3865259941882040986.8194181
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=309b7fe6-7282-4794-81be-0bd85dd04cb6&ssp=vidoomy&gdpr=&gdpr_consent=
43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=309b7fe6-7282-4794-81be-0bd85dd04cb6&ssp=vidoomy&gdpr=&gdpr_consent=
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:28 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=309b7fe6-7282-4794-81be-0bd85dd04cb6&ssp=vidoomy&gdpr=&gdpr_consent=
Date
Sun, 19 Sep 2021 10:44:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://sync.1rx.io/usersync2/vidoomy?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8651987332
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8651987332
  • https://sync.1rx.io/usersync/tradedesk/e6d21897-77c4-4383-9f0a-fc391dcd53d0
  • https://sync.targeting.unrulymedia.com/csync/RX-0afc7e10-ea87-479b-a08c-cdacc41f2960-003?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3DRX-0afc7e10-ea87-479b-a08c-cda...
  • https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=RX-0afc7e10-ea87-479b-a08c-cdacc41f2960-003
43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=RX-0afc7e10-ea87-479b-a08c-cdacc41f2960-003
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.90.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-90-134.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:29 GMT
content-encoding
none
content-length
43
vary
Origin
content-type
image/gif

Redirect headers

location
https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=RX-0afc7e10-ea87-479b-a08c-cdacc41f2960-003
date
Sun, 19 Sep 2021 10:44:29 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX0afc7e10ea87479ba08ccdacc41f2960003
content-type
text/html
auto-user-sync
ads.stickyadstv.com/ 		43 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/auto-user-sync
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.142.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-142-210.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:29 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1632048268991040-348
Expires
Sun, 19 Sep 2021 10:44:29 GMT
usync.html
ad.lkqd.net/cookie-sync/ Frame 3E28 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 19 Sep 2021 10:44:28 GMT
content-encoding
gzip
content-length
1868
content-type
text/html
last-modified
Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges
bytes
etag
"81f08e6987a7c8675462207e3514d72e"
cache-control
public, max-age=1209600
x-hw
1632048268.cds017.fr8.hn,1632048268.cds226.fr8.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 7A2A 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Flycrastraw05&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=46286485&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.147 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
ea6b30b4297983d5cf1dad71b38528276c1326ed5fbd3fdde6247d3620ab571a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:29 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1407
usync.html
ad.lkqd.net/cookie-sync/ Frame 9F92 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 19 Sep 2021 10:44:28 GMT
content-encoding
gzip
content-length
1868
content-type
text/html
last-modified
Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges
bytes
etag
"81f08e6987a7c8675462207e3514d72e"
cache-control
public, max-age=1209600
x-hw
1632048268.cds017.fr8.hn,1632048268.cds226.fr8.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame C674 		180 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148643&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Flycrastraw05&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=88284237&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.147 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:29 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
150
cs
cs.lkqd.net/ Frame 3E28
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&google_hm=elVaY0x1bGJtSDA
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm=&google_hm=elVaY0x1bGJtSDA&google_tc=
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEOYE-hvigrhK2JcEMDv5LTw&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEOYE-hvigrhK2JcEMDv5LTw&google_cver=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.38 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:29 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEOYE-hvigrhK2JcEMDv5LTw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
lkqd
event.clientgear.com/cookie/ Frame 3E28
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
  • https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=Ooizg53MgUw
0
133 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=Ooizg53MgUw
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.252.78.131 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:29 GMT
content-length
0

Redirect headers

date
Sun, 19 Sep 2021 10:44:29 GMT
server
nginx
location
https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=Ooizg53MgUw
access-control-max-age
0
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
cs
cs.lkqd.net/ Frame 3E28
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252...
  • https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=qH9kiAVY20g&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D
  • https://cs.lkqd.net/cs?partnerId=102&partnerUserId=0043dd03-fec9-4359-a7a9-7c2cb21d8f48
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=0043dd03-fec9-4359-a7a9-7c2cb21d8f48
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.38 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:29 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:29 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=0043dd03-fec9-4359-a7a9-7c2cb21d8f48
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
NXST
c.deployads.com/cs/ Frame 3E28
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
  • https://c.deployads.com/cs/NXST?b=mLZH1DsR1Ro
43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.deployads.com/cs/NXST?b=mLZH1DsR1Ro
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.212.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-212-58.eu-west-1.compute.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:29 GMT
cache-control
no-cache
server
SortableCactus/1.0
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Sun, 19 Sep 2021 10:44:29 GMT
server
nginx
location
https://c.deployads.com/cs/NXST?b=mLZH1DsR1Ro
access-control-max-age
0
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
cs
cs.lkqd.net/ Frame 3E28
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3935393462290813528
43 B
527 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3935393462290813528
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.38 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:29 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3935393462290813528
pragma
no-cache
date
Sun, 19 Sep 2021 10:44:28 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame 9F92
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&google_hm=d05FTjhiclpzV1E
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEOYE-hvigrhK2JcEMDv5LTw&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEOYE-hvigrhK2JcEMDv5LTw&google_cver=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.38 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:29 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEOYE-hvigrhK2JcEMDv5LTw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
lkqd
event.clientgear.com/cookie/ Frame 9F92
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
  • https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=Jfa1ZtB_3K0
0
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=Jfa1ZtB_3K0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.252.78.131 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:29 GMT
content-length
0

Redirect headers

date
Sun, 19 Sep 2021 10:44:29 GMT
server
nginx
location
https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=Jfa1ZtB_3K0
access-control-max-age
0
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
cs
cs.lkqd.net/ Frame 9F92
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252...
  • https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=XOXPKuJxLCo&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D
  • https://cs.lkqd.net/cs?partnerId=102&partnerUserId=a19dc026-d682-40f2-b9b2-582f0c5c4e70
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=a19dc026-d682-40f2-b9b2-582f0c5c4e70
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.38 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:29 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:29 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=a19dc026-d682-40f2-b9b2-582f0c5c4e70
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
NXST
c.deployads.com/cs/ Frame 9F92
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
  • https://c.deployads.com/cs/NXST?b=9sv3qdPbOxM
43 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.deployads.com/cs/NXST?b=9sv3qdPbOxM
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.212.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-212-58.eu-west-1.compute.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:29 GMT
cache-control
no-cache
server
SortableCactus/1.0
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Sun, 19 Sep 2021 10:44:29 GMT
server
nginx
location
https://c.deployads.com/cs/NXST?b=9sv3qdPbOxM
access-control-max-age
0
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
cs
cs.lkqd.net/ Frame 9F92
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3575105492101173848
43 B
526 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3575105492101173848
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.38 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:29 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3575105492101173848
pragma
no-cache
date
Sun, 19 Sep 2021 10:44:28 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.128.41 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 19 Sep 2021 10:44:29 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame E0B2 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.38 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Sun, 19 Sep 2021 10:44:29 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.128.41 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 19 Sep 2021 10:44:29 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame 1DD4 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.38 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Sun, 19 Sep 2021 10:44:29 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid.js
ad.lkqd.net/vpaid/ Frame FE27 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:29 GMT
content-encoding
gzip
last-modified
Mon, 10 May 2021 16:09:54 GMT
etag
"18431b5d583ab7507824ab63424fc76a"
x-hw
1632048269.cds017.fr8.hn,1632048269.cds107.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62012
usync.html
ad.lkqd.net/cookie-sync/ Frame 63F3 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
cookie
lkqdidts=1632048269; lkqdid=Jihfs8If-1M
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 19 Sep 2021 10:44:29 GMT
content-encoding
gzip
content-length
1868
content-type
text/html
last-modified
Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges
bytes
etag
"81f08e6987a7c8675462207e3514d72e"
cache-control
public, max-age=1209600
x-hw
1632048269.cds017.fr8.hn,1632048269.cds226.fr8.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Flycrastraw05&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=46286485&m=&rtv=1&thost=ask.fm
Protocol
H2
Server
146.20.132.147 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 19 Sep 2021 10:44:29 GMT
content-length
0
access-control-allow-origin
https://ask.fm
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
ad
v.lkqd.net/ Frame FE27 		115 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Flycrastraw05&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=46286485&m=&rtv=1&thost=ask.fm
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.147 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
65c300391db23bc319e01e6b21709e1dd779038f3d7a0e631a6233382cd18a9f

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 19 Sep 2021 10:44:29 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
7954
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
cs
cs.lkqd.net/ Frame 63F3
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&google_hm=SmloZnM4SWYtMU0
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEOYE-hvigrhK2JcEMDv5LTw&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEOYE-hvigrhK2JcEMDv5LTw&google_cver=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.38 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:29 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEOYE-hvigrhK2JcEMDv5LTw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
lkqd
event.clientgear.com/cookie/ Frame 63F3
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
  • https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=Jihfs8If-1M
0
133 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=Jihfs8If-1M
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.252.78.131 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:29 GMT
content-length
0

Redirect headers

date
Sun, 19 Sep 2021 10:44:29 GMT
server
nginx
location
https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=Jihfs8If-1M
access-control-max-age
0
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
cs
cs.lkqd.net/ Frame 63F3
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252...
  • https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=Jihfs8If-1M&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D
  • https://cs.lkqd.net/cs?partnerId=102&partnerUserId=da939857-8493-49f0-9a8e-0e27f15610e8
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=da939857-8493-49f0-9a8e-0e27f15610e8
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.38 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:29 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:29 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=da939857-8493-49f0-9a8e-0e27f15610e8
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
NXST
c.deployads.com/cs/ Frame 63F3
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
  • https://c.deployads.com/cs/NXST?b=Jihfs8If-1M
43 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.deployads.com/cs/NXST?b=Jihfs8If-1M
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.212.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-212-58.eu-west-1.compute.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:29 GMT
cache-control
no-cache
server
SortableCactus/1.0
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Sun, 19 Sep 2021 10:44:29 GMT
server
nginx
location
https://c.deployads.com/cs/NXST?b=Jihfs8If-1M
access-control-max-age
0
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
cs
cs.lkqd.net/ Frame 63F3
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3575105492101173848
43 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3575105492101173848
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.38 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:29 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3575105492101173848
pragma
no-cache
date
Sun, 19 Sep 2021 10:44:28 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
t
t.lkqd.net/ Frame 7517 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.38 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Sun, 19 Sep 2021 10:44:29 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.128.41 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 19 Sep 2021 10:44:29 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-5886a07fe08429a9a8f3c3ecc69f3c8a139a1bb50ed619f7465c053e2d7bdce7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frt3.fbcdn.net
Software
/
Resource Hash
b50f096b121d4efd0e9c4cd20d2785d89f185315615b1298a531fd8e313132d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
q3uITna0iyc8ZLXlAUFB1g==
cross-origin-resource-policy
cross-origin
expires
Sun, 19 Sep 2021 10:45:58 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1685
x-fb-rlafr
0
x-fb-debug
RAw7MR6qFIWW46kYNgGQeLFTY/OysXrGcgfB257HtkY3hisBV8zre8/IFIamP/RThgWg6kvZygHVw1nCPFo/qg==
x-fb-trip-id
686109401
x-fb-content-md5
0d853d6fd0fdebd5d3ce761af6544d10
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sun, 19 Sep 2021 10:44:29 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"fde185a97d551e1f421b58b23bca9601"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
gtm.js
www.googletagmanager.com/ 		88 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NDJVZHZ
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-5886a07fe08429a9a8f3c3ecc69f3c8a139a1bb50ed619f7465c053e2d7bdce7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f136.1e100.net
Software
Google Tag Manager /
Resource Hash
f7c238fbec0404987398a6eb2849b26034faa6c3a2c306d9fd2ef34c2c1190c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:29 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35731
x-xss-protection
0
last-modified
Sun, 19 Sep 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 19 Sep 2021 10:44:29 GMT
3eb3366e-65c3-4a24-90f5-0026136a4131.min.js
cmp.optad360.io/items/ 		2 B
349 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.optad360.io/items/3eb3366e-65c3-4a24-90f5-0026136a4131.min.js
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-5886a07fe08429a9a8f3c3ecc69f3c8a139a1bb50ed619f7465c053e2d7bdce7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 09:54:29 GMT
via
1.1 9015971351bc982a04ee209a022bb1f9.cloudfront.net (CloudFront)
last-modified
Wed, 28 Apr 2021 09:49:58 GMT
server
AmazonS3
age
3001
etag
"99914b932bd37a50b983c5e7c90ae93b"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
2
x-amz-cf-id
u8N_1hsiD2i17fdyTogrx19aJx0oCG-wy8MZo0KFrQ6G8oK7cEi89g==
plugin.min.js
get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/ 		276 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-5886a07fe08429a9a8f3c3ecc69f3c8a139a1bb50ed619f7465c053e2d7bdce7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0a76103406e7e58113441df8f2771a0f85544abb8f4abbf2ada5639b7326b659

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:27:53 GMT
content-encoding
gzip
last-modified
Wed, 15 Sep 2021 14:22:28 GMT
server
AmazonS3
age
997
etag
W/"4074a1126a14c337156303ffa83e7e61"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 da392114e7046bd9720a70f40c796f63.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
Ikdi4-GPBdy-yRkf20niFm8liILaRMAjZxLk7Yy7TiSBgqLm6fOiaA==
html.js
viadata.store/slider/ 		8 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://viadata.store/slider/html.js?sid=102415
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-5886a07fe08429a9a8f3c3ecc69f3c8a139a1bb50ed619f7465c053e2d7bdce7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.211.20 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
07614a22c2173c087c44827333281c8d19658171ae924842ddbcee95c9810915

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:29 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
server
nginx/1.19.5
content-encoding
br
vary
Accept-Encoding
content-type
application/javascript
v2vdw2jU8mhlWoPTJuFnU7SSJLVA5uyWfm703LENFPO_JUhVhBLOdq3mBeHYH4_mQj1feYd30qzD2-zV9Hg
colossalcoat.com/ 		216 B
607 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://colossalcoat.com/v2vdw2jU8mhlWoPTJuFnU7SSJLVA5uyWfm703LENFPO_JUhVhBLOdq3mBeHYH4_mQj1feYd30qzD2-zV9Hg
Requested by
Host: colossalcoat.com
URL: https://colossalcoat.com/v2doydDDr7mj6NrgHnAK5ak-qxBmJSRZTUAYuHM-2FpCgUsDt2NNH9aFlN0Jtm2lc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
133.96.201.35.bc.googleusercontent.com
Software
/
Resource Hash
7757eaa75e4309441854a823c8e070139c97a03752292ccfe1eb96b1eab7edac
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Sun, 19 Sep 2021 10:44:29 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
a26589ac
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
216
expires
Sun, 19 Sep 2021 10:44:28 GMT
sdk.js
connect.facebook.net/en_US/ 		223 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=273ed6ef6f6e223b8fcca3a8afbb3432
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frt3.fbcdn.net
Software
/
Resource Hash
7557f0c0a9c220c27fcad04c8dfe8965a2293eb669987b6a38f0ef513e2aeeb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
ou0eWm545Yhy/3fjT6DlwA==
cross-origin-resource-policy
cross-origin
expires
Mon, 19 Sep 2022 09:14:11 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
66983
x-fb-rlafr
0
x-fb-debug
v+PC1RP8NmB6nn/cwXvWRVkAe5d0/ERJLHyMIVrv+ofsC8cm5ypowK47gBZsZfq6AK+WY51Ib4u6JEHJWkKLFg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
55b5f485630d4ca7596b052410fff32b
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 19 Sep 2021 10:44:29 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"eee606e5c3f5f77998382f6fd1526a87"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDJVZHZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f142.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
6749
date
Sun, 19 Sep 2021 08:52:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sun, 19 Sep 2021 10:52:00 GMT
/
www.facebook.com/tr/ 		44 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=129215213762342&ev=fb_page_view&dl=https%3A%2F%2Fask.fm%2Flycrastraw05&rl=&if=false&ts=1632048269787&sw=1600&sh=1200&at=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:29 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sun, 19 Sep 2021 10:44:29 GMT
v2xfd8vXwHwhrZuFOtPfypdP9u5TMG_z_GjUXq4NqzWThA4bYD_vs4XUTsnqz5cvtK13UFFmgYljzNqNrVQ
colossalcoat.com/ 		3 B
36 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://colossalcoat.com/v2xfd8vXwHwhrZuFOtPfypdP9u5TMG_z_GjUXq4NqzWThA4bYD_vs4XUTsnqz5cvtK13UFFmgYljzNqNrVQ
Requested by
Host: colossalcoat.com
URL: https://colossalcoat.com/v2doydDDr7mj6NrgHnAK5ak-qxBmJSRZTUAYuHM-2FpCgUsDt2NNH9aFlN0Jtm2lc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
133.96.201.35.bc.googleusercontent.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Sun, 19 Sep 2021 10:44:29 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
access-control-allow-credentials
true
x-hostname
a26589ac
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
3
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1100882570&t=pageview&_s=1&dl=https%3A%2F%2Fask.fm%2Flycrastraw05&ul=en-us&de=UTF-8&dt=Account%20Suspended%20-%20Ask.fm&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=715119656&gjid=2002456376&cid=1900948922.1632048270&tid=UA-12308109-15&_gid=1978203435.1632048270&_r=1&gtm=2wg9f0NDJVZHZ&z=726056711
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f142.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
hls.js
uscdn.viadata.store/static/js/ 		235 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uscdn.viadata.store/static/js/hls.js
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.237.60.36 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
edb48f47d769a51a21230739ab84880f5d7b12367a72f636e33cb178b0b3d746
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 28 Dec 2020 14:11:16 GMT
server
nginx
etag
W/"5fe9e784-3ab3e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
code.js
viadata.store/tag/ 		30 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://viadata.store/tag/code.js
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.211.20 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
94aedf74ee9c2f40bc8d5b8e9dd891946d0f843b7cfbd6d86f6343067ecd9528

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:29 GMT
cache-control
public
content-type
application/javascript
server
nginx/1.19.5
content-encoding
br
vary
Accept-Encoding
expires
Mon, 20 Sep 2021 10:44:29 GMT
site
logs.viadata.store/req/ 		43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logs.viadata.store/req/site?sid=102415&cid=0&uid=8b1f2123-6d83-4d8f-ad47-06de7104bd67&event=playerLoaded&cb=1632048269845
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 19 Sep 2021 10:44:29 GMT
server
nginx
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT
CookieSyncLKQD
rtb.adentifi.com/ Frame FE27 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncLKQD
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.173.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-173-52.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
cs
cs.lkqd.net/ Frame FE27
Redirect Chain
  • https://sync.1rx.io/usersync2/lkqd
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-0afc7e10-ea87-479b-a08c-cdacc41f2960-003&rndcb=1554849082
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=309b7fe6-7282-4794-81be-0bd85dd04cb6&google_hm=MzA5YjdmZTYtNzI4Mi00Nzk0LTgxYmUtMGJkODVkZDA0...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEDlSM0N0GTxyGTkpYdCw8wg&google_cver=1&ssp=adconductor&bsw_param=309b7fe6-7282-4794-81be-0bd85dd04cb6
  • https://sync.1rx.io/usersync/bidswitch/309b7fe6-7282-4794-81be-0bd85dd04cb6?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-0afc7e10-ea87-479b-a08c-cdacc41f2960-003?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D7%26partnerUserId%3DRX-0afc7e10-ea87-479b-a08c-cdacc41f29...
  • https://cs.lkqd.net/cs?partnerId=7&partnerUserId=RX-0afc7e10-ea87-479b-a08c-cdacc41f2960-003
43 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=7&partnerUserId=RX-0afc7e10-ea87-479b-a08c-cdacc41f2960-003
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.38 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:30 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=7&partnerUserId=RX-0afc7e10-ea87-479b-a08c-cdacc41f2960-003
date
Sun, 19 Sep 2021 10:44:29 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX0afc7e10ea87479ba08ccdacc41f2960003
content-type
text/html
cs
cs.lkqd.net/ Frame FE27
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=lkqd
  • https://pm.w55c.net/ping_match.gif?st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dlkqd%26bsw_param%3D309b7fe6-7282-4794-81be-0bd85dd04cb6
  • https://pm.w55c.net/ping_match.gif?scc=1&st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dlkqd%26bsw_param%3D309b7fe6-7282-4794-81be-0bd8...
  • https://x.bidswitch.net/sync?dsp_id=79&user_id=cGhfxgCM1MrUjb5&expires=30&ssp=lkqd&bsw_param=309b7fe6-7282-4794-81be-0bd85dd04cb6
  • https://cs.lkqd.net/cs?partnerId=12&partnerUserId=309b7fe6-7282-4794-81be-0bd85dd04cb6&redirect=%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D43%26partnerUserId%3D309b7fe6-7282-4794-81be-0bd85dd04cb6%26redi...
  • https://cs.lkqd.net/cs?partnerId=43&partnerUserId=309b7fe6-7282-4794-81be-0bd85dd04cb6&redirect=//cs.lkqd.net/cs?partnerId%3D46%26partnerUserId%3D309b7fe6-7282-4794-81be-0bd85dd04cb6
  • https://cs.lkqd.net/cs?partnerId=46&partnerUserId=309b7fe6-7282-4794-81be-0bd85dd04cb6
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=46&partnerUserId=309b7fe6-7282-4794-81be-0bd85dd04cb6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.38 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:30 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

date
Sun, 19 Sep 2021 10:44:30 GMT
server
nginx
location
//cs.lkqd.net/cs?partnerId=46&partnerUserId=309b7fe6-7282-4794-81be-0bd85dd04cb6
access-control-max-age
0
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
cs
cs.lkqd.net/ Frame FE27
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=e0d6q5j&ttd_tpi=1
  • https://cs.lkqd.net/cs?partnerId=22&partnerUserId=e6d21897-77c4-4383-9f0a-fc391dcd53d0
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=22&partnerUserId=e6d21897-77c4-4383-9f0a-fc391dcd53d0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.38 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:29 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:29 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.lkqd.net/cs?partnerId=22&partnerUserId=e6d21897-77c4-4383-9f0a-fc391dcd53d0
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
203
cs
cs.lkqd.net/ Frame FE27
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3162
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3162&s_h=1
  • https://cs.lkqd.net/cs?partnerId=23&partnerUserId=9e53bc2a-b413-4b69-9bb8-aaae9d4067c9&gdpr=1&gdpr_consent=
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=23&partnerUserId=9e53bc2a-b413-4b69-9bb8-aaae9d4067c9&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.38 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:30 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:30 GMT
server
Apache-Coyote/1.1
location
https://cs.lkqd.net/cs?partnerId=23&partnerUserId=9e53bc2a-b413-4b69-9bb8-aaae9d4067c9&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
cs
cs.lkqd.net/ Frame FE27
Redirect Chain
  • https://gu.dyntrk.com/adx/lkqd/us.php?dynk=l1k4q1d4&gdpr=&gdpr_consent=
  • https://gu.dyntrk.com/adx/lkqd/us.php?dynk=l1k4q1d4&gdpr=&gdpr_consent=&prevuid=03030001_6147148de301c&knw=0
  • https://cs.lkqd.net/cs?partnerId=25&partnerUserId=03030001_6147148de301c
43 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=25&partnerUserId=03030001_6147148de301c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.38 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:30 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

date
Sun, 19 Sep 2021 10:44:29 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://cs.lkqd.net/cs?partnerId=25&partnerUserId=03030001_6147148de301c
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
cs
cs.lkqd.net/ Frame FE27
Redirect Chain
  • https://media.sabio.us/imp_pixel?invsrc=11&secure=1
  • https://cs.lkqd.net/cs?partnerId=39&partnerUserId=2929066073851811149
43 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=39&partnerUserId=2929066073851811149
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.38 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:30 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=39&partnerUserId=2929066073851811149
date
Sun, 19 Sep 2021 10:44:30 GMT
server
Apache/2.4.23 (Unix)
content-length
257
content-type
text/html; charset=iso-8859-1
/
loadm.exelator.com/load/ Frame FE27
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd&s_h=1
  • https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=9e53bc2a-b413-4b69-9bb8-aaae9d4067c9&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gd...
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1266
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/9e53bc2a-b413-4b69-9bb8-aaae9d4067c9/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent=
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=445&dpuuid=9e53bc2a-b413-4b69-9bb8-aaae9d4067c9?redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1262&gdpr=1&gdpr_consent=
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1262
  • https://tags.bluekai.com/site/5379?id=9e53bc2a-b413-4b69-9bb8-aaae9d4067c9&redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1263&gdpr=1&gdpr_consent=
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1263
  • https://loadm.exelator.com/load/?p=204&g=281&buid=9e53bc2a-b413-4b69-9bb8-aaae9d4067c9&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=281&buid=9e53bc2a-b413-4b69-9bb8-aaae9d4067c9&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:30 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:30 GMT
server
Apache-Coyote/1.1
location
https://loadm.exelator.com/load/?p=204&g=281&buid=9e53bc2a-b413-4b69-9bb8-aaae9d4067c9&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
cs
cs.lkqd.net/ Frame FE27
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D&_test=YUcUjQACtM9MRQAR
  • https://cs.lkqd.net/cs?partnerId=52&partnerUserId=YUcUjQACtM9MRQAR&_test=YUcUjQACtM9MRQAR
43 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=52&partnerUserId=YUcUjQACtM9MRQAR&_test=YUcUjQACtM9MRQAR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.38 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:30 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:30 GMT
via
1.1 varnish
server
Varnish
x-timer
S1632048270.019874,VS0,VE0
x-served-by
cache-fra19169-FRA
x-cache
HIT
location
https://cs.lkqd.net/cs?partnerId=52&partnerUserId=YUcUjQACtM9MRQAR&_test=YUcUjQACtM9MRQAR
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
cs
cs.lkqd.net/ Frame FE27
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=561322&ev=1&rurl=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D53%26partnerUserId%3D%25%25VGUID%25%25
  • https://cs.lkqd.net/cs?partnerId=53&partnerUserId=2gEDIch4uyZM&ev=1&pid=561322
43 B
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=53&partnerUserId=2gEDIch4uyZM&ev=1&pid=561322
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.38 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:30 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
de-DE
location
https://cs.lkqd.net/cs?partnerId=53&partnerUserId=2gEDIch4uyZM&ev=1&pid=561322
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-744485c85b-lskss
expires
-1
464986.gif
idsync.rlcdn.com/ Frame FE27 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/464986.gif?partner_uid=Ooizg53MgUw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:30 GMT
via
1.1 google
alt-svc
clear
content-length
0
p-E357uSpKxfQzx.gif
cms.quantserve.com/pixel/ Frame FE27 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/pixel/p-E357uSpKxfQzx.gif?idmatch=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.134 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:30 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
lkq
match.prod.bidr.io/cookie-sync/ Frame FE27 		0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/lkq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.151.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-151-94.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
cs
cs.lkqd.net/ Frame FE27
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b30&u=Ooizg53MgUw&redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D85%26partnerUserId%3D%24TF_USER_ID_ENC%24
  • https://s.tribalfusion.com/z/i.match?p=b30&u=Ooizg53MgUw&redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D85%26partnerUserId%3D%24TF_USER_ID_ENC%24
  • https://cs.lkqd.net/cs?partnerId=85&partnerUserId=18072662189313244133
43 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=85&partnerUserId=18072662189313244133
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.38 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:30 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:30 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
294
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6912381b0f5b4126-PRG
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://cs.lkqd.net/cs?partnerId=85&partnerUserId=18072662189313244133
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
cm
p.rfihub.com/ Frame FE27 		42 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?pub=35678&in=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 19 Sep 2021 10:44:30 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cs
cs.lkqd.net/ Frame FE27
Redirect Chain
  • https://nxd.adhaven.com/bid-engine/cs/2e288610711ad6050acd86a3fc72a6c3/v1?rd=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D90%26partnerUserId%3D%24UID
  • https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_ff0adb9d-f533-4871-baac-494f3e9d14cc
43 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_ff0adb9d-f533-4871-baac-494f3e9d14cc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.38 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:30 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_ff0adb9d-f533-4871-baac-494f3e9d14cc
date
Sun, 19 Sep 2021 10:44:30 GMT
via
1.1 google
server
WildFly/10
x-powered-by
Undertow/1
alt-svc
clear
content-length
0
cs
cs.lkqd.net/ Frame FE27
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=rdyLQCDWQitXDViO_ljYldiDct8
43 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=rdyLQCDWQitXDViO_ljYldiDct8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.38 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:30 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=rdyLQCDWQitXDViO_ljYldiDct8
Date
Sun, 19 Sep 2021 10:44:30 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
cs
cs.lkqd.net/ Frame FE27
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=118
  • https://tags.bluekai.com/site/17724?id=ed2b088e-c783-4afa-979f-b886e4a939b8-6147148c-5553&redir=https%3A%2F%2Fbcp.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3Ded2b088e-c783-4afa-979f-b886e4a...
  • https://bcp.crwdcntrl.net/map/c=1389/tp=STSC/tpid=ed2b088e-c783-4afa-979f-b886e4a939b8-6147148c-5553?https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D97%26partnerUserId%3Ded2b088e-c783-4afa-979f-b886e4...
  • https://bcp.crwdcntrl.net/map/ct=y/c=1389/tp=STSC/tpid=ed2b088e-c783-4afa-979f-b886e4a939b8-6147148c-5553?https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D97%26partnerUserId%3Ded2b088e-c783-4afa-979f-b...
  • https://cs.lkqd.net/cs?partnerId=97&partnerUserId=ed2b088e-c783-4afa-979f-b886e4a939b8-6147148c-5553
43 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=97&partnerUserId=ed2b088e-c783-4afa-979f-b886e4a939b8-6147148c-5553
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.38 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:30 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:30 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://cs.lkqd.net/cs?partnerId=97&partnerUserId=ed2b088e-c783-4afa-979f-b886e4a939b8-6147148c-5553
cache-control
no-cache
x-server
10.45.20.91
content-length
0
expires
0
collect
stats.g.doubleclick.net/j/ 		1 B
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-12308109-15&cid=1900948922.1632048270&jid=715119656&gjid=2002456376&_gid=1978203435.1632048270&_u=YEBAAEAAAAAAAC~&z=1419675154
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.13.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
we-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 19 Sep 2021 10:44:29 GMT
content-type
text/plain
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/56465/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1476296260&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fask.fm%2Flycrastraw05&eov=eov&pi.width=400&pi.height=225&pi.viewable=...
  • https://pr-bh.ybp.yahoo.com/sync/adtech/VA9196595a-1936-11ec-aa37-0257f42588d2?gdpr=0&gdpr_consent=&nsync=1
  • https://pixel.advertising.com/ups/56465/sync?uid=y-mEwG1EBE2p46qH5ce6sozz_zexG4Pe7lEgVl~A&_origin=0&nsync=1
  • https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-mEwG1EBE2p46qH5ce6sozz_zexG4Pe7lEgVl~A&_origin=0&nsync=1&apid=VA91756621-1936-11ec-b66c-068ca93f1b73
227 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-mEwG1EBE2p46qH5ce6sozz_zexG4Pe7lEgVl~A&_origin=0&nsync=1&apid=VA91756621-1936-11ec-b66c-068ca93f1b73
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 19 Sep 2021 10:44:30 GMT
Strict-Transport-Security
max-age=31536000
Server
ATS/7.1.2.138
Age
0
Vary
Origin
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin
null
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/xml;charset=UTF-8
Transfer-Encoding
chunked

Redirect headers

date
Sun, 19 Sep 2021 10:44:30 GMT
location
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-mEwG1EBE2p46qH5ce6sozz_zexG4Pe7lEgVl~A&_origin=0&nsync=1&apid=VA91756621-1936-11ec-b66c-068ca93f1b73
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
null
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
content-length
0
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
709 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=13385887&_fw_us_privacy=&_fw_gdpr=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C2950709615532748520917190917%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.142.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-142-210.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:30 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1632048270059013-428
Expires
Sun, 19 Sep 2021 10:44:30 GMT
sync
ups.analytics.yahoo.com/ups/56465/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1765061027&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fask.fm%2Flycrastraw05&eov=eov&pi.width=400&pi.height=225&pi.viewable=...
  • https://pr-bh.ybp.yahoo.com/sync/adtech/VA90d3e422-1936-11ec-9b4e-06f94beed07d?gdpr=0&gdpr_consent=&nsync=1
  • https://pixel.advertising.com/ups/56465/sync?uid=y-L2MJ7WBE2p7tO8gjFAodRjbtdevMuj4aGggJ~A&_origin=0&nsync=1
  • https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-L2MJ7WBE2p7tO8gjFAodRjbtdevMuj4aGggJ~A&_origin=0&nsync=1&apid=VA91756621-1936-11ec-b66c-068ca93f1b73
227 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-L2MJ7WBE2p7tO8gjFAodRjbtdevMuj4aGggJ~A&_origin=0&nsync=1&apid=VA91756621-1936-11ec-b66c-068ca93f1b73
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 19 Sep 2021 10:44:30 GMT
Strict-Transport-Security
max-age=31536000
Server
ATS/7.1.2.138
Age
0
Vary
Origin
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin
null
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/xml;charset=UTF-8
Transfer-Encoding
chunked

Redirect headers

date
Sun, 19 Sep 2021 10:44:30 GMT
location
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-L2MJ7WBE2p7tO8gjFAodRjbtdevMuj4aGggJ~A&_origin=0&nsync=1&apid=VA91756621-1936-11ec-b66c-068ca93f1b73
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
null
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
content-length
0
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fask.fm%2Flycrastraw05&cb=1498346751&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C5532748520917190917957048773,,
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fask.fm%2Flycrastraw05&cb=1498346751&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C5532748520917190917957048773,,
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjBlNWEwNDMtNjI4OS02MjhmLTQ3ODMtMWUwOGJhZjNmOWUx
0
0
sync
ups.analytics.yahoo.com/ups/56465/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHuEXTfdKx9AY=?cb=1687434424&pageUrl=https%3A%2F%2Fask.fm%2Flycrastraw05&duration=&id=&title=&url=&pi.width=400&pi.height=225&pi...
  • https://pr-bh.ybp.yahoo.com/sync/adtech/VA91723f68-1936-11ec-900f-06975d144474?gdpr=0&gdpr_consent=&nsync=1
  • https://pixel.advertising.com/ups/56465/sync?uid=y-aRSVnWBE2p7r8Cpu.SYSYpDVJgXEZE1ys.Wx~A&_origin=0&nsync=1
  • https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-aRSVnWBE2p7r8Cpu.SYSYpDVJgXEZE1ys.Wx~A&_origin=0&nsync=1&apid=VA91756621-1936-11ec-b66c-068ca93f1b73
227 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-aRSVnWBE2p7r8Cpu.SYSYpDVJgXEZE1ys.Wx~A&_origin=0&nsync=1&apid=VA91756621-1936-11ec-b66c-068ca93f1b73
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 19 Sep 2021 10:44:30 GMT
Strict-Transport-Security
max-age=31536000
Server
ATS/7.1.2.138
Age
0
Vary
Origin
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin
null
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/xml;charset=UTF-8
Transfer-Encoding
chunked

Redirect headers

date
Sun, 19 Sep 2021 10:44:30 GMT
location
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-aRSVnWBE2p7r8Cpu.SYSYpDVJgXEZE1ys.Wx~A&_origin=0&nsync=1&apid=VA91756621-1936-11ec-b66c-068ca93f1b73
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
null
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
content-length
0
245554
search.spotxchange.com/vast/2.0/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/245554?VPAID=JS&content_page_url=https%3A%2F%2Fask.fm%2Flycrastraw05&cb=2042691378&player_width=400&player_height=225&regs[gdpr]=0&device[geo][lat]=32.7889&device[geo][lon]=-96.8021&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C5285694785532748520917190917%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 19 Sep 2021 10:44:29 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000431
X-SpotX-Timing-SpotMarket
0.010251
X-SpotX-Timing-Page-Mux
0.000361
X-SpotX-Timing-Page-Require
0.000346
X-fe
071
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000003
Content-Length
77
X-SpotX-Timing-Page
0.014406
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000341
Last-Modified
Sun, 19 Sep 2021 10:44:29 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.010251
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://ask.fm
X-SpotX-Timing-Page-Misc
0.002662
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000011
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
218945
search.spotxchange.com/vast/2.0/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=https%3A%2F%2Fask.fm%2Flycrastraw05&cb=1127821463&player_width=400&player_height=225&regs[gdpr]=&user[consent]=&device[geo][lat]=32.7889&device[geo][lon]=-96.8021&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C55327485209171909171851921209%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 19 Sep 2021 10:44:29 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000261
X-SpotX-Timing-SpotMarket
0.025882
X-SpotX-Timing-Page-Mux
0.000853
X-SpotX-Timing-Page-Require
0.000439
X-fe
128
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000027
Content-Length
77
X-SpotX-Timing-Page
0.030633
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000357
Last-Modified
Sun, 19 Sep 2021 10:44:29 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.011695
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://ask.fm
X-SpotX-Timing-Page-Misc
0.002804
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.014187
X-SpotX-Timing-Page-URI
0.000010
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
709 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=&_fw_gdpr=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C17535418435532748520917190917,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.142.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-142-210.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:30 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1632048269768056-345
Expires
Sun, 19 Sep 2021 10:44:30 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C14852066015532748520917190917,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.142.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-142-210.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d3fe83882585568089145c998223d257dfdd7331de775b8be4c62b3d82534cf1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:29 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1158
x-sticky-vk
1632048269690095-422
Expires
Sun, 19 Sep 2021 10:44:29 GMT
/
x.vindicosuite.com/ 		65 B
759 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.vindicosuite.com/?l=560976&t=x&rnd=1345411789&u=https%3A%2F%2Fask.fm%2Flycrastraw05&r=https%3A%2F%2Fask.fm%2Flycrastraw05&ip=216.131.114.223&mediaduration=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
204.236.186.35.bc.googleusercontent.com
Software
21f463ae9a0f5210f5c10cdf23cfc00956bcfef89beeef9d70edb26be58853e4 /
Resource Hash
5f91da25c24e6fb0fc2f6b18964b6bb696253b1d13fa9fa32ca8d27f60ec9fee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:29 GMT
via
1.1 google
server
21f463ae9a0f5210f5c10cdf23cfc00956bcfef89beeef9d70edb26be58853e4
p3p
CP="NOI DSP COR DEVa TAIa OUR BUS UNI NAV"
access-control-allow-origin
https://ask.fm
cache-control
no-store,no-cache,must-revalidate,post-check=0,pre-check=0
access-control-allow-credentials
true
content-type
text/xml;charset=ISO-8859-1
alt-svc
clear
expires
Thu, 01 Dec 1994 16:00:00 GMT
/
adx.adform.net/adx/ 		65 B
643 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=971292&t=2&url=https%3A%2F%2Fask.fm%2Flycrastraw05
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:29 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
709 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7480737&_fw_us_privacy=&_fw_gdpr=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C5532748520917190917492535812,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.142.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-142-210.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:30 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1632048269771056-380
Expires
Sun, 19 Sep 2021 10:44:30 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		991 B
861 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Flycrastraw05&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C10985373935532748520917190917%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
34efffcbe05d688a8e21796b8afe6b04e9cb0c81a3d1b5002da279a6a6a2fcab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:29 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
610
expires
Sun, 19 Sep 2021 10:44:29 GMT
13502463
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/13502463?schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C553274852091719091722532493,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.142.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-142-210.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3a4ba9565a92e6e053a15a32aedb585961e4593446dd41be4fd59a673939ef64

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:29 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1156
x-sticky-vk
1632048269708087-340
Expires
Sun, 19 Sep 2021 10:44:29 GMT
sync
ups.analytics.yahoo.com/ups/56465/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=991917654&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Flycrastraw05&eov=eov&pi.width=400&pi....
  • https://pr-bh.ybp.yahoo.com/sync/adtech/VA91756621-1936-11ec-b66c-068ca93f1b73?gdpr=0&gdpr_consent=&nsync=1
  • https://pixel.advertising.com/ups/56465/sync?uid=y-EnLpL7xE2p4kkxr8BU9FhbChWGMt1p1gru00~A&_origin=0&nsync=1
  • https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-EnLpL7xE2p4kkxr8BU9FhbChWGMt1p1gru00~A&_origin=0&nsync=1&apid=VA91756621-1936-11ec-b66c-068ca93f1b73
227 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-EnLpL7xE2p4kkxr8BU9FhbChWGMt1p1gru00~A&_origin=0&nsync=1&apid=VA91756621-1936-11ec-b66c-068ca93f1b73
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 19 Sep 2021 10:44:30 GMT
Strict-Transport-Security
max-age=31536000
Server
ATS/7.1.2.138
Age
0
Vary
Origin
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin
null
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/xml;charset=UTF-8
Transfer-Encoding
chunked

Redirect headers

date
Sun, 19 Sep 2021 10:44:30 GMT
location
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-EnLpL7xE2p4kkxr8BU9FhbChWGMt1p1gru00~A&_origin=0&nsync=1&apid=VA91756621-1936-11ec-b66c-068ca93f1b73
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
null
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
content-length
0
210830.js
cdn.viadata.store/js/player/ Frame DD3E 		180 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viadata.store/js/player/210830.js
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.172 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
a8d9b7d4230d33c693d11ebca3f0a5caaa527ba7718cf6fc761dd14b595bb84c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:30 GMT
content-encoding
gzip
last-modified
Fri, 03 Sep 2021 13:15:02 GMT
server
nginx
etag
W/"61321fd6-2cf94"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
x-continent
NA
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
prebid4.39.0.js
get.optad360.io/sf/ 		492 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/prebid4.39.0.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
86a90b183aecfa70018125329bdc860971b2f20123c0f40e68bac0a1dcb58645

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 23:09:47 GMT
content-encoding
gzip
last-modified
Thu, 13 May 2021 10:44:35 GMT
server
AmazonS3
age
992082
etag
W/"e020700f5effdce1f4be56434553da72"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 da392114e7046bd9720a70f40c796f63.cloudfront.net (CloudFront)
cache-control
public, max-age=360000000
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
mKIEDsj1d-2ESMGzDP0Stxx8UX6i_l3rxQBljV4fhZn7DnpIvQWQpA==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210919
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3055111147af6cdf92bfb1e7e11909eb7c44ba5b575587c23c8344f2124448fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
26182
x-jsd-version
1.0.1104
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
926
etag
W/"69c-ZBBBUBCoVgQBr+skVMt3daM9GwA"
x-served-by
cache-fra19151-FRA
x-jsd-version-type
version
date
Sun, 19 Sep 2021 10:44:30 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
localstore.js
script.4dex.io/ 		483 B
711 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.15.161 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:30 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 09 Sep 2021 12:35:55 GMT
server
cloudflare
age
857297
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
6912381ad994410e-PRG
x-amz-request-id
TD3DS9YZ8440AKDY
x-amz-id-2
M2Q7mY6rdpzXw/sL0fa+n0BFIJ9kCQCZ5Pu3Nfv1fXbLplIOJnLEBWCmKKKxSvug0l8dkcZHDP0=
expires
Sun, 19 Sep 2021 11:14:30 GMT
json
gum.criteo.com/sid/ 		313 B
594 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1&lsw=1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
0dac716fa532a7dcd593342b9449bf7495cfa15d0674ecf68c92bd110c3cc836
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 19 Sep 2021 10:44:30 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3629
expires
0
apacdex
useast.quantumdex.io/auction/ 		0
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.42.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 19 Sep 2021 10:44:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://ask.fm
access-control-allow-credentials
true
cf-ray
691238197a3027b8-PRG
cygnus
htlb.casalemedia.com/ 		24 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=425272&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223ce3dbd3a23e5a%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fask.fm%2Flycrastraw05%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.39.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A2%2C%22msi%22%3A2%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2240189736c5c52f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2240189736c5c52f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22750x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A750%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2240189736c5c52f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-111-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ae1eda05df5d50f31b071d449eeaf12b87b4efce966fa379428e71db3d4a6307

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:30 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[216.131.114.223], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ask.fm
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
44
x-ak-client-geo
12
expires
Sun, 19 Sep 2021 10:44:30 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
692 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:30 GMT
X-Proxy-Origin
216.131.114.223; 216.131.114.223; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
237e19b7-0523-49bc-bd50-396140f5ea3f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adjson
ads.betweendigital.com/ 		2 B
902 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
/
adx.adform.net/adx/ 		5 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTg2NTI1MyZ0cmFuc2FjdGlvbklkPTNjYmEyMWUwLWFmOTYtNDhiZC05NjdjLTQyZDYyYTk4NGIwMCZyY3VyPVBMTg%3D%3D&pt=gross&stid=e42c7a7e-8335-41ce-835f-c91985cfedb7&gdpr=0&gdpr_consent=undefined&fd=1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:30 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
prebid-request
onetag-sys.com/ 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://ask.fm
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
c
prebid.a-mo.net/a/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Sun, 19 Sep 2021 10:44:29 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
v2
i.connectad.io/api/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
692 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:30 GMT
X-Proxy-Origin
216.131.114.223; 216.131.114.223; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
41a1dc59-5722-4e0b-87a5-8b8ce5751678
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		0
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:29 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://ask.fm
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
av
vidoomy-d.openx.net/v/1.0/
Redirect Chain
  • https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fask.fm%2Flycrastraw05&cb=1498346751&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C5532748520917190917957048773,,
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fask.fm%2Flycrastraw05&cb=1498346751&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C5532748520917190917957048773,,
48 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fask.fm%2Flycrastraw05&cb=1498346751&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C5532748520917190917957048773,,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:30 GMT
content-encoding
gzip
server
OXGW/16.216.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ask.fm
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Sun, 19 Sep 2021 10:44:30 GMT
via
1.1 google
server
OXGW/16.216.0
location
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fask.fm%2Flycrastraw05&cb=1498346751&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C5532748520917190917957048773,,
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ask.fm
access-control-allow-credentials
true
alt-svc
clear
content-length
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1&lsw=1
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://ask.fm
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1433
date
Sun, 19 Sep 2021 10:44:30 GMT
content-encoding
gzip
vary
Accept-Encoding
adagio.js
script.4dex.io/ 		71 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.15.161 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d13b828524033b9a73c68df3bf063d050d264b970d6292f5a177f885a27e6792

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:30 GMT
content-encoding
gzip
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
age
857286
x-amz-request-id
4EJZWQSPYJN0KPZG
x-amz-id-2
YC9klwmqqfwQDVFSMHtow4Ja5sHZlojW2QWsGiGTWvJc04JtRiK3mdot7Og40EhxdWPEzb01nLQ=
last-modified
Thu, 09 Sep 2021 12:35:54 GMT
server
cloudflare
etag
W/"80a6d470c029b1acfca7d8abeb00b240"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
cf-ray
6912381b7bc64114-PRG
expires
Sun, 19 Sep 2021 11:14:30 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.128.41 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 19 Sep 2021 10:44:30 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame 7517 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.38 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Sun, 19 Sep 2021 10:44:30 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 5033 		330 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
5837176a5be205c861565cdec44ff713ed7874620fd4b2967a59a0d184477a48

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 19 Sep 2021 10:44:30 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Jul 2021 02:54:23 GMT
ETag
"1625108063"
X-HW
1632048270.dop235.fr8.t,1632048270.cds248.fr8.shn,1632048270.cds248.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
113854
truncated
/ 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		331 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		740 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		384 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		782 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		395 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		449 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		480 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		371 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f32ab7d466ee99b7e292e7b830b4c2ae03c2f959a0555264a01ceb892a15392

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
756b9209561d2a2a4a54f2198bf8e6ebd9b8982452f3a7607026acc259211c81

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
viads-player-logo-50.png
cdn.viadata.store/static/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.viadata.store/static/viads-player-logo-50.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.172 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
c3f11ffbaaba9768b1b5b86613b1dfe237de5257be4ac0a8d477ec497e38a20c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:30 GMT
last-modified
Wed, 26 Feb 2020 10:23:58 GMT
server
nginx
etag
"5e56473e-26d1"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-allow-credentials
true
x-continent
NA
accept-ranges
bytes
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
9937
/
pl.viadata.store/export/102415/ Frame DD3E 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pl.viadata.store/export/102415/?secured=1&language=en&page_url=https%3A%2F%2Fask.fm%2Flycrastraw05&pub_sid=102415&pub_sub=0&format=json&tgt=0&VIA_SUBID=&VIA_ABT=1&pce=1&npx=1&VIA_DNT=0&page_domain=ask.fm&trackdomain=logs.viadata.store&VIA_DADPOS=3&avtoken=270709&VIA_WIDTH=432&VIA_HEIGHT=243&imp=false&rc=1&cb=1632048270741
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.119.12 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
38c6e9a2b2c0d8fdaeb1ea2028c023811e299daaa0377140aae61fece2707cc0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:30 GMT
content-encoding
br
server
nginx/1.19.5
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
access-control-allow-credentials
true
access-control-allow-headers
sentry-trace
t
t.lkqd.net/ Frame 7517 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.38 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Sun, 19 Sep 2021 10:44:30 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.128.41 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 19 Sep 2021 10:44:30 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 5033 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1632048270823
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 19 Sep 2021 10:44:30 GMT
Last-Modified
Thu, 01 Jul 2021 02:54:23 GMT
ETag
"1625108063"
X-HW
1632048270.dop235.fr8.t,1632048270.cds230.fr8.shn,1632048270.cds230.fr8.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
stv
match.prod.bidr.io/cookie-sync/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=4c50b0259ffd9f3d63c8814f698bab&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l0772_7009593949438367262
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NGM1MGIwMjU5ZmZkOWYzZDYzYzg4MTRmNjk4YmFi&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESECelEJRtQrBrXXwV5-1rZdE&google_cver=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=e6d21897-77c4-4383-9f0a-fc391dcd53d0
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/4c50b0259ffd9f3d63c8814f698bab&gdpr=0&gdpr_consent=?
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-KOr2.a5E2oMV1csvKhPsI9quO5ibLLtE5OVYUnZy~A
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.stickyadstv.com%252Fuser-registering%253FdataProviderId%253D209%26gdpr%3D0%26gdpr_consent%3D%2526userId%253D%24UID
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=7552174661885202278
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=a4566147-148f-4800-8abb-b8d07b7d6973&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=1915452342602404608
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.151.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-151-94.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:31 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1632048271329022-353
Expires
Sun, 19 Sep 2021 10:44:31 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame 5033 		301 B
845 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fask.fm%2Flycrastraw05
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.142.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-142-210.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:30 GMT
Server
nginx
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1632048270778032-374
Expires
Sun, 19 Sep 2021 10:44:30 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 5033 		67 B
709 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&schain=1.0%2C1!vidoomy.com%2C54345%2C1%2C14852066015532748520917190917%2C%2C&vav=52bacda6b5a81c80e8ac267397f268be&vaviv=9f79ba9c0c5d0887f2c6fd753f920948&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.11.9.4&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fask.fm%2Flycrastraw05&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.142.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-142-210.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:30 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1632048270839010-353
Expires
Sun, 19 Sep 2021 10:44:30 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NGM1MGIwMjU5ZmZkOWYzZDYzYzg4MTRmNjk4YmFi&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NGM1MGIwMjU5ZmZkOWYzZDYzYzg4MTRmNjk4YmFi&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:30 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NGM1MGIwMjU5ZmZkOWYzZDYzYzg4MTRmNjk4YmFi&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1632048270718060-361
Expires
Sun, 19 Sep 2021 10:44:30 GMT
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=4c50b0259ffd9f3d63c8814f698bab&ex=freewheel.tv&gdpr=0&gdpr_consent=
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=4c50b0259ffd9f3d63c8814f698bab&ex=freewheel.tv&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:31 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
R64TW2GE7W3HGFTFJ16T
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:30 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=4c50b0259ffd9f3d63c8814f698bab&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1632048270643093-333
Expires
Sun, 19 Sep 2021 10:44:30 GMT
truncated
/ Frame FE27 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
vpaid_44854a27.js
vpaid.springserve.com/production/ Frame 723C 		487 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_44854a27.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-75.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
11e41d859e2bb2f97068bbbffff15522b7852828e938a464164ffbad62cfa389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Aug 2021 15:01:09 GMT
content-encoding
br
last-modified
Wed, 25 Aug 2021 15:00:31 GMT
server
AmazonS3
age
2144602
etag
W/"d48d9d8b9aa42be3c59a03030903498a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
q8jTyabO9-LuCLuy823Hl-aGXAzI_b0ivkN6rXVIkl-AH8XwAX8HJg==
openrtb
ads.adaptv.advertising.com/rtb/ Frame 723C 		0
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_44854a27.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.70.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-70-35.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ask.fm
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ Frame 723C 		19 B
692 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_44854a27.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:31 GMT
X-Proxy-Origin
216.131.114.223; 216.131.114.223; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
543f2aa0-7a7c-424f-8646-e5edf13d599e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 723C 		19 B
692 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_44854a27.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:31 GMT
X-Proxy-Origin
216.131.114.223; 216.131.114.223; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
5729b9c5-d86d-41fd-ba59-9704e5f6bf1d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
clientside-video-bidder.rutarget.ru/ Frame DD3E 		27 B
687 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://clientside-video-bidder.rutarget.ru/bid?url=https%3A%2F%2Fask.fm%2Flycrastraw05&request_id=1024152048271001&placement_id=109&mimes=video%2Fmp4&placement=1&protocols=2&protocols=3&protocols=5&protocols=6&mimes=application/javascript&vd_api_0=VPAID_2_0
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.64.106.149 , Russian Federation, ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU),
Reverse DNS
s-fr4.rutarget.ru
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 19 Sep 2021 10:44:31 GMT
Server
nginx
Access-Control-Allow-Methods
OPTIONS
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Access-Control-Allow-Origin
https://ask.fm
Rutarget-SameSite-Cookie
true
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/xml
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Ssp-Name
Content-Length
27
cs
rtb-msk-2.viadata.store/vast/ Frame DD3E 		71 B
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb-msk-2.viadata.store/vast/cs?zone=102415&w=432&h=243&site=https%3A%2F%2Fask.fm%2Flycrastraw05&vp=2&cbb=2048271003
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.236 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
ea8c11136a7433434705f93ac9b944267b1e5b18cb713fe9817c7ca09c730cf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
age
0
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/xml; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-store
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
access-control-allow-headers
Content-Type, Accept
rle.cgi
ad.adriver.ru/cgi-bin/ Frame DD3E 		5 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=222536&bn=1&bt=61&pz=0&w=400&h=220&vp=5&target=top&vmindn=5&vmaxdn=180&vminbtr=30&vmaxbtr=3000&tuid=1&rnd=2048271004&tail256=https%3A%2F%2Fask.fm%2F
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.108.47 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
8c182804cf2d13297fd231bf09ddee0636c30f7c03379ded73ac5c0500e21082

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:31 GMT
Transfer-Encoding
chunked
P3P
policyref="https://adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Access-Control-Allow-Origin
https://ask.fm
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/xml
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
ads.viralize.tv/vast/ Frame DD3E 		71 B
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.viralize.tv/vast/?zid=AADPh4dFgdgbKwgH&u=ask.fm&cbb=2048271004
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
3419057d4d0ea2416ad392eb797ded2ac1033896fc70df1dadd4eaad31862bf1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:31 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding, Origin
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
expires
0
vast
moevideo.biz/ Frame DD3E 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/vast?ref=viads-ask.fm&impressionAfterPaid=1&es=1&vl=1&mvis=1&referrer=https%3A%2F%2Fask.fm%2Flycrastraw05&cbb=2048271004
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.5 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f22.moevideo.net
Software
nginx / PHP/5.5.38
Resource Hash
45bfe0ae2ef5a2dae11426e2b4f4ef0a4829c0b6dc40cf0d46c00d759a83ed16

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 19 Sep 2021 10:44:31 GMT
Content-Encoding
gzip
X-Mv-Embed-Version
1373
X-Powered-By
PHP/5.5.38
Transfer-Encoding
chunked
Connection
keep-alive
X-My-Reqtime
0.106
Pragma
no-cache
Last-Modified
Sun, 19 Sep 2021 10:44:31 GMT
Server
nginx
X-My-Name
s49
Access-Control-Allow-Methods
GET, POST
Content-Type
application/xml
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
X-Mv-TryCache
0
X-My-App-Time
0.007
Access-Control-Allow-Headers
Content-Type, Accept
Expires
Thu, 19 Feb 1998 13:24:18 GMT
viads-vast
adx.com.ru/ Frame DD3E
Redirect Chain
  • https://adx.com.ru/viads-vast?vpaid=true&rolltype=outstream&referer=https%3A%2F%2Fask.fm%2Flycrastraw05&uid=8b1f2123-6d83-4d8f-ad47-06de7104bd67&cbb=2048271005
  • https://adx.com.ru/viads-vast?confirm=1&referer=https%3A%2F%2Fask.fm%2Flycrastraw05&rolltype=content-roll&uid=8b1f2123-6d83-4d8f-ad47-06de7104bd67&vpaid=false
0
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.com.ru/viads-vast?confirm=1&referer=https%3A%2F%2Fask.fm%2Flycrastraw05&rolltype=content-roll&uid=8b1f2123-6d83-4d8f-ad47-06de7104bd67&vpaid=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.34.131.130 Tann, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.130.131.34.188.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Sun, 19 Sep 2021 10:44:31 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
server
nginx/1.18.0
p3p
CP="adx.com.ru does not have a P3P policy"

Redirect headers

date
Sun, 19 Sep 2021 10:44:31 GMT
server
nginx/1.18.0
access-control-allow-origin
https://ask.fm
p3p
CP="adx.com.ru does not have a P3P policy"
location
/viads-vast?confirm=1&referer=https%3A%2F%2Fask.fm%2Flycrastraw05&rolltype=content-roll&uid=8b1f2123-6d83-4d8f-ad47-06de7104bd67&vpaid=false
cache-control
max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
content-length
239
ad_request
ads.aralego.com/ Frame DD3E 		0
514 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?host=ask.fm&ver=UCX_WEB-20200113&adid=ad-8A29B9A43D442E8EFEE379B36E7ED89&atype=2&u=https%3A%2F%2Fask.fm%2Flycrastraw05&gdpr=0&euconsent-v2=&w=432&h=243&je=1&cbb=2048271005
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 19 Sep 2021 10:44:31 GMT
X-Width
432
X-Height
243
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
https://ask.fm
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Access-Control-Allow-Credentials
true
X-Adtype
vast
Connection
close
i
dmg.digitaltarget.ru/awg/custom/7205/i/ Frame DD3E
Redirect Chain
  • https://dmg.digitaltarget.ru/1/7205/i/i?a=945&e=8b1f2123-6d83-4d8f-ad47-06de7104bd67&i=1632048270
  • https://dmg.digitaltarget.ru/awg/custom/7205/i/i?call_source=awg&a=945&e=8b1f2123-6d83-4d8f-ad47-06de7104bd67&i=1632048270
49 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmg.digitaltarget.ru/awg/custom/7205/i/i?call_source=awg&a=945&e=8b1f2123-6d83-4d8f-ad47-06de7104bd67&i=1632048270
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.15.175.131 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 19 Sep 2021 10:44:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Request-Time
16
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
64
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Credentials
true

Redirect headers

Date
Sun, 19 Sep 2021 10:44:31 GMT
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Allow-Methods
GET, POST, OPTIONS
Location
https://dmg.digitaltarget.ru/awg/custom/7205/i/i?call_source=awg&a=945&e=8b1f2123-6d83-4d8f-ad47-06de7104bd67&i=1632048270
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
master-only
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
86400
Connection
keep-alive
Request-Time
0
Content-Length
0
X-Content-Type-Options
nosniff
partner
sync.search.spotxchange.com/ Frame DD3E 		43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=273596&uid=8b1f2123-6d83-4d8f-ad47-06de7104bd67
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 19 Sep 2021 10:44:31 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
121
Connection
keep-alive
Content-Length
43
dsp
logs.viadata.store/event/ Frame DD3E 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logs.viadata.store/event/dsp?sid=102415&event=rtb&event2=request&cb=1632048271005&tids=2107,2110,2106,2552,4760,2111,2555,2109,7323,7378
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 19 Sep 2021 10:44:31 GMT
server
nginx
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT
t
t.lkqd.net/ Frame 7517 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.38 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Sun, 19 Sep 2021 10:44:31 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.128.41 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 19 Sep 2021 10:44:31 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 723C 		67 B
709 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&playerSize=400x225&loc=https%3A%2F%2Fask.fm%2Flycrastraw05&_fw_gdpr=1&_fw_gdpr_consent=&cb=1632048269690&width=400&height=225&dnt=&ip=216.131.114.223&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&schain=1.0,1!vidoomy.com,54345,1,1632048269690,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_44854a27.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.142.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-142-210.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:31 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1632048270996038-403
Expires
Sun, 19 Sep 2021 10:44:31 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 723C 		963 B
844 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Flycrastraw05&schain=1.0,1!vidoomy.com,54345,1,1632048269690,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_44854a27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
34e2c8fd56ea49d3031f8687e6ee0d70c9cadf846b238d1a3f0450b4020c4570

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:31 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
592
expires
Sun, 19 Sep 2021 10:44:31 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame D422 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Flycrastraw05&schain=1.0,1!vidoomy.com,54345,1,1632048269690,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:31 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
showad.js
ads.pubmatic.com/AdServer/js/ Frame AF4E 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Flycrastraw05&schain=1.0,1!vidoomy.com,54345,1,1632048269690,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=101831
expires
Mon, 20 Sep 2021 15:01:42 GMT
date
Sun, 19 Sep 2021 10:44:31 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame D422 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Flycrastraw05&schain=1.0,1!vidoomy.com,54345,1,1632048269690,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:31 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:07:52 GMT
server
Apache/2.2.15 (CentOS)
etag
"13006b6-974e-5c4c7cb53d8cb"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=101831
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13946
expires
Mon, 20 Sep 2021 15:01:42 GMT
48953915
mc.yandex.com/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=1&wv-hit=168314377&page-url=https%3A%2F%2Fask.fm%2Flycrastraw05&rn=940407005&wv-type=5&browser-info=gdpr%3A14%3Aet%3A1632048271%3Aw%3A1600x1200%3Av%3A644%3Az%3A0%3Ai%3A202109190104431%3Au%3A1632048269587269209%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1632048271
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:31 GMT
last-modified
Sun, 19-Sep-2021 10:44:31 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 19-Sep-2021 10:44:31 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame AF4E 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=80436012&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
36b6160d09e18dab6ce18a9c836e60aa3725d2896f7280d111ae2b59bf028947

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:30 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame 78FC
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=F6956387-2234-4DCC-A664-B7F021559DFF
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F6956387-2234-4DCC-A664-B7F021559DFF
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F6956387-2234-4DCC-A664-B7F021559DFF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?CC=1&party=14&cid=F6956387-2234-4DCC-A664-B7F021559DFF
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 19 Sep 2021 10:44:31 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=4532995315960102944; expires=Thu, 18 Nov 2021 10:44:31 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Sun, 19 Sep 2021 10:44:31 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F6956387-2234-4DCC-A664-B7F021559DFF
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
C=1; expires=Tue, 19 Oct 2021 10:44:31 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 2540
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2010685131617161665
42 B
209 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2010685131617161665
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2010685131617161665
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=F6956387-2234-4DCC-A664-B7F021559DFF; chkChromeAb67Sec=1; DPSync3=1633219200%3A201_197_219%7C1632096000%3A174; SyncRTB3=1633219200%3A7_3_13_161_56_220_21_54%7C1633305600%3A35%7C1632614400%3A223; KRTBCOOKIE_57=22776-7552174661885202278; PugT=1632048270; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEB-ARIe0ebetWzlRQn5HYCE&KRTB&16514-CAESEB-ARIe0ebetWzlRQn5HYCE&KRTB&23025-CAESEB-ARIe0ebetWzlRQn5HYCE; KRTBCOOKIE_27=16735-uid:c4ee6147-148f-4400-bd1b-c0137ae18172&KRTB&16736-uid:c4ee6147-148f-4400-bd1b-c0137ae18172&KRTB&23019-uid:c4ee6147-148f-4400-bd1b-c0137ae18172&KRTB&23114-uid:c4ee6147-148f-4400-bd1b-c0137ae18172; KRTBCOOKIE_377=6810-e6d21897-77c4-4383-9f0a-fc391dcd53d0&KRTB&22918-e6d21897-77c4-4383-9f0a-fc391dcd53d0&KRTB&23031-e6d21897-77c4-4383-9f0a-fc391dcd53d0; SPugT=1632048270; KRTBCOOKIE_391=22924-6236202188917376246&KRTB&23263-6236202188917376246
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 19 Sep 2021 10:44:30 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-2010685131617161665; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 19-Oct-2021 10:44:30 GMT; path=/ PugT=1632048270; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 19-Oct-2021 10:44:30 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 18-Dec-2021 10:44:30 GMT; path=/
x-lat
amspug020:0:473
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2010685131617161665
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 7A06 		43 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Sun, 19 Sep 2021 10:44:30 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Sun, 19 Sep 2021 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
488848
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AF4E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9pVjhyI0TcymZLfwIVWd_w%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:31 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=57785
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Mon, 20 Sep 2021 02:47:36 GMT

Redirect headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame AF4E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=656e6147-148f-4c00-95ba-047d7d98c16c
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=656e6147-148f-4c00-95ba-047d7d98c16c
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:30 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 19 Sep 2021 10:44:31 GMT
Server
MT3 3944 2bcb57b master cdg-pixel-x9 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=656e6147-148f-4c00-95ba-047d7d98c16c
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 19 Sep 2021 10:44:30 GMT
33141
tags.bluekai.com/site/ Frame AF4E
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=F6956387-2234-4DCC-A664-B7F021559DFF
  • https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
  • https://tags.bluekai.com/site/33141?&id=06e18569725ef99b
62 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/33141?&id=06e18569725ef99b
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.90.192.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-192-27.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 19 Sep 2021 10:44:31 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif

Redirect headers

location
https://tags.bluekai.com/site/33141?&id=06e18569725ef99b
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame AF4E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjY5NTYzODctMjIzNC00RENDLUE2NjQtQjdGMDIxNTU5REZG&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:30 GMT
cache-control
no-store, no-cache, private
x-lat
amspug020:0:583
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame AF4E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEB-ARIe0ebetWzlRQn5HYCE&google_cver=1
42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEB-ARIe0ebetWzlRQn5HYCE&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:30 GMT
cache-control
no-store, no-cache, private
x-lat
amspug016:0:377
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEB-ARIe0ebetWzlRQn5HYCE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame AF4E 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:31 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 18 Sep 2021 10:44:31 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame AF4E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6236202188917376246
42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6236202188917376246
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:30 GMT
cache-control
no-store, no-cache, private
x-lat
amspug014:0:720
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:31 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6236202188917376246
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame AF4E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c4ee6147-148f-4400-bd1b-c0137ae18172&gdpr=0&gdpr_consent=
42 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c4ee6147-148f-4400-bd1b-c0137ae18172&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:30 GMT
cache-control
no-store, no-cache, private
x-lat
amspug019:0:389
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 19 Sep 2021 10:44:31 GMT
Server
MT3 3944 2bcb57b master cdg-pixel-x9 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c4ee6147-148f-4400-bd1b-c0137ae18172&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 19 Sep 2021 10:44:30 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame AF4E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e6d21897-77c4-4383-9f0a-fc391dcd53d0
42 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e6d21897-77c4-4383-9f0a-fc391dcd53d0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:30 GMT
cache-control
no-store, no-cache, private
x-lat
amspug001:0:402
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:31 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e6d21897-77c4-4383-9f0a-fc391dcd53d0
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame AF4E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7552174661885202278&gdpr=0&gdpr_consent=
42 B
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7552174661885202278&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:30 GMT
cache-control
no-store, no-cache, private
x-lat
amspug015:0:498
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:31 GMT
X-Proxy-Origin
216.131.114.223; 216.131.114.223; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
b5ec2fc2-acd1-49bf-926b-c9ac10e166e7
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7552174661885202278&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame AF4E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F6956387-2234-4DCC-A664-B7F021559DFF&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Qdp5BV1E2uUk4czFqvgCWX3JKbOzdyM-~A&gdpr=0&gdpr_consent=
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Qdp5BV1E2uUk4czFqvgCWX3JKbOzdyM-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:30 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 19 Sep 2021 10:44:31 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Qdp5BV1E2uUk4czFqvgCWX3JKbOzdyM-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
48953915
mc.yandex.com/webvisor/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=1&wv-hit=168314377&page-url=https%3A%2F%2Fask.fm%2Flycrastraw05&rn=583832069&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1632048271%3Aw%3A1600x1200%3Av%3A644%3Az%3A0%3Ai%3A202109190104431%3Au%3A1632048269587269209%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1632048271
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:31 GMT
last-modified
Sun, 19-Sep-2021 10:44:31 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 19-Sep-2021 10:44:31 GMT
vpaid.min.js
moevideo.biz/embed/player/1709/vpaid/ Frame F0D3 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/player/1709/vpaid/vpaid.min.js
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.5 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f22.moevideo.net
Software
nginx /
Resource Hash
e58f2cc23685f345a023f18273ab4b4cad1ae57969fef8904ddc6d5bb3f67af3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 19 Sep 2021 10:44:32 GMT
Last-Modified
Fri, 17 Sep 2021 10:19:33 GMT
Server
nginx
X-My-Name
s12
ETag
"61446bb5-1c64"
Content-Type
application/javascript
Content-Length
7268
Connection
keep-alive
Accept-Ranges
bytes
X-My-Reqtime
0.528
context.js
an.yandex.ru/system/ 		295 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/system/context.js
Requested by
Host: ask.fm
URL: https://ask.fm/lycrastraw05
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
213.180.204.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
dc8edbd118233660ecde9552227385bb65c8a46293043d2a951b29d2b2b0ae71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
strict-transport-security
max-age=31536000
content-encoding
br
etag
2004548822
x-yandex-req-id
1632048271600202-853347189570421550400414-production-app-host-vla-pcode-19
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Sun, 19 Sep 2021 11:44:31 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame D422 		27 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=1=&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Flycrastraw05&schain=1.0,1!vidoomy.com,54345,1,1632048269690,,&us_privacy=&cb=1632048271153&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fask.fm%252Flycrastraw05&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fask.fm%252Flycrastraw05&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-9-19%2010:44:31&ranreq=0.5160033497655094&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Flycrastraw05&schain=1.0,1!vidoomy.com,54345,1,1632048269690,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:31 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://ask.fm
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
531372a5c211a836fb4c.js
yastatic.net/partner-code-bundles/43709/ 		81 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/43709/531372a5c211a836fb4c.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.216 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
cfa9b4c79e56aaf8e9f53eccd1dcf0e5197bac869d4a38b40dedb42bd6cc22db
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:31 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
17407
last-modified
Wed, 15 Sep 2021 15:16:19 GMT
server
nginx/1.17.9
etag
"1fdc1e213d42152cde3933ba4216dfcc"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Sep 2051 17:19:55 GMT
host.js
yastatic.net/safeframe-bundles/0.82/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.82/host.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.216 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
10c861bc88c25be1f3ee98f7652bc7fbb35857f42f923e00c6037b757c77685e
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:31 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8879
last-modified
Mon, 28 Jun 2021 10:29:24 GMT
server
nginx/1.17.9
etag
"e4627697ff619d2b610d2b2fee975531"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Sep 2051 17:19:55 GMT
31392720aa72088069c1.js
yastatic.net/partner-code-bundles/43709/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/43709/31392720aa72088069c1.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.216 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
5771e6a4a5394fe2fbf69ae11885eb8a44a92f5a17b3057f5ac293fd7935664c
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:31 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
4459
last-modified
Wed, 15 Sep 2021 15:16:19 GMT
server
nginx/1.17.9
etag
"f35a7640c370df4985851ce84f74c9bf"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Sep 2051 17:19:55 GMT
93294dd1fc3b158d9a16.js
yastatic.net/partner-code-bundles/43709/ 		1 MB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/43709/93294dd1fc3b158d9a16.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.216 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
f14820501394b3cde0acd1e3da24c4fcb18cce0711d6aa3d6941d1165f29c9d8
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:31 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
206968
last-modified
Wed, 15 Sep 2021 15:16:19 GMT
server
nginx/1.17.9
etag
"3ec2dfd874f0a17cf7080d349aec4d1e"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Sep 2051 17:19:55 GMT
ec416f7994eefc64a307.js
yastatic.net/partner-code-bundles/43709/ 		337 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/43709/ec416f7994eefc64a307.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.216 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
e79cb8354354203b78995e651affce182a5436d02ae9eb7a1ab159caf7bb6bc0
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:31 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
62567
last-modified
Wed, 15 Sep 2021 15:16:19 GMT
server
nginx/1.17.9
etag
"708f48154de333f0179c0207cf4870db"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Sep 2051 17:19:55 GMT
1
mc.yandex.com/watch/48953915/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/48953915/1?page-url=https%3A%2F%2Fask.fm%2Flycrastraw05&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A644%3Acn%3A1%3Adp%3A1%3Als%3A802044181640%3Ahid%3A168314377%3Az%3A0%3Ai%3A202109190104431%3Aet%3A1632048272%3Ac%3A1%3Arn%3A912228862%3Arqn%3A2%3Au%3A1632048269587269209%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1632048267662%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C2038%2C2038%2C9%2C%3Adsn%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C2038%2C2038%2C9%2C%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1632048272
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:31 GMT
last-modified
Sun, 19-Sep-2021 10:44:31 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 19-Sep-2021 10:44:31 GMT
652294
an.yandex.ru/meta/ 		219 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/meta/652294?target-ref=https%3A%2F%2Fask.fm%2Flycrastraw05&charset=utf-8&pcode-test-ids=415820%2C0%2C68%3B416238%2C0%2C45%3B419406%2C0%2C4%3B415472%2C0%2C84%3B416749%2C0%2C69%3B416351%2C0%2C87%3B420898%2C0%2C98%3B420017%2C0%2C66&pcode-flags-map=%7B%22FEATURE_TOGGLE_FLAG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22386182%22%7D%5D%2C%22UNILOADER_BLACKLIST_RE%22%3A%5B%7B%22value%22%3A%5B%22secretmag.ru%22%2C%22passion.ru%22%2C%22rambler.ru%22%2C%22moslenta.ru%22%2C%22lenta.ru%22%2C%22letidor.ru%22%2C%22gazeta.ru%22%2C%22eda.ru%22%2C%22championat.com%22%2C%22motor.ru%22%2C%22afisha.ru%22%2C%22wmj.ru%22%2C%22quto.ru%22%2C%22livejournal.com%22%2C%22ferra.ru%22%5D%2C%22testId%22%3A%22391067%22%7D%5D%2C%22ADAPTIVE_AVITO_HYPHENS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22415820%22%7D%5D%2C%22REMOVE_ADAPTIVE_SETTINGS_TITLE_COLOR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22416238%22%7D%5D%2C%22REMOVE_ADAPTIVE_SETTINGS_URL_COLOR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22416238%22%7D%5D%2C%22REMOVE_ADAPTIVE_SETTINGS_HEADER_COLOR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416238%22%7D%5D%2C%22REMOVE_ADAPTIVE_SETTINGS_HOVER_COLOR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22416238%22%7D%5D%2C%22REMOVE_ADAPTIVE_SETTINGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416238%22%7D%5D%2C%22REMOVE_ADAPTIVE_SETTINGS_SITE_COLOR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22416238%22%7D%5D%2C%22REMOVE_ADAPTIVE_SETTINGS_TEXT_COLOR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22416238%22%7D%5D%2C%22REMOVE_ADAPTIVE_SETTINGS_SITE_BG_COLOR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22416238%22%7D%5D%2C%22IGNORE_SSR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22419406%22%7D%5D%2C%22TURN_OFF_LONG_SESSIONS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22415472%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22416749%22%7D%5D%2C%22ZEN_FORMAT_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22USE_PUNY_DOMAIN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22416749%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22416749%22%7D%5D%2C%22ZEN_REDESIGN_TOUCH_CARD%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22FIX_IMAGES_CALCULATIONS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22416351%22%7D%5D%2C%22MARGINS_FOR_LAZY_INIT_EXP%22%3A%5B%7B%22value%22%3A3%2C%22testId%22%3A%22420898%22%7D%5D%2C%22MARGINS_FOR_LAZY_INIT%22%3A%5B%7B%22value%22%3A%7B%22mobile%22%3A%22100%25%200px%22%2C%22desktop%22%3A%2250%25%200px%22%7D%2C%22testId%22%3A%22420898%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2243709%22%2C%22testId%22%3A%22420017%22%7D%5D%7D&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=9477715891632048271&duid=MTYzMjA0ODI2OTU4NzI2OTIwOQ%3D%3D&imp-id=1&enable-flat-highlight=1&test-tag=385396005404674&ad-session-id=3005321632048271741&target-id=76614790&tga-with-creatives=1&pcode-version=43709&pcodever=43709&flash-ver=0&available-width=432&available-height=243&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.9%2C%22w%22%3A432%2C%22h%22%3A243%2C%22width%22%3A432%2C%22height%22%3A243%2C%22visible%22%3A0%2C%22left%22%3A584%2C%22top%22%3A1217%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&uniformat=true&callback=Ya%5B1515222575597%5D
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
213.180.204.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
4407d50fe9dd3fa2e45359583e5f432d822b9758c75ff1d75f42f72325b89e86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:31 GMT
content-encoding
gzip
last-modified
Sun, 19 Sep 2021 10:44:31 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1632048271790337-1818719333885189195200583-production-app-host-vla-pcode-126
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 19 Sep 2021 10:44:31 GMT
i
vid-io-cle.springserve.com/vd/ Frame 723C 		0
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=0e665a40&ps_id=487310&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_44854a27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.128.15.210 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-128-15-210.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ask.fm
date
Sun, 19 Sep 2021 10:44:32 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
track
aktrack.pubmatic.com/ Frame 723C 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1632048271&wa=0&e=96&ier=901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:31 GMT
content-length
0
content-type
text/html
652294
mc.yandex.com/watch/ 		295 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/652294?wmode=7&page-url=https%3A%2F%2Fask.fm%2Flycrastraw05&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A644%3Acn%3A2%3Adp%3A1%3Als%3A591589251095%3Ahid%3A168314377%3Az%3A0%3Ai%3A202109190104431%3Aet%3A1632048272%3Ac%3A1%3Arn%3A147257556%3Au%3A1632048269587269209%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1632048267662%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1632048272%3At%3AAccount%20Suspended%20-%20Ask.fm
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
1b5ca07e3e40d9393a33ba07118ae2f0ce8af6614a16fec48661ee00ea9da486
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 19-Sep-2021 10:44:31 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
295
x-xss-protection
1; mode=block
expires
Sun, 19-Sep-2021 10:44:31 GMT
652294
an.yandex.ru/meta/ 		219 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/meta/652294?target-ref=https%3A%2F%2Fask.fm%2Flycrastraw05&charset=utf-8&pcode-test-ids=415820%2C0%2C68%3B416238%2C0%2C45%3B419406%2C0%2C4%3B415472%2C0%2C84%3B416749%2C0%2C69%3B416351%2C0%2C87%3B420898%2C0%2C98%3B420017%2C0%2C66&pcode-flags-map=%7B%22FEATURE_TOGGLE_FLAG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22386182%22%7D%5D%2C%22UNILOADER_BLACKLIST_RE%22%3A%5B%7B%22value%22%3A%5B%22secretmag.ru%22%2C%22passion.ru%22%2C%22rambler.ru%22%2C%22moslenta.ru%22%2C%22lenta.ru%22%2C%22letidor.ru%22%2C%22gazeta.ru%22%2C%22eda.ru%22%2C%22championat.com%22%2C%22motor.ru%22%2C%22afisha.ru%22%2C%22wmj.ru%22%2C%22quto.ru%22%2C%22livejournal.com%22%2C%22ferra.ru%22%5D%2C%22testId%22%3A%22391067%22%7D%5D%2C%22ADAPTIVE_AVITO_HYPHENS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22415820%22%7D%5D%2C%22REMOVE_ADAPTIVE_SETTINGS_TITLE_COLOR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22416238%22%7D%5D%2C%22REMOVE_ADAPTIVE_SETTINGS_URL_COLOR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22416238%22%7D%5D%2C%22REMOVE_ADAPTIVE_SETTINGS_HEADER_COLOR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416238%22%7D%5D%2C%22REMOVE_ADAPTIVE_SETTINGS_HOVER_COLOR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22416238%22%7D%5D%2C%22REMOVE_ADAPTIVE_SETTINGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416238%22%7D%5D%2C%22REMOVE_ADAPTIVE_SETTINGS_SITE_COLOR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22416238%22%7D%5D%2C%22REMOVE_ADAPTIVE_SETTINGS_TEXT_COLOR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22416238%22%7D%5D%2C%22REMOVE_ADAPTIVE_SETTINGS_SITE_BG_COLOR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22416238%22%7D%5D%2C%22IGNORE_SSR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22419406%22%7D%5D%2C%22TURN_OFF_LONG_SESSIONS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22415472%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22416749%22%7D%5D%2C%22ZEN_FORMAT_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22USE_PUNY_DOMAIN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22416749%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22416749%22%7D%5D%2C%22ZEN_REDESIGN_TOUCH_CARD%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22FIX_IMAGES_CALCULATIONS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22416351%22%7D%5D%2C%22MARGINS_FOR_LAZY_INIT_EXP%22%3A%5B%7B%22value%22%3A3%2C%22testId%22%3A%22420898%22%7D%5D%2C%22MARGINS_FOR_LAZY_INIT%22%3A%5B%7B%22value%22%3A%7B%22mobile%22%3A%22100%25%200px%22%2C%22desktop%22%3A%2250%25%200px%22%7D%2C%22testId%22%3A%22420898%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2243709%22%2C%22testId%22%3A%22420017%22%7D%5D%7D&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=9477715891632048271&duid=MTYzMjA0ODI2OTU4NzI2OTIwOQ%3D%3D&imp-id=2&enable-flat-highlight=1&test-tag=385396005404674&ad-session-id=3005321632048271741&target-id=71710278&tga-with-creatives=1&pcode-version=43709&pcodever=43709&flash-ver=0&available-width=432&available-height=243&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.9%2C%22w%22%3A432%2C%22h%22%3A243%2C%22width%22%3A432%2C%22height%22%3A243%2C%22visible%22%3A0%2C%22left%22%3A584%2C%22top%22%3A1217%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A0%2C%22req_no%22%3A1%7D&uniformat=true&callback=Ya%5B1819274049652%5D
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
213.180.204.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
083f85cc994986db209b861917187fe1a7cfa2f00b92dab083e65c96fcf1def1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:32 GMT
content-encoding
gzip
last-modified
Sun, 19 Sep 2021 10:44:32 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1632048272011199-1303205176632403627900383-production-app-host-vla-pcode-24
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 19 Sep 2021 10:44:32 GMT
1
mc.yandex.com/watch/652294/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/652294/1?page-url=https%3A%2F%2Fask.fm%2Flycrastraw05&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A747%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A644%3Acn%3A2%3Adp%3A1%3Als%3A591589251095%3Ahid%3A168314377%3Az%3A0%3Ai%3A202109190104432%3Aet%3A1632048272%3Ac%3A1%3Arn%3A349910138%3Arqn%3A1%3Au%3A1632048269587269209%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1632048267662%3Ads%3A0%2C330%2C275%2C1%2C0%2C0%2C%2C97%2C4%2C2038%2C2038%2C9%2C706%3Adsn%3A0%2C330%2C275%2C1%2C0%2C0%2C%2C100%2C3%2C2038%2C2038%2C9%2C707%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1632048272
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:32 GMT
last-modified
Sun, 19-Sep-2021 10:44:32 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 19-Sep-2021 10:44:32 GMT
652294
mc.yandex.com/watch/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/652294?page-url=https%3A%2F%2Fask.fm%2Flycrastraw05&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A644%3Acn%3A2%3Adp%3A1%3Als%3A591589251095%3Ahid%3A168314377%3Az%3A0%3Ai%3A202109190104432%3Aet%3A1632048272%3Ac%3A1%3Arn%3A166849892%3Arqn%3A2%3Au%3A1632048269587269209%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1632048267662%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1632048272%3At%3AAccount%20Suspended%20-%20Ask.fm
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:32 GMT
last-modified
Sun, 19-Sep-2021 10:44:32 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 19-Sep-2021 10:44:32 GMT
Cookie set vpaid
moevideo.biz/embed/ Frame A80B 		32 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/vpaid?token=aJfn%2B3ZiwaILh2VwXgVNdGMpjxfzoF1hMSaTwZ32RDxZTfanUc%2FF7RBy05EillCa&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Flycrastraw05&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1709
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1709/vpaid/vpaid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.5 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f22.moevideo.net
Software
nginx / PHP/5.5.38
Resource Hash
56b7d95bd2490a0efc934576c70d90f0f20ca5c7a9fa73f8d3039270cc06bd57

Request headers

Host
moevideo.biz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ask.fm/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

Server
nginx
Date
Sun, 19 Sep 2021 10:44:32 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.5.38
Set-Cookie
mvuid=5ffeda0c9201bc2a2204;expires=Mon, 19-Sep-2022 13:44:32 GMT;Max-Age=31536000;path=/;SameSite=None mvsid=4ad20550-e132-4097-8259-d34b88eec1ca;path=/;SameSite=None
X-My-Adv-Time
0.00205302238464
Expires
Thu, 19 Feb 1998 13:24:18 GMT
Last-Modified
Sun, 19 Sep 2021 10:44:32 GMT
Cache-Control
max-age=0
Pragma
no-cache
X-Mv-TryCache
0
X-My-App-Time
0.014
X-Mv-Embed-Version
1373
X-My-Name
s41
X-My-Reqtime
0.100
Content-Encoding
gzip
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.128.41 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 19 Sep 2021 10:44:32 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame 7517 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.38 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Sun, 19 Sep 2021 10:44:32 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
jstracer
an.yandex.ru/ 		2 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/jstracer
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
213.180.204.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
2
x-xss-protection
1; mode=block
styles.css
moevideo.biz/embed/player/1709/skins/gray/ Frame A80B 		54 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/player/1709/skins/gray/styles.css
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=aJfn%2B3ZiwaILh2VwXgVNdGMpjxfzoF1hMSaTwZ32RDxZTfanUc%2FF7RBy05EillCa&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Flycrastraw05&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1709
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.5 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f22.moevideo.net
Software
nginx /
Resource Hash
8981b7634262efb2ccddde3aaf691c544eb2e2a9f95fe7f7976d6574a14999e4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/embed/vpaid?token=aJfn%2B3ZiwaILh2VwXgVNdGMpjxfzoF1hMSaTwZ32RDxZTfanUc%2FF7RBy05EillCa&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Flycrastraw05&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1709
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 19 Sep 2021 10:44:32 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Sep 2021 10:18:41 GMT
Server
nginx
X-My-Name
s46
ETag
W/"61446b81-d99f"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
X-My-Reqtime
0.094
mvplayer.min.js
moevideo.biz/embed/player/1709/ Frame A80B 		580 KB
580 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/player/1709/mvplayer.min.js
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=aJfn%2B3ZiwaILh2VwXgVNdGMpjxfzoF1hMSaTwZ32RDxZTfanUc%2FF7RBy05EillCa&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Flycrastraw05&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1709
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.5 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f22.moevideo.net
Software
nginx /
Resource Hash
9317a9cd57258303a024b21f948fed0f30cd76fc3a0ec40df519366fa6acf54c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/embed/vpaid?token=aJfn%2B3ZiwaILh2VwXgVNdGMpjxfzoF1hMSaTwZ32RDxZTfanUc%2FF7RBy05EillCa&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Flycrastraw05&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1709
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 19 Sep 2021 10:44:32 GMT
Last-Modified
Fri, 17 Sep 2021 10:19:43 GMT
Server
nginx
X-My-Name
s20
ETag
"61446bbf-90fbc"
Content-Type
application/javascript
Content-Length
593852
Connection
keep-alive
Accept-Ranges
bytes
X-My-Reqtime
0.094
set
playreplay.me/api/cookie/ Frame A80B 		0
332 B 		Script
General
Check archive.org
Download Go to
Full URL
https://playreplay.me/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%225ffeda0c9201bc2a2204%22},{%22key%22:%22mvsid%22,%22value%22:%224ad20550-e132-4097-8259-d34b88eec1ca%22}]
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=aJfn%2B3ZiwaILh2VwXgVNdGMpjxfzoF1hMSaTwZ32RDxZTfanUc%2FF7RBy05EillCa&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Flycrastraw05&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1709
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.52 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 19 Sep 2021 10:44:32 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
X-My-Reqtime
0.090
set
thesame.tv/api/cookie/ Frame A80B 		0
332 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thesame.tv/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%225ffeda0c9201bc2a2204%22},{%22key%22:%22mvsid%22,%22value%22:%224ad20550-e132-4097-8259-d34b88eec1ca%22}]
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=aJfn%2B3ZiwaILh2VwXgVNdGMpjxfzoF1hMSaTwZ32RDxZTfanUc%2FF7RBy05EillCa&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Flycrastraw05&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1709
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.191 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 19 Sep 2021 10:44:33 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
X-My-Reqtime
0.089
set
moevideo.biz/api/cookie/ Frame A80B 		0
332 B 		Script
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%225ffeda0c9201bc2a2204%22},{%22key%22:%22mvsid%22,%22value%22:%224ad20550-e132-4097-8259-d34b88eec1ca%22}]
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=aJfn%2B3ZiwaILh2VwXgVNdGMpjxfzoF1hMSaTwZ32RDxZTfanUc%2FF7RBy05EillCa&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Flycrastraw05&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1709
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.5 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f22.moevideo.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/embed/vpaid?token=aJfn%2B3ZiwaILh2VwXgVNdGMpjxfzoF1hMSaTwZ32RDxZTfanUc%2FF7RBy05EillCa&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Flycrastraw05&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1709
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 19 Sep 2021 10:44:33 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
X-My-Reqtime
0.086
set
cs-0.moevideo.biz/api/cookie/ Frame A80B 		0
332 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cs-0.moevideo.biz/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%225ffeda0c9201bc2a2204%22},{%22key%22:%22mvsid%22,%22value%22:%224ad20550-e132-4097-8259-d34b88eec1ca%22}]
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=aJfn%2B3ZiwaILh2VwXgVNdGMpjxfzoF1hMSaTwZ32RDxZTfanUc%2FF7RBy05EillCa&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Flycrastraw05&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1709
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.162.23 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 19 Sep 2021 10:44:32 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
X-My-Reqtime
0.001
set
playreplay.net/api/cookie/ Frame A80B 		0
332 B 		Script
General
Check archive.org
Download Go to
Full URL
https://playreplay.net/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%225ffeda0c9201bc2a2204%22},{%22key%22:%22mvsid%22,%22value%22:%224ad20550-e132-4097-8259-d34b88eec1ca%22}]
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=aJfn%2B3ZiwaILh2VwXgVNdGMpjxfzoF1hMSaTwZ32RDxZTfanUc%2FF7RBy05EillCa&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Flycrastraw05&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1709
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.42 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 19 Sep 2021 10:44:33 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
X-My-Reqtime
0.086
ad
v.lkqd.net/ Frame 7A2A 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Flycrastraw05&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=87853167&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.147 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
5df1f24192de52924611853a60854ef1e0086e6f5fb893522ec8081614f6642e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:32 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1413
vpaid.js
ad.lkqd.net/vpaid/ Frame 2338 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:32 GMT
content-encoding
gzip
last-modified
Mon, 10 May 2021 16:09:54 GMT
etag
"18431b5d583ab7507824ab63424fc76a"
x-hw
1632048272.cds017.fr8.hn,1632048272.cds107.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62012
storage.html
moe.video/ Frame 200B 		0
0
truncated
/ Frame A80B 		313 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6add357eb64adef558f956767816927de0b8be69dd7a8f50953a0f79ee20daee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
usync.html
ad.lkqd.net/cookie-sync/ Frame 87D3 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
cookie
lkqdidts=1632048269; sr99=1||1632048269; sr103=1||1632048269; lkqdid=Ooizg53MgUw; sr94=1|3575105492101173848|1632048269; sr59=1|CAESEOYE-hvigrhK2JcEMDv5LTw|1632048269; sr102=1|da939857-8493-49f0-9a8e-0e27f15610e8|1632048269; sr6=1||1632048269; sr23=1||1632048269; sr45=1||1632048269; sr55=1||1632048269; sr76=1||1632048269; sr80=1||1632048269; sr86=1||1632048269; sr22=1|e6d21897-77c4-4383-9f0a-fc391dcd53d0|1632048269; sr25=1|03030001_6147148de301c|1632048270; sr7=1|RX-0afc7e10-ea87-479b-a08c-cdacc41f2960-003|1632048270; sr12=1|309b7fe6-7282-4794-81be-0bd85dd04cb6|1632048270; sr52=1|YUcUjQACtM9MRQAR|1632048270; sr43=1|309b7fe6-7282-4794-81be-0bd85dd04cb6|1632048270; sr46=1|309b7fe6-7282-4794-81be-0bd85dd04cb6|1632048270; sr53=1|2gEDIch4uyZM|1632048270; sr39=1|2929066073851811149|1632048270; sr90=1|4c_ff0adb9d-f533-4871-baac-494f3e9d14cc|1632048270; sr97=1|ed2b088e-c783-4afa-979f-b886e4a939b8-6147148c-5553|1632048270; sr85=1|18072662189313244133|1632048270; sr93=1|rdyLQCDWQitXDViO_ljYldiDct8|1632048270
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 19 Sep 2021 10:44:32 GMT
content-encoding
gzip
content-length
1868
content-type
text/html
last-modified
Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges
bytes
etag
"81f08e6987a7c8675462207e3514d72e"
cache-control
public, max-age=1209600
x-hw
1632048272.cds017.fr8.hn,1632048272.cds226.fr8.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Flycrastraw05&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=87853167&m=&rtv=1&thost=ask.fm
Protocol
H2
Server
146.20.132.147 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 19 Sep 2021 10:44:32 GMT
content-length
0
access-control-allow-origin
https://ask.fm
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
ad
v.lkqd.net/ Frame 2338 		65 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Flycrastraw05&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=87853167&m=&rtv=1&thost=ask.fm
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.147 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
da9a72780fd88f39ec5f4723b3a92be503c670efc54bd8e7c7a53949a540e743

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 19 Sep 2021 10:44:33 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
5008
optad360.js
serving.stat-rock.com/player/ 		307 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serving.stat-rock.com/player/optad360.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.120.254 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
dec9b1658814521902f86d8ba736b2e32de4fc3642069815e0a7d852f0ca9383

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:32 GMT
content-encoding
gzip
last-modified
Mon, 06 Sep 2021 07:45:44 GMT
server
nginx
etag
W/"6135c728-4caf3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=600
prebid
ib.adnxs.com/ut/v3/ 		19 B
847 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:32 GMT
X-Proxy-Origin
216.131.114.223; 216.131.114.223; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
e35657df-f9a8-4cd8-aeab-6ea327f6d821
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
adx.adform.net/adx/ 		5 B
534 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTgwMjYyMCZ0cmFuc2FjdGlvbklkPWI0ZTU4ZWJjLTZiY2UtNDI2Mi1hZTkxLWE5Yzc1YmFkOTMyNyZyY3VyPVBMTg%3D%3D&pt=gross&stid=39201ec7-fe7d-47a9-8b7b-89c96d8e53c7&gdpr=0&gdpr_consent=undefined&fd=1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:33 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
prebid
ib.adnxs.com/ut/v3/ 		19 B
847 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:32 GMT
X-Proxy-Origin
216.131.114.223; 216.131.114.223; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
f2d402b2-25bb-4f49-ac86-5880015734f4
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
t
t.lkqd.net/ Frame 9F7E 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.38 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Sun, 19 Sep 2021 10:44:33 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.128.41 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 19 Sep 2021 10:44:33 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
48953915
mc.yandex.com/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=2&wv-hit=168314377&page-url=https%3A%2F%2Fask.fm%2Flycrastraw05&rn=580219798&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1632048273%3Aw%3A1600x1200%3Av%3A644%3Az%3A0%3Ai%3A202109190104433%3Au%3A1632048269587269209%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1632048273
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:33 GMT
last-modified
Sun, 19-Sep-2021 10:44:33 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 19-Sep-2021 10:44:33 GMT
truncated
/ 		630 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
Cookie set lycrastraw05
ask.fm/ 		12 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ask.fm/lycrastraw05
Requested by
Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/optad360.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.138.77.145 , Latvia, ASN395754 (ASK-FM, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
55f994f7cd2a144b83066c1142cf02cbed5c3e8d339e95aa44f741a7e31f4ca4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://ask.fm/lycrastraw05
Cookie
locale=de; uuid=95477300-0821-400f-8ddc-c005e63ddea4; country=DE; _m_ask_fm_session=aGR4allLcTBQbmRxUSt4MnVpSnE1WlBqakNWUjhaMTBjQ0JNbkNvRlVwSUpraEttbEpaTkhNZFJUVXpRWExiWGZQK2ZPdGI5eGpEdW52dXlZNVZJa01oUFJzRm5IOElRM3hseW1DRTlHL3VPSFRFZnl6ODVtRnJvMVkwWWRmZisyQUxBWHNva2JtK1NZeUV5cEg0VmJRK1JmRi9jc2hMSXVuVTZCVm1va3dua2h4aUUyWmdHQkVrQndqdU1mcFBDQkhuT0pqUzU3V29na2dzVHA3ZEhUODBtbEptem1PS1Aza05uc1hSMnZXQ3RaMUhranNxTU5kNmRIb1BzMVpoTS0tSE44dVJaV1UvRFlxSmdGelRWemovUT09--9a6505ae3fd032f43b0d596793ed134678b81628; _ym_uid=1632048269587269209; _ym_d=1632048269; _ym_isad=2; _ym_visorc=w; _awl=2.1632048269.0.4-65866f0c-fc335a5051c222e5f3001831151a5eca-6763652d6575726f70652d7765737431-6147148d-0; _ga=GA1.2.1900948922.1632048270; _gid=GA1.2.1978203435.1632048270; _gat_UA-12308109-15=1; _pbjs_userid_consent_data=6683316680106290; cto_bidid=0_XjB19IcHp3OEs5U2VLcmtnNk5vY0w2S25yM3BHeTljTHI4ODNsdTNVdlpZOWZBUHg0UndZVm9RWEZJQ254a21PYTV0MlZtdG9DaDA4TXZFYUMyRTRwRmdJdyUzRCUzRA; cto_bundle=vX9qPF9BQ1c1UDglMkY2cEdObkoyeVA3eGJGTjhSUDlrWUJydjI3eXVBJTJCTXFqb3c3N3FqeDI0d05XTDZRWHBJWEdtYUJFNnFsR2V0eEJsSmlaZHB2ZHBtbTl6bUUyY3NPSFVNYmRZNGxsNUI0Y2wyZkklM0Q; freewheel-detected-bandwidth=781
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/lycrastraw05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 19 Sep 2021 10:44:33 GMT
X-Content-Type-Options
nosniff
Server
Ask.FM Web Service
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=63072000
Content-Type
text/html; charset=utf-8
Status
410 Gone
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Security-Policy
frame-ancestors 'self' https://askfm.adspirit.de
Set-Cookie
locale=de; path=/; expires=Mon, 19 Sep 2022 16:44:33 GMT _m_ask_fm_session=OFd5UVhkdVkxYzBrRWtWQ0F3UWN0Y1lNVFVSRjJDYnpySTQvaUtxSDJramNYOVZYZjR5dUYxTy92cXlQcEVhdmJJdXEyLzdXSTFxWHhSc3VxMHZvbmI0T2xuNkhGMWRlajdhNVFhSWx2QUFiY051SFM0MUNyOTJjNS85SjAxTU5aSFRhUVV0MytjMUFlTG5SS1NySEhwQlF1NjR6QnBXa1h6RDI2YWtmMENBVlRXWnY2UkZCLytnT0ZpZW9Dc25HakQySmZQVzlNclQvRnNyZytRZ1RMcDk3S2tOMUFSbmZ6bnVZVEtnK21kd0Z2c3B1dytsc1RLc05meDJWS0lpai0tV0JWZ3BVTFc2SGZuSDZ3ekV6Q1ZqZz09--3ccfcd1979483c73976fac146c99bff988462122; path=/; expires=Wed, 22 Sep 2021 10:44:33 GMT; secure; HttpOnly
X-XSS-Protection
1; mode=block
1
serving.stat-rock.com/v1/log/js/ 		35 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1632048273244.821&type=INIT&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Flycrastraw05&t=246&v=96&width=528&z=p%3Adf%3Bv%3AinView%3B&r=0.8904962220890962
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.120.254 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Sun, 19 Sep 2021 10:44:33 GMT
srvf
144.76.120.254
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
1
serving.stat-rock.com/v1/log/js/ 		35 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1632048273244.821&type=REQUEST&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Flycrastraw05&t=251&v=96&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.24651739935517147
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.120.254 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Sun, 19 Sep 2021 10:44:33 GMT
srvf
144.76.120.254
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHuEXTfdKx9AY=
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHuEXTfdKx9AY=?cb=1874170799&pageUrl=https%3A%2F%2Fask.fm%2Flycrastraw05&duration=&id=&title=&url=&pi.width=400&pi.height=225&pi...
  • https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHuEXTfdKx9AY=?cb=1874170799&pageUrl=https%3A%2F%2Fask.fm%2Flycrastraw05&duration=&id=&title=&url=&pi.width=400&pi.height=225&pi.vie...
249 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHuEXTfdKx9AY=?cb=1874170799&pageUrl=https%3A%2F%2Fask.fm%2Flycrastraw05&duration=&id=&title=&url=&pi.width=400&pi.height=225&pi.viewable=1&eov=eov&scpid=54345&hp=1&a.y_rid=ef842351-55b8-4d25-be40-492241ba44ec&a.is_yahoo=3&redirect_y=dHM9MTYzMjA0ODI3MzI5MC40NzkwMDQ6dXVpZD0iMjE2NTg3MDYxNzM0OTUxOTIwX19USU1FX18yMDIxLTA5LTE5KzAzJTNBNDQlM0EzMCI6YXBpZD1WQTkxNzU2NjIxLTE5MzYtMTFlYy1iNjZjLTA2OGNhOTNmMWI3MzpyZXF1ZXN0X2lkPWVmODQyMzUxLTU1YjgtNGQyNS1iZTQwLTQ5MjI0MWJhNDRlYw==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.33.143 -, , ASN (),
Reverse DNS
Software
ATS/7.1.2.138 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:33 GMT
content-encoding
gzip
server
ATS/7.1.2.138
Age
0
content-type
text/xml
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0

Redirect headers

strict-transport-security
max-age=31536000
server
adaptv/1.0
access-control-allow-origin
https://ask.fm
content-type
text/plain
location
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHuEXTfdKx9AY=?cb=1874170799&pageUrl=https%3A%2F%2Fask.fm%2Flycrastraw05&duration=&id=&title=&url=&pi.width=400&pi.height=225&pi.viewable=1&eov=eov&scpid=54345&hp=1&a.y_rid=ef842351-55b8-4d25-be40-492241ba44ec&a.is_yahoo=3&redirect_y=dHM9MTYzMjA0ODI3MzI5MC40NzkwMDQ6dXVpZD0iMjE2NTg3MDYxNzM0OTUxOTIwX19USU1FX18yMDIxLTA5LTE5KzAzJTNBNDQlM0EzMCI6YXBpZD1WQTkxNzU2NjIxLTE5MzYtMTFlYy1iNjZjLTA2OGNhOTNmMWI3MzpyZXF1ZXN0X2lkPWVmODQyMzUxLTU1YjgtNGQyNS1iZTQwLTQ5MjI0MWJhNDRlYw==
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
0
245554
search.spotxchange.com/vast/2.0/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/245554?VPAID=JS&content_page_url=https%3A%2F%2Fask.fm%2Flycrastraw05&cb=846745091&player_width=400&player_height=225&regs[gdpr]=0&device[geo][lat]=32.7889&device[geo][lon]=-96.8021&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C12506562284512096039809195546%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 19 Sep 2021 10:44:33 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000408
X-SpotX-Timing-SpotMarket
0.008368
X-SpotX-Timing-Page-Mux
0.000239
X-SpotX-Timing-Page-Require
0.000338
X-fe
064
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000006
Content-Length
77
X-SpotX-Timing-Page
0.011988
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000312
Last-Modified
Sun, 19 Sep 2021 10:44:33 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.008368
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://ask.fm
X-SpotX-Timing-Page-Misc
0.002307
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000009
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
709 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=&_fw_gdpr=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C12020624684512096039809195546,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.142.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-142-210.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:33 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1632048273142055-422
Expires
Sun, 19 Sep 2021 10:44:33 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C802563514512096039809195546,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.142.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-142-210.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
18d4e2d053781366c1da2922b86ae1d48fe4321a03d6e36fc9b27f0048d19d5c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:33 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1154
x-sticky-vk
1632048273279025-338
Expires
Sun, 19 Sep 2021 10:44:33 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
709 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7480737&_fw_us_privacy=&_fw_gdpr=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C45120960398091955461195271697,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.142.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-142-210.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:33 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1632048273284006-396
Expires
Sun, 19 Sep 2021 10:44:33 GMT
/
adx.adform.net/adx/ 		65 B
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=971292&t=2&url=https%3A%2F%2Fask.fm%2Flycrastraw05
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:33 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
x.vindicosuite.com/ 		0
0
13502463
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/13502463?schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C4512096039809195546124387679,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.142.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-142-210.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c95c9de23ec8d59b17e6ec15bf45ead215753dd7a4944e735dfc3dec6bfe50b0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:33 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1158
x-sticky-vk
1632048273278009-334
Expires
Sun, 19 Sep 2021 10:44:33 GMT
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1705485577&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Flycrastraw05&eov=eov&pi.width=400&pi...
  • https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1705485577&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Flycrastraw05&eov=eov&pi.width=400&pi.hei...
249 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1705485577&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Flycrastraw05&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=0b3245fb-a994-4d68-bffe-7e809b900348&a.is_yahoo=3&redirect_y=dHM9MTYzMjA0ODI3MzI4Ni4yMzA3MTM6dXVpZD0iMjE2NTg3MDYxNzM0OTUxOTIwX19USU1FX18yMDIxLTA5LTE5KzAzJTNBNDQlM0EzMCI6YXBpZD1WQTkxNzU2NjIxLTE5MzYtMTFlYy1iNjZjLTA2OGNhOTNmMWI3MzpyZXF1ZXN0X2lkPTBiMzI0NWZiLWE5OTQtNGQ2OC1iZmZlLTdlODA5YjkwMDM0OA==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.33.143 -, , ASN (),
Reverse DNS
Software
ATS/7.1.2.138 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:33 GMT
content-encoding
gzip
server
ATS/7.1.2.138
Age
0
content-type
text/xml
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0

Redirect headers

strict-transport-security
max-age=31536000
server
adaptv/1.0
access-control-allow-origin
https://ask.fm
content-type
text/plain
location
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1705485577&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Flycrastraw05&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=0b3245fb-a994-4d68-bffe-7e809b900348&a.is_yahoo=3&redirect_y=dHM9MTYzMjA0ODI3MzI4Ni4yMzA3MTM6dXVpZD0iMjE2NTg3MDYxNzM0OTUxOTIwX19USU1FX18yMDIxLTA5LTE5KzAzJTNBNDQlM0EzMCI6YXBpZD1WQTkxNzU2NjIxLTE5MzYtMTFlYy1iNjZjLTA2OGNhOTNmMWI3MzpyZXF1ZXN0X2lkPTBiMzI0NWZiLWE5OTQtNGQ2OC1iZmZlLTdlODA5YjkwMDM0OA==
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
0
connectmyusers.php
cdn.connectad.io/ Frame BA40 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.8.174 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
cdn.connectad.io
:scheme
https
:path
/connectmyusers.php?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ask.fm/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

date
Sun, 19 Sep 2021 10:44:33 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
referrer-policy
same-origin
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6912382d4cd92788-PRG
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
onetag-sys.com/usync/ Frame E66C 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1632048272932
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?cb=1632048272932
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ask.fm/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
/
onetag-sys.com/usync/ Frame 7F98 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1632048270340
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?cb=1632048270340
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ask.fm/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame 5C65 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ask.fm/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=7552174661885202278
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Fri, 17 Sep 2021 04:50:42 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Sun, 19 Sep 2021 10:44:33 GMT
Age
21227
X-Served-By
cache-lga21981-LGA, cache-hhn4050-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 393247
X-Timer
S1632048274.513444,VS0,VE0
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame C5B8 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ask.fm/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=7552174661885202278
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Fri, 17 Sep 2021 04:50:42 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Sun, 19 Sep 2021 10:44:33 GMT
Age
21227
X-Served-By
cache-lga21981-LGA, cache-hhn4050-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 393246
X-Timer
S1632048274.510832,VS0,VE0
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame B331 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ask.fm/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Sun, 19 Sep 2021 10:44:33 GMT
Content-Length
1151
Connection
keep-alive
apacdex
sync.quantumdex.io/usersync/ Frame 7866 		3 KB
896 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.42.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d400777b87e1784e51ba483bcf3e30e93b0ed42ee11d704389a90622011fd88e

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/apacdex
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ask.fm/
accept-encoding
gzip, deflate, br
cookie
uid=0f7a9dff-7ff4-47e6-a817-faf34a9be68c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

date
Sun, 19 Sep 2021 10:44:33 GMT
content-type
text/html
set-cookie
uid=0f7a9dff-7ff4-47e6-a817-faf34a9be68c; expires=Sat, 09 Oct 2021 10:44:33 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6912382d595027b8-PRG
content-encoding
gzip
sspmatch-iframe
ads.betweendigital.com/ Frame 7094 		657 B
836 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
823270c5174fb48d3cd9a170169cf2c48db77e3ce73928e726dc5cd8d2dc0570

Request headers

:method
GET
:authority
ads.betweendigital.com
:scheme
https
:path
/sspmatch-iframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ask.fm/
accept-encoding
gzip, deflate, br
cookie
dc=was1; tuuid=9e892092-e903-5306-ad7d-a9bfcc3abd31; ut=YUcUjgAFmZjeaY2wNpwe-IjdJFxxltoP6SinDQ==; ss=1; unm=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
set-cookie
unm=; Max-Age=0; Expires=Sun, 19 Sep 2021 10:44:33 GMT; Path=/; SameSite=None; Secure
content-length
657
/
onetag-sys.com/usync/ 		0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?tag=img
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
Cookie set lycrastraw05
ask.fm/ 		12 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ask.fm/lycrastraw05
Requested by
Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/optad360.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.138.77.145 , Latvia, ASN395754 (ASK-FM, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
963142571d0dc1b6b3a83146d5fb74450bbfad0a53fbf7ecca79d7e6eca67b66
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://ask.fm/lycrastraw05
Cookie
locale=de; uuid=95477300-0821-400f-8ddc-c005e63ddea4; country=DE; _ym_uid=1632048269587269209; _ym_d=1632048269; _ym_isad=2; _ym_visorc=w; _awl=2.1632048269.0.4-65866f0c-fc335a5051c222e5f3001831151a5eca-6763652d6575726f70652d7765737431-6147148d-0; _ga=GA1.2.1900948922.1632048270; _gid=GA1.2.1978203435.1632048270; _gat_UA-12308109-15=1; _pbjs_userid_consent_data=6683316680106290; cto_bidid=0_XjB19IcHp3OEs5U2VLcmtnNk5vY0w2S25yM3BHeTljTHI4ODNsdTNVdlpZOWZBUHg0UndZVm9RWEZJQ254a21PYTV0MlZtdG9DaDA4TXZFYUMyRTRwRmdJdyUzRCUzRA; cto_bundle=vX9qPF9BQ1c1UDglMkY2cEdObkoyeVA3eGJGTjhSUDlrWUJydjI3eXVBJTJCTXFqb3c3N3FqeDI0d05XTDZRWHBJWEdtYUJFNnFsR2V0eEJsSmlaZHB2ZHBtbTl6bUUyY3NPSFVNYmRZNGxsNUI0Y2wyZkklM0Q; freewheel-detected-bandwidth=781; _m_ask_fm_session=OFd5UVhkdVkxYzBrRWtWQ0F3UWN0Y1lNVFVSRjJDYnpySTQvaUtxSDJramNYOVZYZjR5dUYxTy92cXlQcEVhdmJJdXEyLzdXSTFxWHhSc3VxMHZvbmI0T2xuNkhGMWRlajdhNVFhSWx2QUFiY051SFM0MUNyOTJjNS85SjAxTU5aSFRhUVV0MytjMUFlTG5SS1NySEhwQlF1NjR6QnBXa1h6RDI2YWtmMENBVlRXWnY2UkZCLytnT0ZpZW9Dc25HakQySmZQVzlNclQvRnNyZytRZ1RMcDk3S2tOMUFSbmZ6bnVZVEtnK21kd0Z2c3B1dytsc1RLc05meDJWS0lpai0tV0JWZ3BVTFc2SGZuSDZ3ekV6Q1ZqZz09--3ccfcd1979483c73976fac146c99bff988462122
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/lycrastraw05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 19 Sep 2021 10:44:33 GMT
X-Content-Type-Options
nosniff
Server
Ask.FM Web Service
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=63072000
Content-Type
text/html; charset=utf-8
Status
410 Gone
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Security-Policy
frame-ancestors 'self' https://askfm.adspirit.de
Set-Cookie
locale=de; path=/; expires=Mon, 19 Sep 2022 16:44:33 GMT _m_ask_fm_session=ZFF4WUVpWGpvUjhkbFBMM3FsdzJEUUdacmI0NG5YZ2t4WUZ6UGJtUDhrbGFnTlB4bG5QZk9yZWNoSGVkdHRTU25xZ0VTSTQ2eWhpTzRhWGxGZTBJN2NielVkVHB4RlJlZndtSWt4a3BvS3NrN1lxWTlvNFpZNElyMXFSM29OWnJBeGhVU0hFclhWMmVPUWlrb0MvNjJCcXlkeDhhbVU2Z05Fb252TmpKa0NSK3pORlEvSGNIWU0rYXd2SEp3dVl1d1JhMlovY2dZYkFpWkNKR1ExZlc3bjhKYXFPc1lQYnZvVHRiVzJwSjVjcU1iZjB0eWxjWWFzN29XZ0Y3L2tLVS0tclMzVlFlQVZFNjdvZXBwT0FDazBkQT09--aad2561c361d263bb99afad677762687b0a349e0; path=/; expires=Wed, 22 Sep 2021 10:44:33 GMT; secure; HttpOnly
X-XSS-Protection
1; mode=block
1
serving.stat-rock.com/v1/log/js/ 		35 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?d=1&id=1632048273244.821&type=REQUEST&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Flycrastraw05&t=513&v=96&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.9190178738484931
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.120.254 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Sun, 19 Sep 2021 10:44:33 GMT
srvf
144.76.120.254
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
async_usersync
ib.adnxs.com/ Frame C5B8 		0
735 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:33 GMT
X-Proxy-Origin
216.131.114.223; 216.131.114.223; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
f9c711dc-9622-4d1d-b37c-dd6895d405a7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 5C65 		0
735 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:33 GMT
X-Proxy-Origin
216.131.114.223; 216.131.114.223; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
0e473f37-9d44-4503-b21e-600d628bdf4b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame F871
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
dd115917de8a98164ba85453d9a5e474f9549825cf2897df7bf66b0a343b1906

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Cookie
CMID=YUcUkdb7XbajWacn3am5dQAA; CMPS=3194
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|45|230|39|206|196|5|109
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1575
Expires
Sun, 19 Sep 2021 10:44:33 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:33 GMT
Connection
keep-alive
Set-Cookie
CMID=YUcUkdb7XbajWacn3am5dQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 19 Sep 2022 10:44:33 GMT CMPS=3194;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 18 Dec 2021 10:44:33 GMT CMPRO=1168;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 18 Dec 2021 10:44:33 GMT CMRUM3=056147149105a0&6d6147149105a0&c46147149105a0&ce6147149105a0&f16147149105a0&2d6147149105a0&27614714910b40&e6614714912760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 19 Sep 2022 10:44:33 GMT CMST=YUcUkWFHFJEA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 20 Sep 2021 10:44:33 GMT

Redirect headers

Server
Apache
Content-Length
329
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Sun, 19 Sep 2021 10:44:33 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:33 GMT
Connection
keep-alive
Set-Cookie
CMID=YUcUkdb7XbajWacn3am5dQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 19 Sep 2022 10:44:33 GMT CMPS=3194;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 18 Dec 2021 10:44:33 GMT
match
ads.betweendigital.com/ Frame 7094
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=309b7fe6-7282-4794-81be-0bd85dd04cb6
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=309b7fe6-7282-4794-81be-0bd85dd04cb6
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=4480dc6e-fe87-44d5-acba-ccec77bf627e&ssp=between&expires=30&user_group=5&bsw_param=309b7fe6-7282-4794-81be-0bd85dd04cb6
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=309b7fe6-7282-4794-81be-0bd85dd04cb6
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=309b7fe6-7282-4794-81be-0bd85dd04cb6
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=309b7fe6-7282-4794-81be-0bd85dd04cb6
Date
Sun, 19 Sep 2021 10:44:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
match
ads.betweendigital.com/ Frame 7094
Redirect Chain
  • https://px.adhigh.net/p/cm/btw
  • https://px.adhigh.net/p/cm/btw?bounced=1
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=u7b3omNlOKAR.AikABlF7_ahZmQ
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=u7b3omNlOKAR.AikABlF7_ahZmQ
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:33 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f12-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=u7b3omNlOKAR.AikABlF7_ahZmQ
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
match
ads.betweendigital.com/ Frame 7094
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true
  • https://ads.betweendigital.com/match?bidder_id=114&external_user_id=031335c8d552ed242f81a912
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=031335c8d552ed242f81a912
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Date
Sun, 19 Sep 2021 10:44:33 GMT
Server
nginx
Location
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=031335c8d552ed242f81a912
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
match
ads.betweendigital.com/ Frame 7094
Redirect Chain
  • https://sync.bumlam.com/?src=bw1&uid=9e892092-e903-5306-ad7d-a9bfcc3abd31
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiRqZyKBlIFvp7KygpiJDllODkyMDkyLWU5MDMtNTMwNi1hZDdkLWE5YmZjYzNhYmQzMQ**
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiRqZyKBlIFvp7KygpiJDllODkyMDkyLWU5MDMtNTMwNi1hZDdkLWE5YmZjYzNhYmQzMaIBEJOrCjgZNhHspukAJZDIJDc*
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQABiRqZyKBmIkOWU4OTIwOTItZTkwMy01MzA2LWFkN2QtYTliZmNjM2FiZDMxogEQk6sKOBk2Eeym6QAlkMgkNw**
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQARiRqZyKBmIkOWU4OTIwOTItZTkwMy01MzA2LWFkN2QtYTliZmNjM2FiZDMxogEQk6sKOBk2Eeym6QAlkMgkNw**
  • https://ads.betweendigital.com/match?bidder_id=18&external_user_id=93ab0a38-1936-11ec-a6e9-002590c82437
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=93ab0a38-1936-11ec-a6e9-002590c82437
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Date
Sun, 19 Sep 2021 10:44:33 GMT
Server
nginx
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=93ab0a38-1936-11ec-a6e9-002590c82437
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
bidder_18.html
cache.betweendigital.com/code/ Frame 8CD7 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cache.betweendigital.com/code/bidder_18.html?USER_ID=9e892092-e903-5306-ad7d-a9bfcc3abd31&CACHEBUSTER=75751
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.236.71.19 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad

Request headers

:method
GET
:authority
cache.betweendigital.com
:scheme
https
:path
/code/bidder_18.html?USER_ID=9e892092-e903-5306-ad7d-a9bfcc3abd31&CACHEBUSTER=75751
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.betweendigital.com/
accept-encoding
gzip, deflate, br
cookie
dc=was1; tuuid=9e892092-e903-5306-ad7d-a9bfcc3abd31; ut=YUcUjgAFmZjeaY2wNpwe-IjdJFxxltoP6SinDQ==; ss=1; unm=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/

Response headers

server
nginx
date
Sun, 19 Sep 2021 10:44:33 GMT
content-type
text/html
last-modified
Tue, 08 Jun 2021 15:45:03 GMT
etag
W/"60bf907f-ee9"
content-encoding
gzip
dcm
s.amazon-adsystem.com/ Frame F871
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YUcUkdb7XbajWacn3am5dQAABJAAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YUcUkdb7XbajWacn3am5dQAABJAAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YUcUkdb7XbajWacn3am5dQAABJAAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:33 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
48CYG9GV9AGWYRXRX07W
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:33 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
A33JY4F32N26GDZZAZZT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YUcUkdb7XbajWacn3am5dQAABJAAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame F871
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YUcUkdb7XbajWacn3am5dQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDFqeTomoQ_Ymc15KsMqfa4&google_cver=1&gdpr=1
43 B
999 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDFqeTomoQ_Ymc15KsMqfa4&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:33 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 19 Sep 2021 10:44:33 GMT

Redirect headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDFqeTomoQ_Ymc15KsMqfa4&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame F871
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YUcUkdb7XbajWacn3am5dQAABJAAAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPxZmSt5ln91K5Y64jMoYN4&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPxZmSt5ln91K5Y64jMoYN4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:33 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 19 Sep 2021 10:44:33 GMT

Redirect headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPxZmSt5ln91K5Y64jMoYN4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame F871 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:33 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
ups.analytics.yahoo.com/ups/55940/ Frame F871 		0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YUcUkdb7XbajWacn3am5dQAABJAAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 19 Sep 2021 10:44:33 GMT
Server
ATS/7.1.2.138
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame F871
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:33 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 19 Sep 2021 10:44:33 GMT

Redirect headers

date
Sun, 19 Sep 2021 10:44:33 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
ix
ad4m.at/ad/sim/ Frame F871 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.192.29 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame F871
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=407174d116544d388dfede98d8164bc5&expiration=1634640273
43 B
1004 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=407174d116544d388dfede98d8164bc5&expiration=1634640273
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:33 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 19 Sep 2021 10:44:33 GMT

Redirect headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:32 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=407174d116544d388dfede98d8164bc5&expiration=1634640273
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
clear
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame F871 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YUcUkdb7XbajWacn3am5dQAA%261168
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 19 Sep 2021 10:44:33 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2536
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sun, 19 Sep 2021 11:26:49 GMT
ed2b088e-c783-4afa-979f-b886e4a939b8-6147148c-5553
sync.1rx.io/usersync3/centro/2064/ Frame 7866
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F2064%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=7691283569
  • https://sync.1rx.io/usersync3/centro/2064/ed2b088e-c783-4afa-979f-b886e4a939b8-6147148c-5553?zcc=0&sspret=1&rndcb=7691283569
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync3/centro/2064/ed2b088e-c783-4afa-979f-b886e4a939b8-6147148c-5553?zcc=0&sspret=1&rndcb=7691283569
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:33 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
server
Tengine
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:32 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.1rx.io/usersync3/centro/2064/ed2b088e-c783-4afa-979f-b886e4a939b8-6147148c-5553?zcc=0&sspret=1&rndcb=7691283569
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
setuid
sync.quantumdex.io/ Frame 7866
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-iGxdz7pE2uHWgo0kMiaXFqhCrdu83ZBQFLHeaHk-~A
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-iGxdz7pE2uHWgo0kMiaXFqhCrdu83ZBQFLHeaHk-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.42.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:33 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6912382e8b1527b8-PRG
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Sun, 19 Sep 2021 10:44:33 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-iGxdz7pE2uHWgo0kMiaXFqhCrdu83ZBQFLHeaHk-~A
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 7866
Redirect Chain
  • https://ms.quantumdex.io/user/sync/quantumdex
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=9359d251-acf6-449e-aa1f-7a3ab56ed05e
43 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=9359d251-acf6-449e-aa1f-7a3ab56ed05e
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.42.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:34 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6912382fcca927b8-PRG
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=9359d251-acf6-449e-aa1f-7a3ab56ed05e
date
Sun, 19 Sep 2021 10:44:33 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6912382e5abf27b8-PRG
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
setuid
sync.quantumdex.io/ Frame 7866
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7552174661885202278
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7552174661885202278
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.42.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:33 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6912382e8aff27b8-PRG
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:33 GMT
X-Proxy-Origin
216.131.114.223; 216.131.114.223; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
d9009834-513d-4785-b30e-8017491083a5
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7552174661885202278
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 7866
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=VA91756621-1936-11ec-b66c-068ca93f1b73
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=VA91756621-1936-11ec-b66c-068ca93f1b73
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=VA91756621-1936-11ec-b66c-068ca93f1b73
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.42.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:33 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6912382e8b1827b8-PRG
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Sun, 19 Sep 2021 10:44:33 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=VA91756621-1936-11ec-b66c-068ca93f1b73
Connection
keep-alive
Content-Length
0
1.gif
id5-sync.com/c/495/0/0/ Frame 7866
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.21.8 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 19 Sep 2021 10:44:29 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

Location
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Date
Sun, 19 Sep 2021 10:44:29 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame 7866
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
  • https://sync.quantumdex.io/setuid?bidder=sonobi&uid=4f993473-8b2c-4562-8833-87e9f4dbf18f
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sonobi&uid=4f993473-8b2c-4562-8833-87e9f4dbf18f
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.42.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:33 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6912382f6c4427b8-PRG
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:33 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://sync.quantumdex.io/setuid?bidder=sonobi&uid=4f993473-8b2c-4562-8833-87e9f4dbf18f
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame 7866
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7552174661885202278
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7552174661885202278
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.42.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:33 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6912382f4c1827b8-PRG
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:33 GMT
X-Proxy-Origin
216.131.114.223; 216.131.114.223; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
ed01e509-3d20-4000-842c-137132986a01
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7552174661885202278
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 7866
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=bf08edc6-a639-45b6-b095-52d4eb2b8e3a
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=bf08edc6-a639-45b6-b095-52d4eb2b8e3a
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.42.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:33 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6912382f4c1a27b8-PRG
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=bf08edc6-a639-45b6-b095-52d4eb2b8e3a
date
Sun, 19 Sep 2021 10:44:33 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame 7866
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=031335c8d552ed242f81a912
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=031335c8d552ed242f81a912
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.42.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:33 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6912382f6c4127b8-PRG
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Sun, 19 Sep 2021 10:44:33 GMT
Server
nginx
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=031335c8d552ed242f81a912
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 12F2 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
cd73ff1a854f93431baaa2191591aa037ea1ab208078f86a5470cae07a4a8f2e

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Cookie
CMID=YUcUkdb7XbajWacn3am5dQAA; CMPS=3194; CMPRO=1168; CMRUM3=056147149105a0&6d6147149105a0&c46147149105a0&ce6147149105a0&f16147149105a0&2d6147149105a0&27614714910b40&e6614714912760; CMST=YUcUkWFHFJEA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
73|46|4|3|31|241|39|88
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1696
Expires
Sun, 19 Sep 2021 10:44:33 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:33 GMT
Connection
keep-alive
Set-Cookie
CMID=YUcUkdb7XbajWacn3am5dQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 19 Sep 2022 10:44:33 GMT CMPS=3194;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 18 Dec 2021 10:44:33 GMT CMPRO=1168;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 18 Dec 2021 10:44:33 GMT CMRUM3=2e6147149105a0&1f6147149105a00&046147149105a0&036147149105a0&27614714910b40&e6614714912760&2d6147149105a0&f16147149105a0&496147149105a0&c46147149105a0&ce6147149105a0&6d6147149105a0&056147149105a0&586147149105a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 19 Sep 2022 10:44:33 GMT
Cookie set uc.html
sync.go.sonobi.com/ Frame 2B42 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 -, , ASN (),
Reverse DNS
Software
sonobi-go /
Resource Hash
c7052bd1173e8ef3b04b05dd298b283423c047d91085df7332b0c804db5003ff
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Date
Sun, 19 Sep 2021 10:44:33 GMT
Content-Type
text/html
Content-Length
813
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
X-Xss-Protection
0
Content-Encoding
gzip
Set-Cookie
__uqc=1; expires=Sun, 19 Sep 2021 12:44:33 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uis=82fcd8ef-9100-4893-8d59-9f3243213f28; expires=Tue, 19 Oct 2021 10:44:33 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uir_td=1; expires=Mon, 20 Sep 2021 10:44:33 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uir_bw=1; expires=Sun, 19 Sep 2021 18:44:33 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uir_mm=1; expires=Mon, 04 Oct 2021 10:44:33 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uir_pp=1; expires=Sat, 02 Oct 2021 10:44:33 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uir_zt=1; expires=Sat, 02 Oct 2021 10:44:33 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uin_bp=1; expires=Mon, 20 Sep 2021 10:44:33 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uir_bp=1; expires=Sun, 19 Sep 2021 20:20:33 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uir_rx=1; expires=Mon, 04 Oct 2021 10:44:33 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uin_i5=1; expires=Sun, 19 Sep 2021 11:44:33 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uir_i5=1; expires=Sun, 19 Sep 2021 11:08:33 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uin_iq=1; expires=Sun, 19 Sep 2021 22:44:33 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uir_iq=1; expires=Sun, 19 Sep 2021 15:32:33 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uir_eb=1; expires=Sat, 02 Oct 2021 10:44:33 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uir_so=1; expires=Sat, 02 Oct 2021 10:44:33 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uin_tp=1; expires=Sun, 19 Sep 2021 11:44:33 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uir_tp=1; expires=Sun, 19 Sep 2021 11:08:33 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None HAPLB5S=s57129|YUcUl; path=/; domain=.go.sonobi.com
Server
sonobi-go
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 75C0 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=F6956387-2234-4DCC-A664-B7F021559DFF; chkChromeAb67Sec=1; DPSync3=1633219200%3A201_197_219%7C1632096000%3A174; SyncRTB3=1633219200%3A7_3_13_161_56_220_21_54%7C1633305600%3A35%7C1632614400%3A223; KRTBCOOKIE_57=22776-7552174661885202278; PugT=1632048270; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEB-ARIe0ebetWzlRQn5HYCE&KRTB&16514-CAESEB-ARIe0ebetWzlRQn5HYCE&KRTB&23025-CAESEB-ARIe0ebetWzlRQn5HYCE; KRTBCOOKIE_27=16735-uid:c4ee6147-148f-4400-bd1b-c0137ae18172&KRTB&16736-uid:c4ee6147-148f-4400-bd1b-c0137ae18172&KRTB&23019-uid:c4ee6147-148f-4400-bd1b-c0137ae18172&KRTB&23114-uid:c4ee6147-148f-4400-bd1b-c0137ae18172; KRTBCOOKIE_377=6810-e6d21897-77c4-4383-9f0a-fc391dcd53d0&KRTB&22918-e6d21897-77c4-4383-9f0a-fc391dcd53d0&KRTB&23031-e6d21897-77c4-4383-9f0a-fc391dcd53d0; SPugT=1632048270; KRTBCOOKIE_391=22924-6236202188917376246&KRTB&23263-6236202188917376246; KRTBCOOKIE_336=5844-2010685131617161665; pp=156498; PMDTSHR=cat:
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=57783
expires
Mon, 20 Sep 2021 02:47:36 GMT
date
Sun, 19 Sep 2021 10:44:33 GMT
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 9EA6 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
PugMaster
image6.pubmatic.com/AdServer/ Frame 75C0 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=49938560&p=156498&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
62d7a0f570edf5ea1708c9ecbc4664bd33231397af1fe86c422844795fd1f9f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
2026
content-type
text/html; charset=UTF-8
1
serving.stat-rock.com/v1/log/js/ 		35 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1632048273244.821&type=OPPORTUNITY&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Flycrastraw05&t=782&v=96&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.7142684524585172
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.120.254 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Sun, 19 Sep 2021 10:44:33 GMT
srvf
144.76.120.254
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
1
serving.stat-rock.com/v1/log/js/ 		35 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?d=1&id=1632048273244.821&type=OPPORTUNITY&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Flycrastraw05&t=783&v=96&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.4680617052586611
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.120.254 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Sun, 19 Sep 2021 10:44:33 GMT
srvf
144.76.120.254
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
p
sb.scorecardresearch.com/ 		64 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=37648&ns_st_ec=1&ns_st_cn=1&ns_st_ev=end&ns_st_ct=va&ns_st_cl=0&ns_st_pt=0&c3=vidoomynet&c4=&c6=&ns_ts=1632048273
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-12.fra6.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:33 GMT
via
1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
MLsxLeMxITgXu1s74rXvZXB16RVN1fIgi37nRnrLA2zvMClTdCRHQg==
YUcUkdb7XbajWacn3am5dQAABJAAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 12F2 		43 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YUcUkdb7XbajWacn3am5dQAABJAAAAIB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.176 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
pr-bh-ing.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:33 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
getuid
secure.adnxs.com/ Frame 12F2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 12F2
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3575105492101173848
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3575105492101173848
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:33 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 19 Sep 2021 10:44:33 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3575105492101173848
pragma
no-cache
date
Sun, 19 Sep 2021 10:44:33 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 12F2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=a4566147-148f-4800-8abb-b8d07b7d6973&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=a4566147-148f-4800-8abb-b8d07b7d6973&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:33 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 19 Sep 2021 10:44:33 GMT

Redirect headers

Date
Sun, 19 Sep 2021 10:44:33 GMT
Server
MT3 3944 2bcb57b master cdg-pixel-x30 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=a4566147-148f-4800-8abb-b8d07b7d6973&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 19 Sep 2021 10:44:32 GMT
noop
px.owneriq.net/ Frame 12F2
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6853346731919031008&uid=Q6853346731919031008&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.21.100 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 19 Sep 2021 10:44:33 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Sun, 19 Sep 2021 10:44:33 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
dcm
s.amazon-adsystem.com/ Frame 12F2
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YUcUkdb7XbajWacn3am5dQAABJAAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YUcUkdb7XbajWacn3am5dQAABJAAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YUcUkdb7XbajWacn3am5dQAABJAAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:34 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
2SPYF7KTSGY903X5JAYZ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:33 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
K8ANAQWKA7E2WVRNGTY5
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YUcUkdb7XbajWacn3am5dQAABJAAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 12F2 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:33 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 12F2 		85 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:33 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1632048274.811102,VS0,VE93
x-served-by
cache-fra19169-FRA
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/png
content-length
85
x-cache-hits
0
setuid
sync.quantumdex.io/ Frame 12F2 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YUcUkdb7XbajWacn3am5dQAABJAAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.42.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:34 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6912382f5c2e27b8-PRG
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
Pug
simage2.pubmatic.com/AdServer/ Frame 069D
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7009593958061176981
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7009593958061176981
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7009593958061176981
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=F6956387-2234-4DCC-A664-B7F021559DFF; KRTBCOOKIE_57=22776-7552174661885202278; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEB-ARIe0ebetWzlRQn5HYCE&KRTB&16514-CAESEB-ARIe0ebetWzlRQn5HYCE&KRTB&23025-CAESEB-ARIe0ebetWzlRQn5HYCE; KRTBCOOKIE_27=16735-uid:c4ee6147-148f-4400-bd1b-c0137ae18172&KRTB&16736-uid:c4ee6147-148f-4400-bd1b-c0137ae18172&KRTB&23019-uid:c4ee6147-148f-4400-bd1b-c0137ae18172&KRTB&23114-uid:c4ee6147-148f-4400-bd1b-c0137ae18172; KRTBCOOKIE_377=6810-e6d21897-77c4-4383-9f0a-fc391dcd53d0&KRTB&22918-e6d21897-77c4-4383-9f0a-fc391dcd53d0&KRTB&23031-e6d21897-77c4-4383-9f0a-fc391dcd53d0; SPugT=1632048270; KRTBCOOKIE_391=22924-6236202188917376246&KRTB&23263-6236202188917376246; KRTBCOOKIE_336=5844-2010685131617161665; pp=156498; PMDTSHR=cat:; chkChromeAb67Sec=2; DPSync3=1633219200%3A227_201_197_219_221_226%7C1634601600%3A232%7C1632096000%3A174; SyncRTB3=1632614400%3A15_223_2%7C1633219200%3A56_55_3_161_54_71_166_7_13_220_21_81_8_22%7C1633305600%3A35%7C1632873600%3A63%7C1634601600%3A203; KRTBCOOKIE_218=22978-YUcUjQACtM9MRQAR&KRTB&23194-YUcUjQACtM9MRQAR&KRTB&23209-YUcUjQACtM9MRQAR&KRTB&23244-YUcUjQACtM9MRQAR; KRTBCOOKIE_153=19420-gRUpjYYQJd-aEHiLj0YwitUQeIiaFn7chhBTKUhF&KRTB&22979-gRUpjYYQJd-aEHiLj0YwitUQeIiaFn7chhBTKUhF; KRTBCOOKIE_22=14911-3575105492101173848; PugT=1632048272
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 19 Sep 2021 10:44:32 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_1101=23040-7009593958061176981; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 19-Oct-2021 10:44:32 GMT; path=/ PugT=1632048272; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 19-Oct-2021 10:44:32 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 18-Dec-2021 10:44:32 GMT; path=/
x-lat
amspug005:0:445
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Sun, 19 Sep 2021 10:44:33 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=7009593958061176981; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7009593958061176981
pm&gdpr=0&gdpr_consent=
match.prod.bidr.io/cookie-sync/ Frame 0E23 		0
111 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.151.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-151-94.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
match.prod.bidr.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Content-Length
0
Connection
keep-alive
setuid
sync.quantumdex.io/ Frame 7FBE 		43 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=F6956387-2234-4DCC-A664-B7F021559DFF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.42.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/setuid?bidder=pubmatic&uid=F6956387-2234-4DCC-A664-B7F021559DFF
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
uid=0f7a9dff-7ff4-47e6-a817-faf34a9be68c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Sun, 19 Sep 2021 10:44:33 GMT
content-type
image/gif
content-length
43
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6912382f7c5b27b8-PRG
Artemis
aud.pubmatic.com/AdServer/ Frame 75C0
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=F6956387-2234-4DCC-A664-B7F021559DFF&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=F6956387-2234-4DCC-A664-B7F021559DFF&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=F6956387-2234-4DCC-A664-B7F021559DFF&addseg=10,33,39
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=F6956387-2234-4DCC-A664-B7F021559DFF&addseg=10,33,39
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.87 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:33 GMT
content-length
43
content-type
text/plain; charset=utf-8

Redirect headers

date
Sun, 19 Sep 2021 10:44:33 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=F6956387-2234-4DCC-A664-B7F021559DFF&addseg=10,33,39
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame 75C0
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=F6956387-2234-4DCC-A664-B7F021559DFF&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F6956387-2234-4DCC-A664-B7F021559DFF&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F6956387-2234-4DCC-A664-B7F021559DFF&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:32 GMT
frontend-id
14
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:32 GMT
frontend-id
4
location
/pubmatic/1/info2?sType=sync&sExtCookieId=F6956387-2234-4DCC-A664-B7F021559DFF&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 75C0 		95 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=F6956387-2234-4DCC-A664-B7F021559DFF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.25.87 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:33 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6912382fc8bf4108-PRG
access-control-allow-headers
*
content-length
95
/
loadm.exelator.com/load/ Frame 75C0
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=71&buid=F6956387-2234-4DCC-A664-B7F021559DFF&gdpr=0&gdpr_consent=&j=0
  • https://loadm.exelator.com/load/?p=204&g=71&buid=F6956387-2234-4DCC-A664-B7F021559DFF&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
0
755 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=71&buid=F6956387-2234-4DCC-A664-B7F021559DFF&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:33 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Sun, 19 Sep 2021 10:44:33 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadm.exelator.com/load/?p=204&g=71&buid=F6956387-2234-4DCC-A664-B7F021559DFF&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
F6956387-2234-4DCC-A664-B7F021559DFF
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 75C0 		43 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/F6956387-2234-4DCC-A664-B7F021559DFF?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.176 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
pr-bh-ing.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:33 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 75C0
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=gRUpjYYQJd-aEHiLj0YwitUQeIiaFn7chhBTKUhF
42 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=gRUpjYYQJd-aEHiLj0YwitUQeIiaFn7chhBTKUhF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:33 GMT
cache-control
no-store, no-cache, private
x-lat
amspug019:0:428
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:33 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=gRUpjYYQJd-aEHiLj0YwitUQeIiaFn7chhBTKUhF
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sync
odr.mookie1.com/t/v2/ Frame 75C0
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=309b7fe6-7282-4794-81be-0bd85dd04cb6&ssp=pubmatic&gdpr=0&gdpr_consent=
43 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=309b7fe6-7282-4794-81be-0bd85dd04cb6&ssp=pubmatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:33 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=309b7fe6-7282-4794-81be-0bd85dd04cb6&ssp=pubmatic&gdpr=0&gdpr_consent=
Date
Sun, 19 Sep 2021 10:44:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 75C0 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=F6956387-2234-4DCC-A664-B7F021559DFF&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.207.16.204 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:33 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 75C0
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YUcUjQACtM9MRQAR&gdpr=0&gdpr_consent=
1 B
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YUcUjQACtM9MRQAR&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:33 GMT
cache-control
no-store, no-cache, private
x-lat
amspug001:0:378
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:33 GMT
via
1.1 varnish
server
Varnish
x-timer
S1632048274.836619,VS0,VE0
x-served-by
cache-fra19169-FRA
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YUcUjQACtM9MRQAR&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame 75C0
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3575105492101173848&gdpr=0&gdpr_consent=&us_privacy=
1 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3575105492101173848&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:32 GMT
cache-control
no-store, no-cache, private
x-lat
amspug006:0:731
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3575105492101173848&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 19 Sep 2021 10:44:33 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
image2.pubmatic.com/AdServer/ Frame 75C0
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=ed2b088e-c783-4afa-979f-b886e4a939b8-6147148c-5553&gdpr=0&gdpr_consent=
42 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=ed2b088e-c783-4afa-979f-b886e4a939b8-6147148c-5553&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:32 GMT
cache-control
no-store, no-cache, private
x-lat
amspug009:0:492
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:32 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=ed2b088e-c783-4afa-979f-b886e4a939b8-6147148c-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 75C0
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:91d1afc0-34b6-4f2e-b5d1-cd4e9c3ec438&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:91d1afc0-34b6-4f2e-b5d1-cd4e9c3ec438&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:33 GMT
cache-control
no-store, no-cache, private
x-lat
amspug010:0:420
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:91d1afc0-34b6-4f2e-b5d1-cd4e9c3ec438&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sun, 19 Sep 2021 10:44:34 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
match
ads.betweendigital.com/ Frame 8CD7
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dbetween%26bsw_param%...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=42f3481193e34a4c9aaa0052f81a14c3&ssp=between&bsw_param=309b7fe6-7282-4794-81be-0bd85dd04cb6&gdpr=&consent=&gdpr_pd=&expires=7
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=309b7fe6-7282-4794-81be-0bd85dd04cb6
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=309b7fe6-7282-4794-81be-0bd85dd04cb6
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=309b7fe6-7282-4794-81be-0bd85dd04cb6
Date
Sun, 19 Sep 2021 10:44:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
us.gif
sync.go.sonobi.com/ Frame 2B42
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=4d443a3ea2&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=e6d21897-77c4-4383-9f0a-fc391dcd53d0&pubid=4d443a3ea2
49 B
931 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=td&nuid=e6d21897-77c4-4383-9f0a-fc391dcd53d0&pubid=4d443a3ea2
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 -, , ASN (),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:33 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:33 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.go.sonobi.com/us.gif?nw=td&nuid=e6d21897-77c4-4383-9f0a-fc391dcd53d0&pubid=4d443a3ea2
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
227
sync
odr.mookie1.com/t/v2/ Frame 2B42
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=309b7fe6-7282-4794-81be-0bd85dd04cb6&ssp=sonobi&gdpr=0&gdpr_consent=
43 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=309b7fe6-7282-4794-81be-0bd85dd04cb6&ssp=sonobi&gdpr=0&gdpr_consent=
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:33 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=309b7fe6-7282-4794-81be-0bd85dd04cb6&ssp=sonobi&gdpr=0&gdpr_consent=
Date
Sun, 19 Sep 2021 10:44:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
us.gif
sync.go.sonobi.com/ Frame 2B42
Redirect Chain
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=a4566147-148f-4800-8abb-b8d07b7d6973
49 B
931 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=a4566147-148f-4800-8abb-b8d07b7d6973
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 -, , ASN (),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:33 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 19 Sep 2021 10:44:33 GMT
Server
MT3 3944 2bcb57b master cdg-pixel-x30 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=a4566147-148f-4800-8abb-b8d07b7d6973
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 19 Sep 2021 10:44:32 GMT
rtset
bh.contextweb.com/bh/ Frame 2B42
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=82fcd8ef-9100-4893-8d59-9f3243213f28&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=THJMWjd3OHVHQnp0OTNQR2tldjVnZw&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEBltiWxCgYZqiJzfyv0ZpKI&google_cver=1
49 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEBltiWxCgYZqiJzfyv0ZpKI&google_cver=1
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
de-DE
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-744485c85b-lskss
expires
-1

Redirect headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEBltiWxCgYZqiJzfyv0ZpKI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
us.gif
sync.go.sonobi.com/ Frame 2B42
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1871878973183544013
49 B
914 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1871878973183544013
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 -, , ASN (),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:33 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1871878973183544013
Date
Sun, 19 Sep 2021 10:44:33 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
insync
thrtle.com/ Frame 2B42
Redirect Chain
  • https://px.britepool.com/sync?p=sonobi&id=82fcd8ef-9100-4893-8d59-9f3243213f28&idtype=GOID&r=int.new.t
  • https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=08c013a4-aef9-4ae2-90f5-ced9e1d513b8
0
0
us.gif
sync.go.sonobi.com/ Frame 2B42
Redirect Chain
  • https://sync.1rx.io/usersync2/sonobi&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F1512%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=21089159
  • https://sync.1rx.io/usersync3/appnexus/1512/7552174661885202278?zcc=0&sspret=1&rndcb=21089159
  • https://sync.targeting.unrulymedia.com/csync/RX-0afc7e10-ea87-479b-a08c-cdacc41f2960-003?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Drhythmxchange%26nuid%3DRX-0afc7e10-ea87-479b-a08c-cda...
  • https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-0afc7e10-ea87-479b-a08c-cdacc41f2960-003
49 B
938 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-0afc7e10-ea87-479b-a08c-cdacc41f2960-003
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 -, , ASN (),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:33 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-0afc7e10-ea87-479b-a08c-cdacc41f2960-003
date
Sun, 19 Sep 2021 10:44:33 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX0afc7e10ea87479ba08ccdacc41f2960003
content-type
text/html
gdpr_consent=
sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/ Frame 2B42
Redirect Chain
  • https://id5-sync.com/s/434/9.gif?puid=82fcd8ef-9100-4893-8d59-9f3243213f28&gdpr=0&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOfz9-6Tqkj5ZToyqZB5_CQzBHk6OyrzeR4JoKwQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F434%2F916%2F8%2F2.gif%3Fpuid%3...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOfz9-6Tqkj5ZToyqZB5_CQzBHk6OyrzeR4JoKwQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F434%2F916%2F8%2F2.gif%3F...
  • https://id5-sync.com/cq/434/916/8/2.gif?puid=299b64fe-b325-4b53-acf2-d0e8df68f841&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F441%2F7%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/434/441/7/3.gif?puid=e_0f3baa1e-3ab5-43ab-92b5-d7a47ffba00f&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOfz9-6Tqkj5ZToyqZB5_CQzBHk6OyrzeR4JoKwQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F434%2F124%2F6%2F4.gif%3Fpuid%3D...
  • https://id5-sync.com/cq/434/124/6/4.gif?puid=299b64fe-b325-4b53-acf2-d0e8df68f841&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F146%2F5%2F5.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F146%2F5%2F5.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F146%2F5%2F5.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/434/146/5/5.gif?puid=87118e62-2909-4f94-9436-2ce91b33752c&gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEPUhFo_47FO243AWp4bycR8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=7552174661885202278&opid=apx&ops=&utidl=tech:goo:CAESEPUhFo_47FO243AWp4bycR8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A20808168499&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00MzQmZm9ybWF0PWdpZiY
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/434/19/3/7.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
0
0
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 2B42 		0
662 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=82fcd8ef-9100-4893-8d59-9f3243213f28
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.49.127 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:34 GMT
via
1.1 d49f413028fbcce32318aa161c4707a1.cloudfront.net (CloudFront)
vary
Origin
x-amz-cf-pop
HEL50-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent
https://www.almondnet.com/ip
pragma
no-cache
server
Apache-Coyote/1.1
access-control-max-age
3600
access-control-allow-methods
POST, GET
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me
x-amz-cf-id
aqwNPN5WGi71AgoYtoTOlojNzpusVhCceZpB6L9iHj6yuLtbJW1j8A==
expires
Thu, 01 Jan 1970 00:00:00 GMT
usg.gif
sync.go.sonobi.com/ Frame 2B42
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=ODJmY2Q4ZWYtOTEwMC00ODkzLThkNTktOWYzMjQzMjEzZjI4
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEFsFE_nARe_dEvtr7Xi3CT4&google_cver=1
49 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEFsFE_nARe_dEvtr7Xi3CT4&google_cver=1
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 -, , ASN (),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Sep 2021 10:44:33 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEFsFE_nARe_dEvtr7Xi3CT4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
info2
uipglob.semasio.net/sonobi/1/ Frame 2B42
Redirect Chain
  • https://uipglob.semasio.net/sonobi/1/info?sType=sync&sExtCookieId=82fcd8ef-9100-4893-8d59-9f3243213f28&sInitiator=external
  • https://uipglob.semasio.net/sonobi/1/info2?sType=sync&sExtCookieId=82fcd8ef-9100-4893-8d59-9f3243213f28&sInitiator=external
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/sonobi/1/info2?sType=sync&sExtCookieId=82fcd8ef-9100-4893-8d59-9f3243213f28&sInitiator=external
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:32 GMT
frontend-id
14
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:32 GMT
frontend-id
4
location
/sonobi/1/info2?sType=sync&sExtCookieId=82fcd8ef-9100-4893-8d59-9f3243213f28&sInitiator=external
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 2B42 		95 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=82fcd8ef-9100-4893-8d59-9f3243213f28
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 10:44:33 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
3c894ceb9fb7c1b0
an.yandex.ru/setud/adsniper/ Frame 8CD7
Redirect Chain
  • https://sync.bumlam.com/?src=aid0
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=93ab0a38-1936-11ec-a6e9-002590c82437
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=93ab0a38-1936-11ec-a6e9-002590c82437&bounce=1
  • https://sync.bumlam.com/?src=aid1&uid=wIQP1t5AYGseMgixBYNtKA&
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=wIQP1t5AYGseMgixBYNtKA&extra2=aidata
  • https://sync3.sniperlog.ru/?src=ggl&extra1=wIQP1t5AYGseMgixBYNtKA&extra2=aidata&google_gid=CAESEO97b7dC2Zs1c8KScirO7hM&google_cver=1
  • https://sync.bumlam.com/?src=ggl&extra1=wIQP1t5AYGseMgixBYNtKA&extra2=aidata&google_gid=CAESEO97b7dC2Zs1c8KScirO7hM&google_cver=1
  • https://an.yandex.ru/setud/adsniper/3c894ceb9fb7c1b0?sign=2949398396
43 B
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/setud/adsniper/3c894ceb9fb7c1b0?sign=2949398396
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
213.180.204.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Sep 2021 10:44:34 GMT
content-encoding
gzip
last-modified
Sun, 19 Sep 2021 10:44:34 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 19 Sep 2021 10:44:34 GMT

Redirect headers

Date
Sun, 19 Sep 2021 10:44:34 GMT
Server
nginx
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
https://an.yandex.ru/setud/adsniper/3c894ceb9fb7c1b0?sign=2949398396
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
usync.html
eus.rubiconproject.com/ Frame 7053
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=9e892092-e903-5306-ad7d-a9bfcc3abd31&CACHEBUSTER=75751
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://cache.betweendigital.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 19 Sep 2021 10:44:34 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Date
Sun, 19 Sep 2021 10:44:34 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
usync.js
eus.rubiconproject.com/ Frame 7053 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fc5a3d8c31f507b556827e1ae6de886d8f3d6fae8f15a34dcfd2c8786abacb0a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 19 Sep 2021 10:44:34 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Sep 2021 15:20:42 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=39857
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9357
Expires
Sun, 19 Sep 2021 21:48:51 GMT
khaos.jpg
token.rubiconproject.com/ Frame 7053 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/jpg
75751
www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 8CD7 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjBlNWEwNDMtNjI4OS02MjhmLTQ3ODMtMWUwOGJhZjNmOWUx
Domain
i.connectad.io
URL
https://i.connectad.io/api/v2
Domain
moe.video
URL
https://moe.video/storage.html?v=08
Domain
x.vindicosuite.com
URL
https://x.vindicosuite.com/?l=560976&t=x&rnd=362691164&u=https%3A%2F%2Fask.fm%2Flycrastraw05&r=https%3A%2F%2Fask.fm%2Flycrastraw05&ip=216.131.114.223&mediaduration=
Domain
thrtle.com
URL
https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=08c013a4-aef9-4ae2-90f5-ced9e1d513b8
Domain
sync.crwdcntrl.net
URL
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/434/19/3/7.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
Domain
www.tns-counter.ru
URL
https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/75751

Verdicts & Comments Add Verdict or Comment

151 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| onbeforexrselect boolean| originAgentCluster function| logError function| $ function| jQuery function| PerfectScrollbar object| Turbolinks function| Cursores object| Utils object| Events object| Browser object| Turbolinkz function| Actions object| Ajax object| Mutex function| Pages object| AjaxUI object| ScrollBar object| AnswerCard object| ProfileTabCounters object| ThreadCounters object| Pager object| Config object| Answers undefined| AskfmAd undefined| Atcomplete undefined| Autofocus object| Flash object| Uploads object| Avatar object| Background object| Form object| Button object| Captcha function| Recaptcha2onLoad object| Checkbox object| ConfirmDialog function| Log object| PositionFixedFocus object| FacebookSharing object| Lightbox object| Yandex object| TrackingGoals object| FormXHR object| Gdpr object| GoogleAnalytics undefined| HoverToActive object| LoginCheck object| MassAsk object| Media object| Notifications object| Offers undefined| Optad360 object| PhotoAnswer object| Photopoll object| PopupCallback object| Pymk object| Pyml object| Questions object| SecretAnswers undefined| ServiceWorkerRemoval object| Stream undefined| Tagcomplete object| Toggle object| Tracking object| UpdatePinger undefined| Viads object| Viewport function| admiral object| googletag function| ym function| 4dm1r11545242527 object| Ya object| yaCounter48953915 function| eHost string| va string| vb string| vc string| vd string| ve string| vf string| vg string| vh string| vi string| vj string| vk string| vl string| vm string| vn string| url function| firePixel function| loadVidPlayers object| lkqdSettings object| vpaidLoader object| lkqd object| mobile_blocked_mfs function| lkqd_http_response function| fbAsyncInit object| dataLayer object| FB object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| AdSlotCollection object| regeneratorRuntime object| pbjs325474 object| gaplugins object| gaGlobal object| gaData object| __uspClient object| __cmpClient function| avPlayer function| viadsClosePlayer object| __oa360ScriptsState boolean| __isGoogleAllowed function| pbjs325474Chunk object| _pbjsGlobals function| JSEncrypt object| ADAGIO object| sas object| apntag object| _ADAGIO object| storageAni string| viPlayerStatus function| Hls object| pcodeJsonp43709ggx1deE1nD number| pr function| AdFox_getCodeScript object| adfoxAsyncParams object| adfoxAsyncParamsScroll object| adfoxAsyncParamsAdaptive object| yaSafeFrameCallbacksStorage boolean| isLoadingSafeframeStarted object| __pcodeAllActiveTestIds object| ya boolean| yandex_context_perf_logging object| layoutConfig object| $sf object| yaSafeFrameAsyncCallbacks object| yaCounter652294 object| mv42220109

155 Cookies

Domain/Path Name / Value
ask.fm/ Name: locale
Value: de
ask.fm/ Name: uuid
Value: 95477300-0821-400f-8ddc-c005e63ddea4
ask.fm/ Name: country
Value: DE
ask.fm/ Name: _m_ask_fm_session
Value: aGR4allLcTBQbmRxUSt4MnVpSnE1WlBqakNWUjhaMTBjQ0JNbkNvRlVwSUpraEttbEpaTkhNZFJUVXpRWExiWGZQK2ZPdGI5eGpEdW52dXlZNVZJa01oUFJzRm5IOElRM3hseW1DRTlHL3VPSFRFZnl6ODVtRnJvMVkwWWRmZisyQUxBWHNva2JtK1NZeUV5cEg0VmJRK1JmRi9jc2hMSXVuVTZCVm1va3dua2h4aUUyWmdHQkVrQndqdU1mcFBDQkhuT0pqUzU3V29na2dzVHA3ZEhUODBtbEptem1PS1Aza05uc1hSMnZXQ3RaMUhranNxTU5kNmRIb1BzMVpoTS0tSE44dVJaV1UvRFlxSmdGelRWemovUT09--9a6505ae3fd032f43b0d596793ed134678b81628
.ask.fm/ Name: _ym_uid
Value: 1632048269587269209
.ask.fm/ Name: _ym_d
Value: 1632048269
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 1183733362fake
.ask.fm/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 3446268362fake
.yandex.com/ Name: yandexuid
Value: 6817285061632048268
.yandex.com/ Name: yuidss
Value: 6817285061632048268
mc.yandex.com/ Name: yabs-sid
Value: 2434893921632048268
.yandex.com/ Name: i
Value: utJW4CmLshJNyPqEm+fSb6HsKjsIgMFaqgFYZzTmAE49VyKkgTfmuWdxlKWZP9ico5nFYfOhx7bEuAPx27NsuVbkn7Q=
.yandex.com/ Name: ymex
Value: 1663584268.yrts.1632048268#1663584268.yrtsi.1632048268
.ask.fm/ Name: _ym_visorc
Value: w
.scorecardresearch.com/ Name: UID
Value: 1FEGALTFLSNN4XEQTP8T0Qg1632048269
.bidswitch.net/ Name: tuuid
Value: 309b7fe6-7282-4794-81be-0bd85dd04cb6
.bidswitch.net/ Name: c
Value: 1632048268
.bidswitch.net/ Name: tuuid_lu
Value: 1632048268
.sitescout.com/ Name: ssi
Value: ed2b088e-c783-4afa-979f-b886e4a939b8#1632048268848
.mookie1.com/ Name: id
Value: 10815253768777033580
.mookie1.com/ Name: mdata
Value: 1|10815253768777033580|1632048268966
.mookie1.com/ Name: ov
Value: d6900e33497b82b1053b2ed1597dca5b
.adsrvr.org/ Name: TDID
Value: e6d21897-77c4-4383-9f0a-fc391dcd53d0
.turn.com/ Name: uid
Value: 3575105492101173848
ads.stickyadstv.com/ Name: UID
Value: 4c50b0259ffd9f3d63c8814f698bab
ads.stickyadstv.com/ Name: sessionId
Value: acc69cd41f2595c757e1cdc9f53fc24
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-0afc7e10-ea87-479b-a08c-cdacc41f2960-003%22%7D
.tapad.com/ Name: TapAd_TS
Value: 1632048269101
.tapad.com/ Name: TapAd_DID
Value: 94c063c7-898c-49fe-a5d3-9b6d9f6b0000
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.lkqd.net/ Name: lkqdidts
Value: 1632048269
.vidoomy.com/ Name: vidoomy-uids
Value: eyJ1aWRzIjp7IkNFTiI6eyJ1aWQiOiJlZDJiMDg4ZS1jNzgzLTRhZmEtOTc5Zi1iODg2ZTRhOTM5YjgtNjE0NzE0OGMtNTU1MyIsImV4cGlyZXMiOjE2MzQ2NDAyNjl9fX0=
.lkqd.net/ Name: sr99
Value: 1||1632048269
.lkqd.net/ Name: sr103
Value: 1||1632048269
.doubleclick.net/ Name: IDE
Value: AHWqTUn_M_s0K-sUEktn8GMLuy1JSH1hQNAzAVhpGT1GPXQGDdka2mmk5h7yC-0T1Tg
.lkqd.net/ Name: lkqdid
Value: Ooizg53MgUw
.lkqd.net/ Name: sr94
Value: 1|3575105492101173848|1632048269
c.deployads.com/ Name: d7s_dc
Value: 44NXSTCJihfs8If-1Mp
.lkqd.net/ Name: sr59
Value: 1|CAESEOYE-hvigrhK2JcEMDv5LTw|1632048269
.krushmedia.com/ Name: krm_r
Value: 57
event.clientgear.com/ Name: mkuuid
Value: mk4cd59ccd-95e9-4820-9fc4-d64b2b56af57
.krushmedia.com/ Name: krm_usr
Value: da939857-8493-49f0-9a8e-0e27f15610e8
.lkqd.net/ Name: sr102
Value: 1|da939857-8493-49f0-9a8e-0e27f15610e8|1632048269
.ask.fm/ Name: _awl
Value: 2.1632048269.0.4-65866f0c-fc335a5051c222e5f3001831151a5eca-6763652d6575726f70652d7765737431-6147148d-0
.ask.fm/ Name: _ga
Value: GA1.2.1900948922.1632048270
.ask.fm/ Name: _gid
Value: GA1.2.1978203435.1632048270
.ask.fm/ Name: _gat_UA-12308109-15
Value: 1
.viadata.store/ Name: viads_uid
Value: 8b1f2123-6d83-4d8f-ad47-06de7104bd67
.lkqd.net/ Name: sr6
Value: 1||1632048269
.lkqd.net/ Name: sr23
Value: 1||1632048269
.lkqd.net/ Name: sr45
Value: 1||1632048269
.lkqd.net/ Name: sr55
Value: 1||1632048269
.lkqd.net/ Name: sr76
Value: 1||1632048269
.lkqd.net/ Name: sr80
Value: 1||1632048269
.lkqd.net/ Name: sr86
Value: 1||1632048269
.sitescout.com/ Name: _ssuma
Value: eyIzIjoxNjMyMDQ4MjY5ODkxLCI0IjoxNjMyMDQ4MjY4OTYzLCIzOSI6MTYzMjA0ODI2ODk2MywiNyI6MTYzMjA0ODI2OTg5MSwiNzUiOjE2MzIwNDgyNjk4OTF9
.openx.net/ Name: i
Value: 4f264cd0-0279-03dc-08b5-8c591436047c|1632048269
.dyntrk.com/ Name: dyn_u
Value: 03030001_6147148de301c
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-0afc7e10-ea87-479b-a08c-cdacc41f2960-003%22%2C%22nxtrdr%22%3Afalse%7D
.openx.net/ Name: v
Value: 1
.openx.net/ Name: pd
Value: v2|1632048269|vN
ask.fm/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.w55c.net/ Name: wfivefivec
Value: cGhfxgCM1MrUjb5
.spotxchange.com/ Name: audience
Value: 915eb6b6-1936-11ec-a36d-191344880006
.w55c.net/ Name: matchbidswitch
Value: 5
ads.stickyadstv.com/ Name: pxId
Value: 7169
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YUcUjQACtM9MRQAR
.lkqd.net/ Name: sr22
Value: 1|e6d21897-77c4-4383-9f0a-fc391dcd53d0|1632048269
.vindicosuite.com/ Name: cup
Value: CAEQ5LnYAzJJIgwIm9gDEJrSuJQMGAEiDAj72gIQmtK4lAwYASIMCPbaAhCa0riUDBgBIgwI79oC%0D%0AEJrSuJQMGAEwADgAQAFY%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FAToAUgBYAIgBAZABAA%3D%3D%0D%0A
.vindicosuite.com/ Name: cug
Value: XigXmSwVyPBanB
.vindicosuite.com/ Name: ct
Value: 1632048269
.lkqd.net/ Name: sr25
Value: 1|03030001_6147148de301c|1632048270
.lkqd.net/ Name: sr7
Value: 1|RX-0afc7e10-ea87-479b-a08c-cdacc41f2960-003|1632048270
.lkqd.net/ Name: sr12
Value: 1|309b7fe6-7282-4794-81be-0bd85dd04cb6|1632048270
.lkqd.net/ Name: sr52
Value: 1|YUcUjQACtM9MRQAR|1632048270
.lkqd.net/ Name: sr43
Value: 1|309b7fe6-7282-4794-81be-0bd85dd04cb6|1632048270
.lkqd.net/ Name: sr46
Value: 1|309b7fe6-7282-4794-81be-0bd85dd04cb6|1632048270
.quantserve.com/ Name: mc
Value: 6147148e-4e18b-0b4e2-2cf14
.advertising.com/ Name: APID
Value: VA91756621-1936-11ec-b66c-068ca93f1b73
.adaptv.advertising.com/ Name: adaptv_unique_user_cookie
Value: "216587061734951920__TIME__2021-09-19+03%3A44%3A30"
.tidaltv.com/ Name: tidal_ttid
Value: 9e53bc2a-b413-4b69-9bb8-aaae9d4067c9
ask.fm/ Name: cto_bidid
Value: 0_XjB19IcHp3OEs5U2VLcmtnNk5vY0w2S25yM3BHeTljTHI4ODNsdTNVdlpZOWZBUHg0UndZVm9RWEZJQ254a21PYTV0MlZtdG9DaDA4TXZFYUMyRTRwRmdJdyUzRCUzRA
ask.fm/ Name: cto_bundle
Value: vX9qPF9BQ1c1UDglMkY2cEdObkoyeVA3eGJGTjhSUDlrWUJydjI3eXVBJTJCTXFqb3c3N3FqeDI0d05XTDZRWHBJWEdtYUJFNnFsR2V0eEJsSmlaZHB2ZHBtbTl6bUUyY3NPSFVNYmRZNGxsNUI0Y2wyZkklM0Q
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 4e382c6300834138
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNrQwByILS3NjQwtjUxMTA0NjIT5DXUNz9whD0yDf8nCvRCleQzNjIwMTCyNzAxMDIwBoxueZNAAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNrQwByILS3NjQwtjUxMTA0NjIT5DXUNz9whD0yDf8nCvRAD8lwZ8JQAAAA
.sabio.us/ Name: sbid
Value: 2929066073851811149
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: 9e892092-e903-5306-ad7d-a9bfcc3abd31
.betweendigital.com/ Name: ut
Value: YUcUjgAFmZjeaY2wNpwe-IjdJFxxltoP6SinDQ==
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: unm
Value: 1
.quantumdex.io/ Name: uid
Value: 0f7a9dff-7ff4-47e6-a817-faf34a9be68c
.adhaven.com/ Name: uid
Value: 4c_ff0adb9d-f533-4871-baac-494f3e9d14cc
.lkqd.net/ Name: sr53
Value: 1|2gEDIch4uyZM|1632048270
.lkqd.net/ Name: sr39
Value: 1|2929066073851811149|1632048270
.lkqd.net/ Name: sr90
Value: 1|4c_ff0adb9d-f533-4871-baac-494f3e9d14cc|1632048270
.yahoo.com/ Name: APID
Value: VA91756621-1936-11ec-b66c-068ca93f1b73
.yahoo.com/ Name: APIDTS
Value: 1632048270
.yahoo.com/ Name: A3
Value: d=AQABBI4UR2ECEP0VKKDMDm3_j9XVJaxqdpEFEgEBAQFmSGFQYQAAAAAA_eMAAA&S=AQAAAhoQyydEL9eibTVqmi8g6JQ
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 7446a4c55e77d3a444e5bfd00942fe4d
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMDcxMUs0STY1TTU3TzFONDExSTVNSksxMLA0MUpLNUlhAIJEd5E%2BEA0FAEp4CjE%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIdBfpA1JQAAAQBQFL"
.lkqd.net/ Name: sr97
Value: 1|ed2b088e-c783-4afa-979f-b886e4a939b8-6147148c-5553|1632048270
.tribalfusion.com/ Name: ANON_ID
Value: aInr6iqkaHbBykt9ZbxaU299A3QRfuU5unUpEb0aHdZaWEVZcFIoXZbTy84ZbIEX7xSVYBUluk3f8
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-addc8b40-20d6-422b-570d-588efe58d895.QafAMSP1ZxZB%2BfKWNaJkN2csBVGiTlpje0eAYOIb%2F5Q
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0-addc8b40-20d6-422b-570d-588efe58d895%24ip%24216.131.114.223.2uq5k9B9s5YCfNe6i0mE7dAI61CGbAooR3ou8gEgWEo
.lkqd.net/ Name: sr85
Value: 1|18072662189313244133|1632048270
ask.fm/ Name: freewheel-detected-bandwidth
Value: 781
ads.stickyadstv.com/ Name: uid-bp-30833
Value: 1
.lkqd.net/ Name: sr93
Value: 1|rdyLQCDWQitXDViO_ljYldiDct8|1632048270
.tidaltv.com/ Name: sync-his
Value: H4sIAAAAAAAAADM0srAwsDI0tNA1NABic2MgbalraGQOAM+F8D4ZAAAA
.viadata.store/ Name: viads_sc
Value: %7B%220%22%3A1632048270%2C%2227%22%3A1632048270%7D
.fwmrm.net/ Name: _uid
Value: "l0772_7009593949438367262"
adx.com.ru/ Name: yabbi-user
Value: 6147148fd41e062455878c0b
ads.stickyadstv.com/ Name: uid-bp-36033
Value: l0772_7009593949438367262
ads.stickyadstv.com/ Name: MRM_UID
Value: l0772_7009593949438367262
ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESECelEJRtQrBrXXwV5-1rZdE
ads.stickyadstv.com/ Name: uid-bp-892
Value: e6d21897-77c4-4383-9f0a-fc391dcd53d0
.dmg.digitaltarget.ru/ Name: viuserid
Value: 2tkW8X7Whe6F37R7H7Ak
.rutarget.ru/ Name: userId
Value: XuNYC8FBLCxC
.adriver.ru/ Name: cid
Value: ABDb3vNV7sw8kFsAdjnVymg
ads.stickyadstv.com/ Name: uid-bp-717
Value: y-KOr2.a5E2oMV1csvKhPsI9quO5ibLLtE5OVYUnZy~A
.adnxs.com/ Name: uuid2
Value: 7552174661885202278
.pubmatic.com/ Name: KADUSERCOOKIE
Value: F6956387-2234-4DCC-A664-B7F021559DFF
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: DPSync3
Value: 1633219200%3A201_197_219%7C1632096000%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1633219200%3A7_3_13_161_56_220_21_54%7C1633305600%3A35%7C1632614400%3A223
ads.stickyadstv.com/ Name: uid-bp-951
Value: 7552174661885202278
.analytics.yahoo.com/ Name: IDSYNC
Value: "17kh~20hm:18z8~20hm"
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwig9-Dqj9n9ORAFGAEgASgCMgsIoO_jl6bZ_TkQBTgBWghwdWJtYXRpY2AC
.simpli.fi/ Name: suid
Value: B7238F1912B2474FA0315CC16C36FD0B
.mathtag.com/ Name: uuid
Value: a4566147-148f-4800-8abb-b8d07b7d6973
.onaudience.com/ Name: cookie
Value: c760b2aa09d3a3e7
.onaudience.com/ Name: done_redirects109
Value: 1
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-7552174661885202278
.pubmatic.com/ Name: PugT
Value: 1632048270
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEB-ARIe0ebetWzlRQn5HYCE&KRTB&16514-CAESEB-ARIe0ebetWzlRQn5HYCE&KRTB&23025-CAESEB-ARIe0ebetWzlRQn5HYCE
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:c4ee6147-148f-4400-bd1b-c0137ae18172&KRTB&16736-uid:c4ee6147-148f-4400-bd1b-c0137ae18172&KRTB&23019-uid:c4ee6147-148f-4400-bd1b-c0137ae18172&KRTB&23114-uid:c4ee6147-148f-4400-bd1b-c0137ae18172
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-e6d21897-77c4-4383-9f0a-fc391dcd53d0&KRTB&22918-e6d21897-77c4-4383-9f0a-fc391dcd53d0&KRTB&23031-e6d21897-77c4-4383-9f0a-fc391dcd53d0
.pubmatic.com/ Name: SPugT
Value: 1632048270
ads.stickyadstv.com/ Name: uid-bp-529
Value: a4566147-148f-4800-8abb-b8d07b7d6973
.de17a.com/ Name: guid2
Value: 1.2010685131617161665
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6236202188917376246&KRTB&23263-6236202188917376246
.adform.net/ Name: uid
Value: 1915452342602404608
ads.stickyadstv.com/ Name: uid-bp-617
Value: 1915452342602404608
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-2010685131617161665
.aralego.com/ Name: sspid
Value: cb41bc8c-18dc-3154-af2f-25f494709d00
.pubmatic.com/ Name: pp
Value: 156498
.pubmatic.com/ Name: PMDTSHR
Value: cat:
.yandex.ru/ Name: yandexuid
Value: 6674809351632048271

15 Console Messages

Source Level URL
Text
network error URL: https://ask.fm/lycrastraw05
Message:
Failed to load resource: the server responded with a status of 410 (Gone)
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9401.bPojp0JScTbDiQ_A375aKF8X-dB3VXdGuyIKnQlmekrY69gFrHysaKBSLs_BlL6DmLSMlByXmHuA5WB7V4A2-g%2C%2C.4aPmggkg_abnLJdt9u0tKBdsltM%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript error URL: https://ask.fm/lycrastraw05
Message:
Access to XMLHttpRequest at 'https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjBlNWEwNDMtNjI4OS02MjhmLTQ3ODMtMWUwOGJhZjNmOWUx' (redirected from 'https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fask.fm%2Flycrastraw05&cb=1498346751&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C5532748520917190917957048773,,') from origin 'https://ask.fm' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjBlNWEwNDMtNjI4OS02MjhmLTQ3ODMtMWUwOGJhZjNmOWUx
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://idsync.rlcdn.com/464986.gif?partner_uid=Ooizg53MgUw
Message:
Failed to load resource: the server responded with a status of 451 ()
javascript error URL: https://ask.fm/lycrastraw05
Message:
Access to XMLHttpRequest at 'https://i.connectad.io/api/v2' from origin 'https://ask.fm' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://i.connectad.io/api/v2
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://match.prod.bidr.io/cookie-sync/lkq
Message:
Failed to load resource: the server responded with a status of 503 (Service Unavailable: Back-end server is at capacity)
network error URL: https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 503 (Service Unavailable: Back-end server is at capacity)
network error URL: https://ask.fm/lycrastraw05
Message:
Failed to load resource: the server responded with a status of 410 (Gone)
network error URL: chrome-error://chromewebdata/
Message:
Failed to load resource: the server responded with a status of 403 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://cdn.connectad.io/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
network error URL: https://ask.fm/lycrastraw05
Message:
Failed to load resource: the server responded with a status of 410 (Gone)
network error URL: https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 503 (Service Unavailable: Back-end server is at capacity)
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f2e7.v.fwmrm.net
a.tribalfusion.com
a.vidoomy.com
acdn.adnxs.com
ad.adriver.ru
ad.lkqd.net
ad.turn.com
ad4m.at
ads-eu.v.ssp.yahoo.com
ads.adaptv.advertising.com
ads.aralego.com
ads.betweendigital.com
ads.creative-serving.com
ads.pubmatic.com
ads.stickyadstv.com
ads.vidoomy.com
ads.viralize.tv
adx.adform.net
adx.com.ru
aktrack.pubmatic.com
an.yandex.ru
ap.lijit.com
api.intentiq.com
ask.fm
aud.pubmatic.com
bcp.crwdcntrl.net
bh.contextweb.com
c.deployads.com
c1.adform.net
cache.betweendigital.com
cdn.connectad.io
cdn.jsdelivr.net
cdn.stickyadstv.com
cdn.viadata.store
clientside-video-bidder.rutarget.ru
cm.ctnsnet.com
cm.g.doubleclick.net
cmp.optad360.io
cms.quantserve.com
colossalcoat.com
connect.facebook.net
cs-0.moevideo.biz
cs.krushmedia.com
cs.lkqd.net
d.turn.com
d16vsmxl4d5tw1.cloudfront.net
d3r6ceqp4shltl.cloudfront.net
d5p.de17a.com
dbq8hrmshvuto.cloudfront.net
dis.criteo.com
dmg.digitaltarget.ru
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
event.clientgear.com
get.optad360.io
gu.dyntrk.com
gum.criteo.com
htlb.casalemedia.com
i.connectad.io
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
inv-nets.admixer.net
js-sec.indexww.com
loadm.exelator.com
logs.viadata.store
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mc.yandex.com
mc.yandex.ru
media.sabio.us
moe.video
moevideo.biz
ms.quantumdex.io
mwzeom.zeotap.com
nxd.adhaven.com
odr.mookie1.com
onetag-sys.com
p.rfihub.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.tapad.com
pl.viadata.store
playreplay.me
playreplay.net
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prg.smartadserver.com
pubmatic-match.dotomi.com
px.adhigh.net
px.owneriq.net
rtb-msk-2.viadata.store
rtb.adentifi.com
s.amazon-adsystem.com
s.tribalfusion.com
sb.scorecardresearch.com
script.4dex.io
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
serving.stat-rock.com
simage2.pubmatic.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.bumlam.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.mathtag.com
sync.quantumdex.io
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.tidaltv.com
sync3.adsniper.ru
sync3.sniperlog.ru
t.lkqd.net
tags.bluekai.com
thesame.tv
thrtle.com
token.rubiconproject.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
uscdn.viadata.store
useast.quantumdex.io
v.lkqd.net
viadata.store
vid-io-cle.springserve.com
vid.pubmatic.com
vidoomy-d.openx.net
visitor.fiftyt.com
vpaid.pubmatic.com
vpaid.springserve.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.tns-counter.ru
x.bidswitch.net
x.vindicosuite.com
x01.aidata.io
yastatic.net
cm.g.doubleclick.net
i.connectad.io
moe.video
sync.crwdcntrl.net
thrtle.com
www.tns-counter.ru
x.vindicosuite.com
104.18.12.5
104.18.15.161
104.21.192.29
104.22.25.87
104.90.192.27
104.92.74.8
13.248.242.197
13.32.121.75
142.250.13.157
142.250.185.130
143.204.101.224
144.76.120.254
146.0.227.109
146.20.128.38
146.20.128.41
146.20.132.147
147.75.38.124
151.101.193.229
151.101.194.49
151.101.65.108
151.139.128.11
151.236.71.19
159.253.128.183
172.217.16.136
172.217.16.142
172.67.42.198
172.67.8.174
173.237.60.36
178.154.131.216
178.162.133.149
178.250.0.157
178.250.0.163
178.62.202.251
18.134.84.15
18.159.118.206
18.66.139.111
18.66.97.70
185.15.175.131
185.29.134.248
185.33.221.88
185.33.221.89
185.64.189.110
185.64.189.114
185.64.190.75
185.64.190.78
185.64.190.87
185.86.138.121
185.94.180.124
185.94.180.125
188.34.131.130
192.96.200.41
193.0.160.129
193.138.77.145
193.232.148.151
195.209.108.47
198.148.27.139
2.21.111.28
2.21.141.175
2.21.141.232
2.21.142.210
205.185.216.42
209.54.177.54
212.82.100.176
213.155.156.185
213.180.204.90
213.19.147.44
23.111.115.172
23.111.115.236
23.111.115.244
23.111.119.12
23.111.211.20
3.123.90.134
3.123.96.39
3.124.16.134
3.126.56.137
3.128.15.210
3.129.250.65
31.13.92.14
31.13.92.36
31.172.81.158
31.172.81.172
34.107.184.81
34.246.212.58
34.248.156.174
34.253.137.48
34.254.143.3
34.98.67.61
35.158.223.21
35.186.193.173
35.186.236.204
35.186.238.232
35.201.96.126
35.201.96.133
35.227.248.159
35.244.159.8
35.244.174.68
37.157.4.28
37.157.4.29
46.228.164.11
46.228.164.13
47.252.78.131
51.178.20.140
51.210.112.63
51.38.120.206
51.89.21.8
52.16.151.94
52.209.129.133
52.222.206.223
52.222.250.165
52.28.33.143
52.28.70.35
52.3.173.52
52.49.37.161
52.85.49.127
54.159.9.91
54.175.198.118
54.93.179.96
66.155.71.150
69.173.144.139
72.251.249.14
77.243.60.138
77.88.21.119
8.2.110.134
80.64.106.149
85.114.159.118
89.108.119.43
89.207.16.204
91.228.74.134
92.123.21.100
92.223.103.191
92.223.103.5
92.223.103.52
92.38.138.42
92.38.162.23
96.46.183.20
99.86.4.12
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540
07614a22c2173c087c44827333281c8d19658171ae924842ddbcee95c9810915
083f85cc994986db209b861917187fe1a7cfa2f00b92dab083e65c96fcf1def1
0a76103406e7e58113441df8f2771a0f85544abb8f4abbf2ada5639b7326b659
0aa30a272e507b84107d5fde0d3520d6ba45266a7140e33d87397ee9fe87e19d
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0dac716fa532a7dcd593342b9449bf7495cfa15d0674ecf68c92bd110c3cc836
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad
103574d6ba5bb76a44dc4a2820c2b48a3cc8e53aec735ce81d7537ac1312d107
10c861bc88c25be1f3ee98f7652bc7fbb35857f42f923e00c6037b757c77685e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11e41d859e2bb2f97068bbbffff15522b7852828e938a464164ffbad62cfa389
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18d4e2d053781366c1da2922b86ae1d48fe4321a03d6e36fc9b27f0048d19d5c
1b5ca07e3e40d9393a33ba07118ae2f0ce8af6614a16fec48661ee00ea9da486
1d10c0a4f06fd57f9cb66c5e491e735f39b3e42370aba499c167ba710dee2736
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
24520828af527af21f4bfa4b53d2f0b98633c6ee0f067d3fb8660ad0bd848aa7
2548d480fc7d02eb909e4594827dbd2ce11aa98590b963d050795a273629a044
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
29fd98e701df1e6eb21877660f19fceb13f2503b1285a9b8b5339387f4221b36
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
3055111147af6cdf92bfb1e7e11909eb7c44ba5b575587c23c8344f2124448fb
3419057d4d0ea2416ad392eb797ded2ac1033896fc70df1dadd4eaad31862bf1
34e2c8fd56ea49d3031f8687e6ee0d70c9cadf846b238d1a3f0450b4020c4570
34efffcbe05d688a8e21796b8afe6b04e9cb0c81a3d1b5002da279a6a6a2fcab
36b6160d09e18dab6ce18a9c836e60aa3725d2896f7280d111ae2b59bf028947
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37dc6349b0c7e3f0136a63ca4d6fb646599963eaac9595a1e93927f6196af734
38c6e9a2b2c0d8fdaeb1ea2028c023811e299daaa0377140aae61fece2707cc0
3a4ba9565a92e6e053a15a32aedb585961e4593446dd41be4fd59a673939ef64
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f32ab7d466ee99b7e292e7b830b4c2ae03c2f959a0555264a01ceb892a15392
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4407d50fe9dd3fa2e45359583e5f432d822b9758c75ff1d75f42f72325b89e86
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45bfe0ae2ef5a2dae11426e2b4f4ef0a4829c0b6dc40cf0d46c00d759a83ed16
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
46dc458344b1457dd37d1d26b7abd0805791375c213d5b3dd3028d57c8272d40
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
475e1030c91148f296928cd904368353e0d0ba1f7d5ae7019dad9e3f37c02954
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55f994f7cd2a144b83066c1142cf02cbed5c3e8d339e95aa44f741a7e31f4ca4
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
56b7d95bd2490a0efc934576c70d90f0f20ca5c7a9fa73f8d3039270cc06bd57
5771e6a4a5394fe2fbf69ae11885eb8a44a92f5a17b3057f5ac293fd7935664c
5837176a5be205c861565cdec44ff713ed7874620fd4b2967a59a0d184477a48
5cc6e868a54fc5204b1fe4b960dedddabf6b6254952e5b8f9bd018edef3dcb50
5df1f24192de52924611853a60854ef1e0086e6f5fb893522ec8081614f6642e
5e8cf878439fe3eeac2af6117e89c70c9171ed5b8d91280fdaa90eb507bcc14c
5f91da25c24e6fb0fc2f6b18964b6bb696253b1d13fa9fa32ca8d27f60ec9fee
6140b5825a17e761bd661114496469788b01f3213d98fa10d36becb52c250fff
62d7a0f570edf5ea1708c9ecbc4664bd33231397af1fe86c422844795fd1f9f8
64287b4c9a2645226cada97f6bbacf523f0a96db01c234df59b58c8b1e8367fa
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27
65c300391db23bc319e01e6b21709e1dd779038f3d7a0e631a6233382cd18a9f
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67eab82c51941ed21bedc57e9863fadaa5dbe7594a0768fb4fc1ccc77691ce24
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3
6add357eb64adef558f956767816927de0b8be69dd7a8f50953a0f79ee20daee
6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
7557f0c0a9c220c27fcad04c8dfe8965a2293eb669987b6a38f0ef513e2aeeb7
756b9209561d2a2a4a54f2198bf8e6ebd9b8982452f3a7607026acc259211c81
7757eaa75e4309441854a823c8e070139c97a03752292ccfe1eb96b1eab7edac
777bdd612275969868adc85cd970c0bf400897e46021fe666b547bbf946f5a3d
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
823270c5174fb48d3cd9a170169cf2c48db77e3ce73928e726dc5cd8d2dc0570
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
86a90b183aecfa70018125329bdc860971b2f20123c0f40e68bac0a1dcb58645
8981b7634262efb2ccddde3aaf691c544eb2e2a9f95fe7f7976d6574a14999e4
8a9820e7a05173822b9285ee2c2815e16b058bd2c40bc7ca8ba5387f7a6840ae
8a9be8bfc8419ebe2537d3f167ad5587714482dee40c092558b802710ac0a989
8c182804cf2d13297fd231bf09ddee0636c30f7c03379ded73ac5c0500e21082
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
92345f3e8fd3a1799dd256ab4a4ac5abb4fb44a733796defe8c694ebc00fde59
9317a9cd57258303a024b21f948fed0f30cd76fc3a0ec40df519366fa6acf54c
94aedf74ee9c2f40bc8d5b8e9dd891946d0f843b7cfbd6d86f6343067ecd9528
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
963142571d0dc1b6b3a83146d5fb74450bbfad0a53fbf7ecca79d7e6eca67b66
98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9cd195601e09b99f750a06fc080e51c657cb34fc25fd02f654d219c2dcf1423c
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
a0012ac0ff25413fc10aee0f5c3a50b5a8fb7e60a9e8ffd100e1ac7423ac230d
a00cf65999cec39f3cccd0aafebf075a26b3418a7e63de815b4c63f188bab71a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a59cca72696c7253e4e87502491367e030a5a58de1faa41d18eb3258e9cf8448
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a8d9b7d4230d33c693d11ebca3f0a5caaa527ba7718cf6fc761dd14b595bb84c
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ae1eda05df5d50f31b071d449eeaf12b87b4efce966fa379428e71db3d4a6307
ae6b6597b5dbeb4d943924484c1bbace158b755e4f13b1527bf4e66860e0d73c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b284f4f7a795580338fa3c7e56e5d34d3da02e3c0949754741acc62789f9b743
b50f096b121d4efd0e9c4cd20d2785d89f185315615b1298a531fd8e313132d2
b570d38ee9fb9d3c62cdd3395021b23cf0c1b8d6e55aa0f4c31496723a30c202
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3f11ffbaaba9768b1b5b86613b1dfe237de5257be4ac0a8d477ec497e38a20c
c7052bd1173e8ef3b04b05dd298b283423c047d91085df7332b0c804db5003ff
c7fa53953fd497042fca425fdb560a6969517844da28633e0775b27466423edb
c95c9de23ec8d59b17e6ec15bf45ead215753dd7a4944e735dfc3dec6bfe50b0
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd73ff1a854f93431baaa2191591aa037ea1ab208078f86a5470cae07a4a8f2e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfa9b4c79e56aaf8e9f53eccd1dcf0e5197bac869d4a38b40dedb42bd6cc22db
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d13b828524033b9a73c68df3bf063d050d264b970d6292f5a177f885a27e6792
d3fe83882585568089145c998223d257dfdd7331de775b8be4c62b3d82534cf1
d400777b87e1784e51ba483bcf3e30e93b0ed42ee11d704389a90622011fd88e
da6bbf37241c9e0c4835441b408a729531bce734425a6b6692d33da138c19e19
da9a72780fd88f39ec5f4723b3a92be503c670efc54bd8e7c7a53949a540e743
dc8edbd118233660ecde9552227385bb65c8a46293043d2a951b29d2b2b0ae71
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd115917de8a98164ba85453d9a5e474f9549825cf2897df7bf66b0a343b1906
dd7534b74da675c6894627f9037f0f37f79ed31cc23d0b1087c53c5b0d1ef793
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dec9b1658814521902f86d8ba736b2e32de4fc3642069815e0a7d852f0ca9383
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e58f2cc23685f345a023f18273ab4b4cad1ae57969fef8904ddc6d5bb3f67af3
e79cb8354354203b78995e651affce182a5436d02ae9eb7a1ab159caf7bb6bc0
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ea6b30b4297983d5cf1dad71b38528276c1326ed5fbd3fdde6247d3620ab571a
ea8c11136a7433434705f93ac9b944267b1e5b18cb713fe9817c7ca09c730cf7
eae97793e78261613f01b2fd2ba98c6ed748ceb1741d47c38b12127940df136f
edb48f47d769a51a21230739ab84880f5d7b12367a72f636e33cb178b0b3d746
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8
f14820501394b3cde0acd1e3da24c4fcb18cce0711d6aa3d6941d1165f29c9d8
f50650870c808b86b5ec8ede776f7660b070cd57938f2be1cb2647ebe7c6fd2c
f7c238fbec0404987398a6eb2849b26034faa6c3a2c306d9fd2ef34c2c1190c3
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63
faf7d60b05dcf53516a1bfc1b8f3e2e4906d7496a26376bf2c4ba03abb957eb4
fc274b274277e16849345b55e1f7f726dd2af16df68aac563da65364c5acdd0a
fc35b6a76bb702a8e0aa388cf7382965c14420dbe7399dbddab0941b33c4eb82
fc5a3d8c31f507b556827e1ae6de886d8f3d6fae8f15a34dcfd2c8786abacb0a
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62