ask.fm Open in urlscan Pro
193.138.77.143 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ask.fm/packetquiver3735
Submission: On September 08 via manual (September 8th 2021, 4:44:24 pm UTC) from IE — Scanned from DE

Summary HTTP 127 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 27 IPs in 9 countries across 24 domains to perform 127 HTTP transactions. The main IP is 193.138.77.143, located in Latvia and belongs to ASK-FM, US. The main domain is ask.fm.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on July 30th 2020. Valid for: a year.

This is the only time ask.fm was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	193.138.77.143 193.138.77.143	395754 (ASK-FM) (ASK-FM)
6	2600:9000:20e... 2600:9000:20e1:6000:11:3771:2e40:21	16509 (AMAZON-02) (AMAZON-02)
1	3.129.250.65 3.129.250.65	16509 (AMAZON-02) (AMAZON-02)
1	35.201.96.133 35.201.96.133	15169 (GOOGLE) (GOOGLE)
3 9	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
23	2600:9000:218... 2600:9000:218d:9600:13:811c:e440:21	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:211... 2600:9000:2117:ee00:c:d85b:b300:21	16509 (AMAZON-02) (AMAZON-02)
8	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
1 1	66.155.71.149 66.155.71.149	13768 (COGECO-PEER1) (COGECO-PEER1)
3	3.68.1.119 3.68.1.119	16509 (AMAZON-02) (AMAZON-02)
3 3	52.28.167.107 52.28.167.107	16509 (AMAZON-02) (AMAZON-02)
2 3	216.58.214.66 216.58.214.66	15169 (GOOGLE) (GOOGLE)
3 3	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
2 2	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
2 10	104.80.21.36 104.80.21.36	16625 (AKAMAI-AS) (AKAMAI-AS)
6	146.20.128.55 146.20.128.55	27357 (RACKSPACE) (RACKSPACE)
15	146.20.128.140 146.20.128.140	27357 (RACKSPACE) (RACKSPACE)
3 3	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
13	146.20.132.120 146.20.132.120	27357 (RACKSPACE) (RACKSPACE)
2	37.157.4.24 37.157.4.24	198622 (ADFORM) (ADFORM)
3	18.159.240.81 18.159.240.81	16509 (AMAZON-02) (AMAZON-02)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	209.54.176.128 209.54.176.128	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:219... 2600:9000:219c:aa00:15:6f6c:b180:93a1	16509 (AMAZON-02) (AMAZON-02)
4	23.217.9.140 23.217.9.140	16625 (AKAMAI-AS) (AKAMAI-AS)
2	37.252.172.38 37.252.172.38	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4007:813::2001	15169 (GOOGLE) (GOOGLE)
1	2606:2800:233... 2606:2800:233:97b6:26be:138a:cba8:bb01	15133 (EDGECAST) (EDGECAST)
1	185.64.190.75 185.64.190.75	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	104.80.22.145 104.80.22.145	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.140.219.195 3.140.219.195	() ()
127	27

1 193.138.77.143 (Latvia)

ASN395754 (ASK-FM, US)

ask.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:20e1:6000:11:3771:2e40:21 (United States)

ASN16509 (AMAZON-02, US)

d3r6ceqp4shltl.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.129.250.65 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-129-250-65.us-east-2.compute.amazonaws.com

ads.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.96.133 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 133.96.201.35.bc.googleusercontent.com

colossalcoat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2600:9000:218d:9600:13:811c:e440:21 (United States)

ASN16509 (AMAZON-02, US)

d16vsmxl4d5tw1.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2117:ee00:c:d85b:b300:21 (United States)

ASN16509 (AMAZON-02, US)

dbq8hrmshvuto.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

ad.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.149 (Portsmouth, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.68.1.119 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-1-119.eu-central-1.compute.amazonaws.com

a.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.28.167.107 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-167-107.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.214.66 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: par10s39-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.44 (United Kingdom) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.242.197 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.80.21.36 (Paris, France) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-80-21-36.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 146.20.128.55 (United States)

ASN27357 (RACKSPACE, US)

v.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 146.20.128.140 (United States)

ASN27357 (RACKSPACE, US)

cs.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:678:cb4:bbbb::11 (United Kingdom) 3 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 146.20.132.120 (United States)

ASN27357 (RACKSPACE, US)

t.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.24 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.159.240.81 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-240-81.eu-central-1.compute.amazonaws.com

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

cdn.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.54.176.128 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:219c:aa00:15:6f6c:b180:93a1 (United States)

ASN16509 (AMAZON-02, US)

vpaid.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.217.9.140 (London, United Kingdom)

ASN16625 (AKAMAI-AS, US)
PTR: a23-217-9-140.deploy.static.akamaitechnologies.com

vpaid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4007:813::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:97b6:26be:138a:cba8:bb01 (United States)

ASN15133 (EDGECAST, US)

adserver.adtech.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.75 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

vid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.80.22.145 (Paris, France)

ASN16625 (AKAMAI-AS, US)
PTR: a104-80-22-145.deploy.static.akamaitechnologies.com

aktrack.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.140.219.195 (None, )

ASN- ()

vid-io-cle.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	lkqd.net ad.lkqd.net v.lkqd.net cs.lkqd.net t.lkqd.net Failed	214 KB
31	cloudfront.net d3r6ceqp4shltl.cloudfront.net d16vsmxl4d5tw1.cloudfront.net dbq8hrmshvuto.cloudfront.net	700 KB
12	stickyadstv.com 2 redirects ads.stickyadstv.com cdn.stickyadstv.com	147 KB
7	yandex.com 2 redirects mc.yandex.com	2 KB
6	pubmatic.com vpaid.pubmatic.com ads.pubmatic.com image6.pubmatic.com Failed vid.pubmatic.com aktrack.pubmatic.com	65 KB
4	advertising.com ads.adaptv.advertising.com adserver.adtech.advertising.com	1 KB
4	vidoomy.com ads.vidoomy.com a.vidoomy.com	7 KB
3	turn.com 3 redirects ad.turn.com	1 KB
3	doubleclick.net 2 redirects cm.g.doubleclick.net	1 KB
3	bidswitch.net 3 redirects x.bidswitch.net	1 KB
2	adnxs.com ib.adnxs.com	2 KB
2	springserve.com vpaid.springserve.com vid-io-cle.springserve.com	87 KB
2	adform.net adx.adform.net	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org	912 B
2	1rx.io 2 redirects sync.1rx.io	1 KB
2	yandex.ru 1 redirects mc.yandex.ru	72 KB
1	googlesyndication.com tpc.googlesyndication.com	3 KB
1	amazon-adsystem.com s.amazon-adsystem.com	556 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	481 B
1	sitescout.com 1 redirects pixel-sync.sitescout.com	263 B
1	colossalcoat.com colossalcoat.com	30 KB
1	ask.fm ask.fm	14 KB
0	everesttech.net Failed sync-tm.everesttech.net Failed
0	adsafeprotected.com Failed static.adsafeprotected.com Failed
127	24

	Domain	Requested by
23	d16vsmxl4d5tw1.cloudfront.net	ask.fm
15	cs.lkqd.net	ad.lkqd.net
13	t.lkqd.net	ad.lkqd.net
10	ads.stickyadstv.com	2 redirects ask.fm ad.lkqd.net cdn.stickyadstv.com vpaid.springserve.com
8	ad.lkqd.net	ask.fm ad.lkqd.net
7	mc.yandex.com	2 redirects ask.fm mc.yandex.ru
6	v.lkqd.net	ad.lkqd.net
6	d3r6ceqp4shltl.cloudfront.net	ask.fm d3r6ceqp4shltl.cloudfront.net
3	ads.adaptv.advertising.com	ad.lkqd.net vpaid.springserve.com
3	ad.turn.com	3 redirects
3	cm.g.doubleclick.net	2 redirects ask.fm
3	x.bidswitch.net	3 redirects
3	a.vidoomy.com	ask.fm
2	ads.pubmatic.com	vpaid.pubmatic.com
2	ib.adnxs.com	vpaid.springserve.com
2	vpaid.pubmatic.com	vpaid.springserve.com blank
2	cdn.stickyadstv.com	ad.lkqd.net cdn.stickyadstv.com
2	adx.adform.net	ad.lkqd.net
2	match.adsrvr.org	2 redirects
2	sync.1rx.io	2 redirects
2	dbq8hrmshvuto.cloudfront.net	ask.fm
2	mc.yandex.ru	1 redirects d3r6ceqp4shltl.cloudfront.net
1	vid-io-cle.springserve.com	vpaid.springserve.com
1	aktrack.pubmatic.com	ask.fm
1	vid.pubmatic.com	vpaid.pubmatic.com
1	adserver.adtech.advertising.com	colossalcoat.com
1	tpc.googlesyndication.com	colossalcoat.com
1	vpaid.springserve.com	ad.lkqd.net
1	s.amazon-adsystem.com	ask.fm
1	sync.targeting.unrulymedia.com	1 redirects
1	pixel-sync.sitescout.com	1 redirects
1	colossalcoat.com	ask.fm
1	ads.vidoomy.com	ask.fm
1	ask.fm
0	image6.pubmatic.com Failed	ads.pubmatic.com
0	sync-tm.everesttech.net Failed	ask.fm
0	static.adsafeprotected.com Failed	ask.fm colossalcoat.com
127	37

This site contains links to these domains. Also see Links.

Domain
about.ask.fm
safety.ask.fm
support.ask.fm
www.facebook.com
instagram.com
twitter.com
vk.com

Subject Issuer	Validity	Valid
*.ask.fm AlphaSSL CA - SHA256 - G2	`2020-07-30` - `2021-09-27`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2021-08-06` - `2022-09-05`	a year	crt.sh
colossalcoat.com R3	`2021-07-13` - `2021-10-11`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-07-28` - `2022-01-07`	5 months	crt.sh
ad.lkqd.net R3	`2021-07-25` - `2021-10-23`	3 months	crt.sh
ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-11-17`	a year	crt.sh
*.lkqd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-09` - `2022-07-14`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-05-24` - `2021-11-17`	6 months	crt.sh
*.stickyadstv.com DigiCert SHA2 High Assurance Server CA	`2019-11-25` - `2022-02-18`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
s.amazon-adsystem.com Amazon	`2021-07-14` - `2022-06-27`	a year	crt.sh
*.springserve.com Amazon	`2021-04-30` - `2022-05-29`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.adtech.advertising.com DigiCert SHA2 Secure Server CA	`2020-04-16` - `2022-04-21`	2 years	crt.sh

This page contains 19 frames:

Primary Page: https://ask.fm/packetquiver3735
Frame ID: FA771E824CBF5AEA111F1F4977D407DA
Requests: 59 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: CA2FDCE0C79996C068E45C546441C721
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 6C5284A64656CDD33EDD74BB3F1AC4E3
Requests: 2 HTTP requests in this frame

Frame: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Frame ID: CEB6E0B3B9CE78F67D6B7CD74360753C
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: C082F896316C05E58D74834C0C3BFE23
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: DEC6509CCED1F4DA4E2B74043CB120C4
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: BA621C6785E95D08014B9E14D7A1728E
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 119C18CF726002B8BC6CA05D18350494
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: B5FBB74134AA8F2422C83D8127D0E260
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 7DD77A2F9FA8BA041B66F78E15AAA888
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: CEBFEE2FB4F18247C8066C86F6B00D1D
Requests: 5 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 37A5BCF35E6B95A19953C544BD21C079
Requests: 4 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_44854a27.js
Frame ID: 3E757099377CF24A5D55AAC7C36375D1
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fpacketquiver3735&schain=1.0,1!vidoomy.com,54345,1,1631119460582,,
Frame ID: C2FBA078EF71735221AC6F76A6B2E6A9
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 04E6C8BDA3059D4664F1D687670F786A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 27B1C6A03D3C3CAA310BDCD9A67F4854
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 9F3407B97738C8E444938A8D2977A724
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 571949E6476F37DC72E0E9B6B3FB111C
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 06A53C915C8D4B7E05EDCC202B3B3146
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Account Suspended - Ask.fm

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

127
Requests

90 %
HTTPS

29 %
IPv6

24
Domains

37
Subdomains

27
IPs

9
Countries

1342 kB
Transfer

3198 kB
Size

52
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: http://about.ask.fm/terms/
Title: Find out more

Search URL Search Domain Scan URL

URL: https://about.ask.fm/?lang=de
Title: Über ASKfm

Search URL Search Domain Scan URL

URL: https://safety.ask.fm/?lang=de
Title: Sicherheits-Center

Search URL Search Domain Scan URL

URL: https://support.ask.fm/
Title: Hilfe

Search URL Search Domain Scan URL

URL: https://safety.ask.fm/community-guidelines/
Title: Gemeinschaftsstandards

Search URL Search Domain Scan URL

URL: https://about.ask.fm/terms/?lang=de
Title: Nutzungsbedingungen

Search URL Search Domain Scan URL

URL: https://about.ask.fm/privacy-policy/?lang=de
Title: Datenschutzrichtlinie

Search URL Search Domain Scan URL

URL: https://about.ask.fm/transparency-report/?lang=de
Title: Transparenzbericht

Search URL Search Domain Scan URL

URL: https://about.ask.fm/cookie-policy/?lang=de
Title: Cookies-Richtlinie

Search URL Search Domain Scan URL

URL: https://about.ask.fm/advertising/?lang=de
Title: Werbung

Search URL Search Domain Scan URL

URL: https://www.facebook.com/askfmpage

Search URL Search Domain Scan URL

URL: https://instagram.com/askfm

Search URL Search Domain Scan URL

URL: https://twitter.com/askfm

Search URL Search Domain Scan URL

URL: https://vk.com/askfm

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9390.1s0YygAnHi8RJJ4E-otq8NzVb1JIlybojnbugaIkG8z-JPbaXU9AYWO1lJKHR7jE.694DgNPTnGN5BFZYUDb918cs_O0%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9390.UmFEsYcfc1Lly2Eezj2brT_Xy2SihhgFJSw1q-AntqxqU9gyERPYuT8U_sWOYUE1etHpODtnpV-athRacNbelA%2C%2C.9NqYKeS-SABTSn-A4IwQV5nseZM%2C

Request Chain 39

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent

Request Chain 40

https://x.bidswitch.net/sync?ssp=vidoomy&user_id=276933411.075723351622228104.776959 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=276933411.075723351622228104.776959 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=vidoomy&bsw_param=ee67bb15-b8d0-459a-a757-a77bc471dbf9&google_hm=ZWU2N2JiMTUtYjhkMC00NTlhLWE3NTctYTc3YmM0NzFkYmY5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm=&google_sc=&ssp=vidoomy&bsw_param=ee67bb15-b8d0-459a-a757-a77bc471dbf9&google_hm=ZWU2N2JiMTUtYjhkMC00NTlhLWE3NTctYTc3YmM0NzFkYmY5&google_tc= HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEIe84pMTQh3C5YKkaeDcH74&google_cver=1&ssp=vidoomy&bsw_param=ee67bb15-b8d0-459a-a757-a77bc471dbf9 HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=ee67bb15-b8d0-459a-a757-a77bc471dbf9

Request Chain 41

https://sync.1rx.io/usersync2/vidoomy?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3D%5BRX_UUID%5D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8660872260 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8660872260 HTTP 302
https://sync.1rx.io/usersync/tradedesk/dcbe8866-48a2-4d9f-ae06-61b761f7b37c HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-1702692d-b5e6-4cb6-a9a8-9a64dc80800d-003?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3DRX-1702692d-b5e6-4cb6-a9a8-9a64dc80800d-003 HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=RX-1702692d-b5e6-4cb6-a9a8-9a64dc80800d-003

Request Chain 45

https://mc.yandex.com/watch/48953915?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fpacketquiver3735&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A716%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A261427820118%3Ahid%3A414844270%3Az%3A0%3Ai%3A20210908164419%3Aet%3A1631119459%3Ac%3A1%3Arn%3A326156675%3Arqn%3A1%3Au%3A1631119459823264757%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1631119458371%3Ads%3A19%2C286%2C147%2C2%2C0%2C0%2C%2C181%2C8%2C%2C%2C%2C638%3Adsn%3A20%2C286%2C147%2C2%2C0%2C0%2C%2C182%2C8%2C%2C%2C%2C638%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1631119460%3At%3AAccount%20Suspended%20-%20Ask.fm HTTP 302
https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fpacketquiver3735&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A716%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A261427820118%3Ahid%3A414844270%3Az%3A0%3Ai%3A20210908164419%3Aet%3A1631119459%3Ac%3A1%3Arn%3A326156675%3Arqn%3A1%3Au%3A1631119459823264757%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1631119458371%3Ads%3A19%2C286%2C147%2C2%2C0%2C0%2C%2C181%2C8%2C%2C%2C%2C638%3Adsn%3A20%2C286%2C147%2C2%2C0%2C0%2C%2C182%2C8%2C%2C%2C%2C638%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1631119460%3At%3AAccount%20Suspended%20-%20Ask.fm

Request Chain 52

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4504867596234818164

Request Chain 57

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4432810002196890228

Request Chain 71

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4432810002196890228

Request Chain 88

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=eaf06c6a67fb6d62a44d611a88834de8&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=0&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l176a_7005604740864613732 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZWFmMDZjNmE2N2ZiNmQ2MmE0NGQ2MTFhODg4MzRkZTg=&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEHt3SAL5Ypptc6HATFvw6JM&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=dcbe8866-48a2-4d9f-ae06-61b761f7b37c HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.stickyadstv.com%252Fuser-registering%253FdataProviderId%253D209%26gdpr%3D0%26gdpr_consent%3D%2526userId%253D%24UID HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=7828100818536297263 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/stickyads/eaf06c6a67fb6d62a44d611a88834de8&gdpr=0&gdpr_consent=?gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-ElGAu59E2oOytBKRUuI.9UWv5lFV.HYykX1RGFn.~A HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=b8466138-e866-4400-a6b2-5c0008695c26&gdpr=0&gdpr_consent= HTTP 302
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AACVik7CcdEAABxCG5zDuw&gdpr=0 HTTP 302
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=18&gdpr=0 HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=4757525346826380865 HTTP 302
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D

Request Chain 93

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZWFmMDZjNmE2N2ZiNmQ2MmE0NGQ2MTFhODg4MzRkZTg=&gdpr=0&gdpr_consent=

Request Chain 94

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=eaf06c6a67fb6d62a44d611a88834de8&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 126

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4432810002196890228

127 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 410
Gone Primary Request Cookie set packetquiver3735 Show response
ask.fm/ 13 KB
14 KB 454ms
148ms Document
text/html 193.138.77.143
ASK-FM

General

Check archive.org

Show headers Download Go to

Full URL

https://ask.fm/packetquiver3735

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.138.77.143 , Latvia, ASN395754 (ASK-FM, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

602a16342b622ddbb17b9d027d017884c185b2387d5ba8cdc2b4cbbe1e4708a2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: ask.fm
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Status: 410 Gone
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Date: Wed, 08 Sep 2021 16:44:18 GMT
Set-Cookie: locale=de; path=/; expires=Thu, 08 Sep 2022 22:44:18 -0000 uuid=fa756788-912d-4c87-905a-4178ea59b9ea; path=/; expires=Thu, 08 Sep 2022 22:44:18 -0000; secure; HttpOnly country=DE; path=/; expires=Thu, 08 Sep 2022 22:44:18 -0000 _m_ask_fm_session=NndIZWxod3dWQ21NeEtMdS9EN0VBN3ZjdUdLTTA0VW94RW5lRko5NUF5ZUhQeUtoQUNHYUx1eGI2SWtQRHh3akM5a2lJTWw0RWF0L0RPTXNsaVpqd2x0a1Z2b2Z4czVXcGY4U3ZpczBzMlV2Q2lRNXZXV00yQmVwYmRWY0dua2t5NG8wZCtCQ1NNWnNubmFNNTFoM2NYdVU3eG9kS3Y5dW56VUVwUDhLUGFLK3RHTVdMRk1GWnVhbm5BRmRFRHR0Rkk4WXIzeEtLUElZT2JOOFl3QVdYRHFmdkgzb0ZFU1BCcm9Dd0NpUkNpZ0gwL1lEMmVEdXJzT1lCaCtkVnF1VS0tTUVrZjgxaHdNMVJtWVU2enNJNm91UT09--82a1ba6d27ddf7e5d35f7edb598c4ad6171f8fc7; path=/; expires=Sat, 11 Sep 2021 16:44:18 -0000; secure; HttpOnly
Server: Ask.FM Web Service
Content-Security-Policy: frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security: max-age=63072000

GET
H2 200 application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css
d3r6ceqp4shltl.cloudfront.net/assets/ 184 KB
39 KB 89ms
21ms Stylesheet
text/css 2600:9000:20e1:6000:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css

Requested by

Host: ask.fm
URL: https://ask.fm/packetquiver3735

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20e1:6000:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

6bf4d1a5ab84231d4d77a7aa49811be50601ad46f93002a7dfc4b29403980787

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 20:50:12 GMT
content-encoding: gzip
age: 1454046
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 39692
access-control-allow-origin: https://ask.fm
last-modified: Wed, 18 Aug 2021 12:19:47 GMT
server: Ask.FM Web Service
etag: "611cfae3-9b0c"
strict-transport-security: max-age=63072000
access-control-allow-methods: GET
content-type: text/css
via: 1.1 fe5921e02dd895b566697a6b586dc47b.cloudfront.net (CloudFront)
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: CDG50-C2
x-amz-cf-id: IPrEZ3xan65Mr5NGCUvDnHJsm26nwRvd_-7IqCMEEOmfi5-XoMMK_Q==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 application-bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477.js Show response
d3r6ceqp4shltl.cloudfront.net/assets/ 217 KB
68 KB 90ms
22ms Script
application/javascript 2600:9000:20e1:6000:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/application-bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477.js

Requested by

Host: ask.fm
URL: https://ask.fm/packetquiver3735

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20e1:6000:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 12:07:21 GMT
content-encoding: gzip
age: 1831017
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 69074
access-control-allow-origin: https://ask.fm
last-modified: Wed, 18 Aug 2021 07:22:53 GMT
server: Ask.FM Web Service
etag: "611cb54d-10dd2"
strict-transport-security: max-age=63072000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 fe5921e02dd895b566697a6b586dc47b.cloudfront.net (CloudFront)
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: CDG50-C2
x-amz-cf-id: SooDos7694YVlrtBpvL8Lf1XVTlVvFCUDQcrI67lv_G-JWPbMipjUw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK askfm_4249.js Show response
ads.vidoomy.com/ 6 KB
6 KB 505ms
130ms Script
application/javascript 3.129.250.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.vidoomy.com/askfm_4249.js
Requested by: Host: ask.fm
URL: https://ask.fm/packetquiver3735
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.129.250.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-129-250-65.us-east-2.compute.amazonaws.com
Software: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash: 7cb4560c15852d4f239dbe2b2fb095b3e1dcd15086b7a4307d42ae1e6c20c139

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 16:44:19 GMT
Server: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=300
Content-Length: 5794

GET
H2 200 account-suspended.gif
d3r6ceqp4shltl.cloudfront.net/images/errors/ 380 KB
380 KB 26ms
26ms Image
image/gif 2600:9000:20e1:6000:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d3r6ceqp4shltl.cloudfront.net/images/errors/account-suspended.gif

Requested by

Host: ask.fm
URL: https://ask.fm/packetquiver3735

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20e1:6000:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

b570d38ee9fb9d3c62cdd3395021b23cf0c1b8d6e55aa0f4c31496723a30c202

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 13:30:55 GMT
via: 1.1 fe5921e02dd895b566697a6b586dc47b.cloudfront.net (CloudFront)
age: 1826003
x-cache: Hit from cloudfront
content-length: 388641
last-modified: Wed, 18 Aug 2021 12:19:47 GMT
server: Ask.FM Web Service
etag: "611cfae3-5ee21"
strict-transport-security: max-age=63072000
content-type: image/gif
cache-control: max-age=315360000, public
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: CDG50-C2
accept-ranges: bytes
x-amz-cf-id: t43D1jyra6swxsDzEh9Gp4RpP94vKynFLSUJBBOF0iHnqVYgAntaQA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 v2doydDDr7mj6NrgHnAK5ak-qxBmJSRZTUAYuHM-2FpCgUsDt2NNH9aFlN0Jtm2lc Show response
colossalcoat.com/ 103 KB
30 KB 74ms
23ms Script
text/javascript 35.201.96.133
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://colossalcoat.com/v2doydDDr7mj6NrgHnAK5ak-qxBmJSRZTUAYuHM-2FpCgUsDt2NNH9aFlN0Jtm2lc

Requested by

Host: ask.fm
URL: https://ask.fm/packetquiver3735

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

133.96.201.35.bc.googleusercontent.com

Software

Resource Hash

c4610f8b95bbc72f8f0d5942257044a9858cc319e3fdf62d064c0837bcb5a028

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "26ede718b800f5fb6482348abef3daa54bd4a6484dfd4a9f7577a7a0669bd27a"
vary: Accept-Encoding, Accept-Language
x-hostname: a26589ac
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Wed, 08 Sep 2021 16:44:19 GMT
timing-allow-origin: *

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 224 KB
72 KB 243ms
72ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

96e61209b1c1fff1abe78fb763fbf093a04e6e992dc24b299ab1c4c5f4272f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 16:44:19 GMT
content-encoding: br
last-modified: Wed, 08 Sep 2021 16:07:49 GMT
etag: "61372b26-11d31"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 73009
expires: Wed, 08 Sep 2021 17:44:19 GMT

GET
H2 200 836857.jpg
d16vsmxl4d5tw1.cloudfront.net/60d/10179/738e/4d30/987b/4ad524787c9f/thumb/ 2 KB
2 KB 131ms
54ms Image
image/jpeg 2600:9000:218d:9600:13:811c:e440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d16vsmxl4d5tw1.cloudfront.net/60d/10179/738e/4d30/987b/4ad524787c9f/thumb/836857.jpg
Requested by: Host: ask.fm
URL: https://ask.fm/packetquiver3735
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218d:9600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e8fd5e541497eb50cb01cb6b72e101dbff2b358cd716c60576547ecea86a5eca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 02:21:03 GMT
via: 1.1 7e6657395b3575281556302c38800696.cloudfront.net (CloudFront)
last-modified: Thu, 10 Jan 2019 13:18:25 GMT
server: AmazonS3
age: 51797
etag: "8f43864b7eae7d65e48327bc2e121db4"
x-cache: Hit from cloudfront
x-amz-version-id: ux3zgq3wc52Dsw449IHzritKrR_54CRw
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: CDG50-P2
accept-ranges: bytes
content-type: image/jpeg
content-length: 1585
x-amz-cf-id: 3YATLEzfgT0-NB120xLadtPX8EFhWlKENO1TW7z2EACgmV3ZCowJtA==

GET
H2 200 617366.jpg
d16vsmxl4d5tw1.cloudfront.net/d7f/6b26e/1f96/477e/bfdc/8d03a53b4e2f/thumb/ 4 KB
4 KB 144ms
68ms Image
image/jpeg 2600:9000:218d:9600:13:811c:e440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d16vsmxl4d5tw1.cloudfront.net/d7f/6b26e/1f96/477e/bfdc/8d03a53b4e2f/thumb/617366.jpg
Requested by: Host: ask.fm
URL: https://ask.fm/packetquiver3735
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218d:9600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 96435b65a9bc4acadcab0bf8daf883784bd9ffc382c52fefbbef0d2129913aed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 16:34:05 GMT
via: 1.1 7e6657395b3575281556302c38800696.cloudfront.net (CloudFront)
last-modified: Tue, 22 Jan 2019 13:21:33 GMT
server: AmazonS3
age: 615
etag: "a5af9e4790b80bd7b9eabb452c18a825"
x-cache: Hit from cloudfront
x-amz-version-id: .uyNHJDOhWEjTVPR9sa6ASFPKujPHX6p
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: CDG50-P2
accept-ranges: bytes
content-type: image/jpeg
content-length: 4182
x-amz-cf-id: vFu6DB1YXhs4DGawO8EqI0MdkzvhHaEl6KpSROclWV6QwEJx6RdJVg==

GET
H2 200 15043.png
d16vsmxl4d5tw1.cloudfront.net/2ba/e0576/6d71/4603/a858/b03092b4ba0c/thumb/ 16 KB
16 KB 110ms
37ms Image
image/png 2600:9000:218d:9600:13:811c:e440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d16vsmxl4d5tw1.cloudfront.net/2ba/e0576/6d71/4603/a858/b03092b4ba0c/thumb/15043.png
Requested by: Host: ask.fm
URL: https://ask.fm/packetquiver3735
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218d:9600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4e89d55b3744b0828b311ba8580099a01a6351326b9ab3640afc400e199724a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 09:35:27 GMT
via: 1.1 7e6657395b3575281556302c38800696.cloudfront.net (CloudFront)
last-modified: Sun, 23 Sep 2018 22:51:37 GMT
server: AmazonS3
age: 25733
etag: "a6f27dac1eae61f7f1116d69a10e2cda"
x-cache: Hit from cloudfront
x-amz-version-id: AsvAc9SFc6VmHB1x2d3nPFDhD.hHPeaG
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: CDG50-P2
accept-ranges: bytes
content-type: image/png
content-length: 16434
x-amz-cf-id: lcKEji2X3Cw-9yhY7afI_iT3BUbqAloCcBYoOiKkZiUES7YK0hIYyA==

GET
H2 200 629511.jpg
d16vsmxl4d5tw1.cloudfront.net/979/5f193/13ef/41c4/a0c4/194fcf7337fd/thumb/ 5 KB
5 KB 140ms
68ms Image
image/jpeg 2600:9000:218d:9600:13:811c:e440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d16vsmxl4d5tw1.cloudfront.net/979/5f193/13ef/41c4/a0c4/194fcf7337fd/thumb/629511.jpg
Requested by: Host: ask.fm
URL: https://ask.fm/packetquiver3735
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218d:9600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9f0cffc6f8c25f207060acd6dcf2ae6362f1bf950a33ae3020dfe6fcc9facae1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 16:41:07 GMT
via: 1.1 7e6657395b3575281556302c38800696.cloudfront.net (CloudFront)
last-modified: Tue, 29 May 2018 02:37:28 GMT
server: AmazonS3
age: 193
etag: "4129ee07536e464555acb6163933e38a"
x-cache: Hit from cloudfront
x-amz-version-id: O49WbX.qp8_0NQa7Qbbd0qW_Jk9lTqcn
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: CDG50-P2
accept-ranges: bytes
content-type: image/jpeg
content-length: 4938
x-amz-cf-id: mdY-6dWFa7q-1niD5yzK_Wn6tEJBGhcwgH7OFvwMD8zJdxCZ6wmnlg==

GET
H2 200 247012.jpg
d16vsmxl4d5tw1.cloudfront.net/a8c/e4de0/956c/4a41/9bf5/c54c1a2889bc/thumb/ 4 KB
4 KB 111ms
39ms Image
image/jpeg 2600:9000:218d:9600:13:811c:e440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d16vsmxl4d5tw1.cloudfront.net/a8c/e4de0/956c/4a41/9bf5/c54c1a2889bc/thumb/247012.jpg
Requested by: Host: ask.fm
URL: https://ask.fm/packetquiver3735
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218d:9600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e5a56b177dbde29ba6894fc6c91b6c838108e84cb185da4dbba1de0d130ee41d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 16:41:07 GMT
via: 1.1 7e6657395b3575281556302c38800696.cloudfront.net (CloudFront)
last-modified: Sun, 03 Jun 2018 21:44:35 GMT
server: AmazonS3
age: 193
etag: "895c7439e011970f9a4dcb23df397c23"
x-cache: Hit from cloudfront
x-amz-version-id: XNG_BRinM5WnAwHCZW5tG5mN__7jybTR
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: CDG50-P2
accept-ranges: bytes
content-type: image/jpeg
content-length: 4178
x-amz-cf-id: 0OSCdQi-2Kp8Ad2NH8BlzT_r9GKM6hiAC_DWqS6anZ55kpiuB0omZA==

GET
H2 200 6336.jpg
d16vsmxl4d5tw1.cloudfront.net/2da/8b85d/4843/49ba/8573/fa72f734a608/thumb/ 2 KB
3 KB 118ms
46ms Image
image/jpeg 2600:9000:218d:9600:13:811c:e440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d16vsmxl4d5tw1.cloudfront.net/2da/8b85d/4843/49ba/8573/fa72f734a608/thumb/6336.jpg
Requested by: Host: ask.fm
URL: https://ask.fm/packetquiver3735
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218d:9600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f1a1c11bb2dce349412313720814f9eeb59f1954d2c284a32a56e45840e5b1e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 06:28:31 GMT
via: 1.1 7e6657395b3575281556302c38800696.cloudfront.net (CloudFront)
last-modified: Thu, 26 Dec 2019 20:36:31 GMT
server: AmazonS3
age: 36949
etag: "f66740a91d3e09b01cd372765e90cc97"
x-cache: Hit from cloudfront
x-amz-version-id: nOrXuCJIqMf2FafdO2dsAbGu1SSYzjfq
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: CDG50-P2
accept-ranges: bytes
content-type: image/jpeg
content-length: 2195
x-amz-cf-id: n2CVnkfMORxASiQPe2k0xBfGvjv-Ox8uMKEK99fgfrTiUF_tNnCvjg==

GET
H2 200 258945.jpg
d16vsmxl4d5tw1.cloudfront.net/0b9/54af4/dcc9/49bc/b569/5cb0be84b5b7/thumb/ 5 KB
6 KB 79ms
53ms Image
image/jpeg 2600:9000:218d:9600:13:811c:e440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d16vsmxl4d5tw1.cloudfront.net/0b9/54af4/dcc9/49bc/b569/5cb0be84b5b7/thumb/258945.jpg
Requested by: Host: ask.fm
URL: https://ask.fm/packetquiver3735
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218d:9600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 859a4ff23ab2346c3e477dd4d3b5d21fe9dde54f05b1412da0c63c04c20923f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 16:43:33 GMT
via: 1.1 7e6657395b3575281556302c38800696.cloudfront.net (CloudFront)
last-modified: Fri, 23 Nov 2018 00:20:11 GMT
server: AmazonS3
age: 47
etag: "2b1e4551e5e91d469d1ab0c3b013ba07"
x-cache: Hit from cloudfront
x-amz-version-id: yJs80YXu_uKwUPSXCOyQ0.jkdSRbwWEq
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: CDG50-P2
accept-ranges: bytes
content-type: image/jpeg
content-length: 5286
x-amz-cf-id: JWRL5J2RA94YNEDxr5DtivW-L4k4RpHBT4fHmG9Y0tWSRTr23HUO7w==

GET
H2 200 125415.jpg
d16vsmxl4d5tw1.cloudfront.net/6e4/fc7f4/8464/4428/9e48/0e669a268752/thumb/ 3 KB
4 KB 83ms
57ms Image
image/jpeg 2600:9000:218d:9600:13:811c:e440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d16vsmxl4d5tw1.cloudfront.net/6e4/fc7f4/8464/4428/9e48/0e669a268752/thumb/125415.jpg
Requested by: Host: ask.fm
URL: https://ask.fm/packetquiver3735
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218d:9600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1f2ed977ada559dbdfe490dc7be853ab2affc14996370ce0574f022a5c8dd9a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:54:11 GMT
via: 1.1 7e6657395b3575281556302c38800696.cloudfront.net (CloudFront)
last-modified: Mon, 13 Aug 2018 12:40:30 GMT
server: AmazonS3
age: 6609
etag: "b68a272858704137827d6f7e92e1b5f3"
x-cache: Hit from cloudfront
x-amz-version-id: P6WTNY59zmiZWym6SQXYzxF34Fh9yiOI
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: CDG50-P2
accept-ranges: bytes
content-type: image/jpeg
content-length: 3426
x-amz-cf-id: bR5nFPK-9vF357qyNVjQ_U-TYFWImhzJUV9Vdm8AKHW8DmDdYfdksw==

GET
H2 200 436822.png
d16vsmxl4d5tw1.cloudfront.net/8e8/b483e/b1b4/4fdf/b5c3/25754110fde1/thumb/ 5 KB
5 KB 77ms
51ms Image
image/png 2600:9000:218d:9600:13:811c:e440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d16vsmxl4d5tw1.cloudfront.net/8e8/b483e/b1b4/4fdf/b5c3/25754110fde1/thumb/436822.png
Requested by: Host: ask.fm
URL: https://ask.fm/packetquiver3735
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218d:9600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12ebeaec9bf52a5506ff5ebe5f2ac19770ad9ecff7ea0fa7eaa33ab411163137

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 02:21:02 GMT
via: 1.1 7e6657395b3575281556302c38800696.cloudfront.net (CloudFront)
last-modified: Sat, 24 Nov 2018 23:06:32 GMT
server: AmazonS3
age: 51798
etag: "e91f074db6a01d3d57b63dc899d8e66e"
x-cache: Hit from cloudfront
x-amz-version-id: SXZOUE2pI2Us.KC6819RKXAnEPx59FBQ
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: CDG50-P2
accept-ranges: bytes
content-type: image/png
content-length: 4935
x-amz-cf-id: LixwKDDR0ezZjLd2tWhHPPfhHUDnGrtExmh2mivYxzVjF6V00qkDIQ==

GET
H2 200 729239.jpg
d16vsmxl4d5tw1.cloudfront.net/ffd/f6b19/4a24/4fea/bf69/e526b35ec6bb/thumb/ 4 KB
4 KB 71ms
45ms Image
image/jpeg 2600:9000:218d:9600:13:811c:e440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d16vsmxl4d5tw1.cloudfront.net/ffd/f6b19/4a24/4fea/bf69/e526b35ec6bb/thumb/729239.jpg
Requested by: Host: ask.fm
URL: https://ask.fm/packetquiver3735
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218d:9600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bfa27d44851e5946d6d6218886e6d30819cd3c254be4e31294ee7a409efcaa1e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 16:43:33 GMT
via: 1.1 7e6657395b3575281556302c38800696.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jan 2019 17:29:04 GMT
server: AmazonS3
age: 47
etag: "8c1f548a3f2847dca8be508d0c364544"
x-cache: Hit from cloudfront
x-amz-version-id: 2ESjgBb73_0oEdcj2n5bBpXxXUiF3YJe
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: CDG50-P2
accept-ranges: bytes
content-type: image/jpeg
content-length: 4071
x-amz-cf-id: JqOYnnLTWIGc-NW8MkcZtqiEISNSxcRkOrYmUt7fpu7jln5koLXvEg==

GET
H2 200 49616.jpg
d16vsmxl4d5tw1.cloudfront.net/261/f167a/72d1/4cc0/b279/f784517e8d9d/thumb/ 3 KB
3 KB 72ms
46ms Image
image/jpeg 2600:9000:218d:9600:13:811c:e440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d16vsmxl4d5tw1.cloudfront.net/261/f167a/72d1/4cc0/b279/f784517e8d9d/thumb/49616.jpg
Requested by: Host: ask.fm
URL: https://ask.fm/packetquiver3735
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218d:9600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5bab5ebf681692fa03a6189a614e96a6cea674084db4d76421c54db3aa9f1c2f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 02:21:03 GMT
via: 1.1 7e6657395b3575281556302c38800696.cloudfront.net (CloudFront)
last-modified: Mon, 02 Sep 2019 17:42:36 GMT
server: AmazonS3
age: 51797
etag: "5c29b9952d67e1201b7d5837ef7159d6"
x-cache: Hit from cloudfront
x-amz-version-id: KpGrr_UweV21i_vRcA09yX16P_Ooc9UW
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: CDG50-P2
accept-ranges: bytes
content-type: image/jpeg
content-length: 3108
x-amz-cf-id: F16-h4FKHmu0u6enwLZMyjdrpPX1CWxhBCOd6vpB6MWMwZlBDxXMXg==

GET
H2 200 369467.jpg
d16vsmxl4d5tw1.cloudfront.net/5ba/536ef/041a/458a/b0b1/1c006ec6519a/thumb/ 3 KB
4 KB 70ms
44ms Image
image/jpeg 2600:9000:218d:9600:13:811c:e440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d16vsmxl4d5tw1.cloudfront.net/5ba/536ef/041a/458a/b0b1/1c006ec6519a/thumb/369467.jpg
Requested by: Host: ask.fm
URL: https://ask.fm/packetquiver3735
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218d:9600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eb0e0f07463dba9c92d21ce04b257af21511164f92d50f85f22358a3864858ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:38:16 GMT
via: 1.1 7e6657395b3575281556302c38800696.cloudfront.net (CloudFront)
last-modified: Tue, 20 Nov 2018 11:33:00 GMT
server: AmazonS3
age: 3964
etag: "3e8bac55ae70cb17fa454070f55f6a0f"
x-cache: Hit from cloudfront
x-amz-version-id: 5NlaGqloEwbzJQsMg.H1_1nRRtdFMx.K
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: CDG50-P2
accept-ranges: bytes
content-type: image/jpeg
content-length: 3190
x-amz-cf-id: 3eOTV0JZ-p74e0BtO0i5Z5YfoOsShqVSw1xjiK2hCXj0MjBVQIah0w==

GET
H2 200 33276.jpg
d16vsmxl4d5tw1.cloudfront.net/ead/c9ff4/1ddc/4fd7/ac4a/c967d944a374/thumb/ 3 KB
4 KB 65ms
38ms Image
image/jpeg 2600:9000:218d:9600:13:811c:e440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d16vsmxl4d5tw1.cloudfront.net/ead/c9ff4/1ddc/4fd7/ac4a/c967d944a374/thumb/33276.jpg
Requested by: Host: ask.fm
URL: https://ask.fm/packetquiver3735
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218d:9600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b69a83dc0b640a124fc33432c003f2e4ac22d367dbcab0398220019e7ac7ca5b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 03:18:17 GMT
via: 1.1 7e6657395b3575281556302c38800696.cloudfront.net (CloudFront)
last-modified: Mon, 29 Jul 2019 09:19:11 GMT
server: AmazonS3
age: 48363
etag: "c112316a3dae1f6b568d98b7a24823a5"
x-cache: Hit from cloudfront
x-amz-version-id: ekrf4pHap977i_UC7D6I5ZGDGGBhcyo7
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: CDG50-P2
accept-ranges: bytes
content-type: image/jpeg
content-length: 3262
x-amz-cf-id: o3Uq3IPo0NYAX6fp6M0tmsZaeSB1IIQz0DyAuKI585iS4qc_lu2Naw==

GET
H2 200 97730.jpg
dbq8hrmshvuto.cloudfront.net/06d/b3a16/72a5/468c/b13d/8111f9c8d13c/thumb/ 3 KB
3 KB 460ms
377ms Image
image/jpeg 2600:9000:2117:ee00:c:d85b:b300:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbq8hrmshvuto.cloudfront.net/06d/b3a16/72a5/468c/b13d/8111f9c8d13c/thumb/97730.jpg
Requested by: Host: ask.fm
URL: https://ask.fm/packetquiver3735
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2117:ee00:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9b5ec09d89133ac8a7b95e5e00d570d32fead2791bae14ff525da4ace9d7a9b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 16:44:20 GMT
via: 1.1 343bfbd831f62ab698056c2ca0efaabd.cloudfront.net (CloudFront)
last-modified: Fri, 26 Jun 2020 06:16:23 GMT
server: AmazonS3
x-amz-cf-pop: CDG50-C1
etag: "1c40cb27f8d4fac3a10e5dce771b616f"
x-cache: Miss from cloudfront
x-amz-version-id: j2CJD6yQJpDFI48vDYK1tDOKBwVqpiPI
x-amz-storage-class: REDUCED_REDUNDANCY
accept-ranges: bytes
content-type: image/jpeg
content-length: 2698
x-amz-cf-id: Nd32R1zv6nm5dN5Vui6C4EjRkinE66SOCvG7-XfT3Xetori-oCgvuA==

GET
H2 200 70245.jpg
d16vsmxl4d5tw1.cloudfront.net/f49/755fe/fbb8/4ce4/8991/ae408d30ef31/thumb/ 6 KB
7 KB 73ms
48ms Image
image/jpeg 2600:9000:218d:9600:13:811c:e440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d16vsmxl4d5tw1.cloudfront.net/f49/755fe/fbb8/4ce4/8991/ae408d30ef31/thumb/70245.jpg
Requested by: Host: ask.fm
URL: https://ask.fm/packetquiver3735
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218d:9600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9223221e834e3ff92630329768fe393734aa884fc5c1400ceea60f7d0cefeca5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 16:35:57 GMT
via: 1.1 7e6657395b3575281556302c38800696.cloudfront.net (CloudFront)
last-modified: Thu, 06 Sep 2018 23:34:51 GMT
server: AmazonS3
age: 503
etag: "4e7b57b56bc6528dec0431cb3e048046"
x-cache: Hit from cloudfront
x-amz-version-id: f59mfPIgmEutVziLlwBBpQfYKXokUpxK
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: CDG50-P2
accept-ranges: bytes
content-type: image/jpeg
content-length: 6642
x-amz-cf-id: oekfLc8EKkhnOCGBmPqXzCZQe8jiDtRAsL_8cmWECsACi_hpkGz-Ew==

GET
H2 200 82181.jpg
d16vsmxl4d5tw1.cloudfront.net/cd5/0509e/823a/4aa7/aa27/9f6ced68cb0d/thumb/ 2 KB
3 KB 72ms
45ms Image
image/jpeg 2600:9000:218d:9600:13:811c:e440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d16vsmxl4d5tw1.cloudfront.net/cd5/0509e/823a/4aa7/aa27/9f6ced68cb0d/thumb/82181.jpg
Requested by: Host: ask.fm
URL: https://ask.fm/packetquiver3735
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218d:9600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 11207361fdb98331fc89bedaca3943092c73bf3f6fd493fdb5a5bb81ec66ed14

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 06:51:31 GMT
via: 1.1 7e6657395b3575281556302c38800696.cloudfront.net (CloudFront)
last-modified: Sat, 04 May 2019 21:22:50 GMT
server: AmazonS3
age: 35569
etag: "f2ef2fe5cf2c1e057adf47c8f2ab9323"
x-cache: Hit from cloudfront
x-amz-version-id: BfHl2Tk_94rQ64UMbBh9UgZuD3o8iy2a
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: CDG50-P2
accept-ranges: bytes
content-type: image/jpeg
content-length: 2396
x-amz-cf-id: vnm435YWrwH5lFfQ0vjrzWGmMFLSQ933EwBnTHKoCR_lc3mInE0dbQ==

GET
H2 200 74498.jpg
d16vsmxl4d5tw1.cloudfront.net/ec5/df0c2/41b6/461e/bd4e/7ad6d487ba77/thumb/ 4 KB
5 KB 74ms
47ms Image
image/jpeg 2600:9000:218d:9600:13:811c:e440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d16vsmxl4d5tw1.cloudfront.net/ec5/df0c2/41b6/461e/bd4e/7ad6d487ba77/thumb/74498.jpg
Requested by: Host: ask.fm
URL: https://ask.fm/packetquiver3735
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218d:9600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d82212d39d1b89ae91067e3e3e80c68827d21c2eeb263b05751f547dbd25a950

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 02:20:48 GMT
via: 1.1 7e6657395b3575281556302c38800696.cloudfront.net (CloudFront)
last-modified: Sat, 10 Aug 2019 05:13:02 GMT
server: AmazonS3
age: 51812
etag: "10358aa8f8eb55c3511e3fc99a2c5add"
x-cache: Hit from cloudfront
x-amz-version-id: wqBx9TkPCSX.fC.VV8pR_NiUIqjO1A98
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: CDG50-P2
accept-ranges: bytes
content-type: image/jpeg
content-length: 4274
x-amz-cf-id: JGV_VGb8j_mIRbN5qZw-OeatHuOm39HSpbvDl8PekMKKavAoOsoveQ==

GET
H2 200 90478.jpg
d16vsmxl4d5tw1.cloudfront.net/fec/b166e/bf74/4a40/9948/e64eac7e6410/thumb/ 5 KB
5 KB 55ms
30ms Image
image/jpeg 2600:9000:218d:9600:13:811c:e440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d16vsmxl4d5tw1.cloudfront.net/fec/b166e/bf74/4a40/9948/e64eac7e6410/thumb/90478.jpg
Requested by: Host: ask.fm
URL: https://ask.fm/packetquiver3735
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218d:9600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 168c964442c127d6e41e7756b9861dfd332855eb2c0d010c5a0a6d5a2890d1ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 13:03:11 GMT
via: 1.1 7e6657395b3575281556302c38800696.cloudfront.net (CloudFront)
last-modified: Tue, 16 Apr 2019 02:07:50 GMT
server: AmazonS3
age: 13269
etag: "59ec54523830e837b7721d5557974a4c"
x-cache: Hit from cloudfront
x-amz-version-id: 5IMasxSX7zV2XpgKaDLXSKF10Y3WndN1
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: CDG50-P2
accept-ranges: bytes
content-type: image/jpeg
content-length: 4872
x-amz-cf-id: kN4SnkixyzXScfIWi6wwy65AeuTkWWX0IdfxVr6bBKZvev5gVVM3Sg==

GET
H2 200 130664.jpg
d16vsmxl4d5tw1.cloudfront.net/20d/e4a2c/fc59/4701/865c/50458cb73b8d/thumb/ 3 KB
3 KB 80ms
54ms Image
image/jpeg 2600:9000:218d:9600:13:811c:e440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d16vsmxl4d5tw1.cloudfront.net/20d/e4a2c/fc59/4701/865c/50458cb73b8d/thumb/130664.jpg
Requested by: Host: ask.fm
URL: https://ask.fm/packetquiver3735
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218d:9600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e05e863b4966a3f41111e2ccf4d76877b3e03093abadac039ae8f3f0bcc8c71b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:19:28 GMT
via: 1.1 7e6657395b3575281556302c38800696.cloudfront.net (CloudFront)
last-modified: Fri, 27 Jul 2018 00:38:51 GMT
server: AmazonS3
age: 5091
etag: "9dfbf74f5c7429b092a5f807354c7124"
x-cache: Hit from cloudfront
x-amz-version-id: vfIeLmg7STKo08LPAHn_t4N05J5XVFQi
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: CDG50-P2
accept-ranges: bytes
content-type: image/jpeg
content-length: 3154
x-amz-cf-id: -SBk7EP2zucvw30OQLwzuxioe8Kma_a9PjfEfsCoPWGPhZyae2DGIA==

GET
H2 200 28651.jpg
d16vsmxl4d5tw1.cloudfront.net/4d4/ddd95/fa99/496f/8eb1/e0287f936419/thumb/ 3 KB
3 KB 71ms
44ms Image
image/jpeg 2600:9000:218d:9600:13:811c:e440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d16vsmxl4d5tw1.cloudfront.net/4d4/ddd95/fa99/496f/8eb1/e0287f936419/thumb/28651.jpg
Requested by: Host: ask.fm
URL: https://ask.fm/packetquiver3735
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218d:9600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c823abcf5705827215b02b26b20eb77214c9090bd2e39e76ea13551b5dc64862

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 15:57:25 GMT
via: 1.1 7e6657395b3575281556302c38800696.cloudfront.net (CloudFront)
last-modified: Tue, 02 Jul 2019 23:27:27 GMT
server: AmazonS3
age: 2815
etag: "0737548156ab5398a08351340d55a106"
x-cache: Hit from cloudfront
x-amz-version-id: WeUJw4MdJSaP0A7aY9DSTMXxGPlwCPzt
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: CDG50-P2
accept-ranges: bytes
content-type: image/jpeg
content-length: 3097
x-amz-cf-id: TFXUfRNKt5zZh9sQBPYHQaQzg9S0PoXQl9MHOU9p1eU0u_FLiSS7PQ==

GET
H2 200 730585.jpg
d16vsmxl4d5tw1.cloudfront.net/63d/1bb4d/aa02/4e61/a3d0/f04d55eb8a44/thumb/ 5 KB
6 KB 77ms
51ms Image
image/jpeg 2600:9000:218d:9600:13:811c:e440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d16vsmxl4d5tw1.cloudfront.net/63d/1bb4d/aa02/4e61/a3d0/f04d55eb8a44/thumb/730585.jpg
Requested by: Host: ask.fm
URL: https://ask.fm/packetquiver3735
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218d:9600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0d712c6bbf7ad22dd39c8d72c74f8505c6c3472d61570159485f8abc49ce3b82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 16:28:59 GMT
via: 1.1 7e6657395b3575281556302c38800696.cloudfront.net (CloudFront)
last-modified: Sun, 03 Jun 2018 05:10:02 GMT
server: AmazonS3
age: 921
etag: "f42b8428a7b2497a9cc0216ff2f7ebea"
x-cache: Hit from cloudfront
x-amz-version-id: kRzHwDDiYl30rF_AkilZ0aTYyaJsDw1s
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: CDG50-P2
accept-ranges: bytes
content-type: image/jpeg
content-length: 5584
x-amz-cf-id: JnI7uHJU6PyyxxZw8lp4uVutNarJhSe9avctRcztpx6ETuclDyjFnw==

GET
H2 200 177231.jpg
dbq8hrmshvuto.cloudfront.net/10f/6bbdf/1609/45e0/857c/4e38366bede5/thumb/ 4 KB
5 KB 408ms
370ms Image
image/jpeg 2600:9000:2117:ee00:c:d85b:b300:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbq8hrmshvuto.cloudfront.net/10f/6bbdf/1609/45e0/857c/4e38366bede5/thumb/177231.jpg
Requested by: Host: ask.fm
URL: https://ask.fm/packetquiver3735
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2117:ee00:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fabc2040b8a703e60517f7d7bf91405c583eeb35695fb596afaa9b0515a9fbd6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 16:44:20 GMT
via: 1.1 343bfbd831f62ab698056c2ca0efaabd.cloudfront.net (CloudFront)
last-modified: Mon, 28 Sep 2020 03:54:00 GMT
server: AmazonS3
x-amz-cf-pop: CDG50-C1
etag: "654a49930a7bac81dd3c207f9c2c95c1"
x-cache: Miss from cloudfront
x-amz-version-id: 7p8o6JGAdQqQxquoYMi0UYhMZaJ6s3P2
x-amz-storage-class: REDUCED_REDUNDANCY
accept-ranges: bytes
content-type: image/jpeg
content-length: 4450
x-amz-cf-id: H_d_tsX5c529pFyAxPUAK6eYuMtF-Zw63wuJUkP6W2abIYrY5dPvgg==

GET
H2 200 190390.jpg
d16vsmxl4d5tw1.cloudfront.net/010/eebab/82f4/4919/a03d/20e1412775ec/thumb/ 3 KB
3 KB 65ms
38ms Image
image/jpeg 2600:9000:218d:9600:13:811c:e440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d16vsmxl4d5tw1.cloudfront.net/010/eebab/82f4/4919/a03d/20e1412775ec/thumb/190390.jpg
Requested by: Host: ask.fm
URL: https://ask.fm/packetquiver3735
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218d:9600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 98afa8b224957cd05b6b4f4e0bd6637c6929a682137e78595bbcbd0f3f07334b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 08:16:03 GMT
via: 1.1 7e6657395b3575281556302c38800696.cloudfront.net (CloudFront)
last-modified: Mon, 21 Oct 2019 13:25:17 GMT
server: AmazonS3
age: 30497
etag: "aaf1ee0553cd1a294e9b7cfb8a34fc3f"
x-cache: Hit from cloudfront
x-amz-version-id: WdekLgqaEJy5tnJSVZVRNZ0cnx10lvv2
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: CDG50-P2
accept-ranges: bytes
content-type: image/jpeg
content-length: 3051
x-amz-cf-id: 2oRAyBqXe7TDd6__pVZuwuHPAdPT5-Wk9rdwWiaRuYfIH1_t87o0ew==

GET
H2 200 491640.jpg
d16vsmxl4d5tw1.cloudfront.net/f78/b6726/c90e/4c9e/9a16/493bbd1c7cfc/thumb/ 2 KB
2 KB 49ms
22ms Image
image/jpeg 2600:9000:218d:9600:13:811c:e440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d16vsmxl4d5tw1.cloudfront.net/f78/b6726/c90e/4c9e/9a16/493bbd1c7cfc/thumb/491640.jpg
Requested by: Host: ask.fm
URL: https://ask.fm/packetquiver3735
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218d:9600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f8850cefb4de41ccc6605f1dfb4a878ea180b2c1b7caf09fe406e4f9e16ff126

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:45:01 GMT
via: 1.1 7e6657395b3575281556302c38800696.cloudfront.net (CloudFront)
last-modified: Tue, 22 May 2018 08:18:35 GMT
server: AmazonS3
age: 7159
etag: "d39fc121d1a15af7da21a5252b1a4aaf"
x-cache: Hit from cloudfront
x-amz-version-id: WkVuSzNCbZxAZoK2KpIg0f9OxpIRSvFw
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: CDG50-P2
accept-ranges: bytes
content-type: image/jpeg
content-length: 1632
x-amz-cf-id: rSowFsA5kQMqvE55ZVo7JtA76nu-qYTq3uxPWwAaZujZJXqIzvpgmw==

GET
H2 200 640338.png
d16vsmxl4d5tw1.cloudfront.net/ab6/f98e2/5e73/400f/95de/9f15ed19731c/thumb/ 7 KB
7 KB 74ms
49ms Image
image/png 2600:9000:218d:9600:13:811c:e440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d16vsmxl4d5tw1.cloudfront.net/ab6/f98e2/5e73/400f/95de/9f15ed19731c/thumb/640338.png
Requested by: Host: ask.fm
URL: https://ask.fm/packetquiver3735
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218d:9600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 314f77ceb6eeb867506034066927d975a3619c9decd8a952150949f822e1d6ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 16:31:23 GMT
via: 1.1 7e6657395b3575281556302c38800696.cloudfront.net (CloudFront)
last-modified: Tue, 29 May 2018 16:52:17 GMT
server: AmazonS3
age: 777
etag: "8f9c1b509ab5fafc1414256c22a314a0"
x-cache: Hit from cloudfront
x-amz-version-id: ZIZZ3EhCbdxqhI5.SHrLdwmUhhWBdQkg
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-pop: CDG50-P2
accept-ranges: bytes
content-type: image/png
content-length: 6809
x-amz-cf-id: aL2zjYIK3e5CD97Z1OFixZTyq_oxyfw3TJNxYAO05tY4FxMMCNS09Q==

GET
H2 200 fontello-4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316.woff2
d3r6ceqp4shltl.cloudfront.net/assets/ 17 KB
18 KB 76ms
24ms Font
application/font-woff2 2600:9000:20e1:6000:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/fontello-4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316.woff2

Requested by

Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20e1:6000:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css
Origin: https://ask.fm
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 00:47:46 GMT
via: 1.1 97b63effdcb60825f821df922441529d.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin
age: 5154993
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000
content-length: 17880
last-modified: Thu, 29 Apr 2021 05:41:49 GMT
server: Ask.FM Web Service
etag: "608a471d-45d8"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: https://ask.fm
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: CDG50-C2
accept-ranges: bytes
x-amz-cf-id: z3A5Po20YZwCyEG4otxnvSNoxQIfLVpEo8_S_3yFTWjq1C2kPsbDxQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 proximanova-semibold-41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401.woff2
d3r6ceqp4shltl.cloudfront.net/assets/ 25 KB
25 KB 75ms
23ms Font
application/font-woff2 2600:9000:20e1:6000:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/proximanova-semibold-41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401.woff2

Requested by

Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20e1:6000:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css
Origin: https://ask.fm
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 23:07:48 GMT
via: 1.1 97b63effdcb60825f821df922441529d.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin
age: 3605791
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000
content-length: 25400
last-modified: Wed, 06 Sep 2017 12:36:34 GMT
server: Ask.FM Web Service
etag: "59afebd2-6338"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: https://ask.fm
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: CDG50-C2
accept-ranges: bytes
x-amz-cf-id: iCfhZ9dFeZ6Lf97WDg4pdKhjtFETlWn0zf6-fnfQov-xjHoWS063vg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 proximanovareg-98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f.woff2
d3r6ceqp4shltl.cloudfront.net/assets/ 51 KB
52 KB 74ms
22ms Font
application/font-woff2 2600:9000:20e1:6000:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/proximanovareg-98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f.woff2

Requested by

Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20e1:6000:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css
Origin: https://ask.fm
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:02:51 GMT
via: 1.1 97b63effdcb60825f821df922441529d.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin
age: 3602488
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000
content-length: 52204
last-modified: Wed, 02 Aug 2017 08:00:22 GMT
server: Ask.FM Web Service
etag: "59818696-cbec"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: https://ask.fm
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: CDG50-C2
accept-ranges: bytes
x-amz-cf-id: RWU-1qWrLY4AyaccwRHogAMNYzlBqNTrQIAcIo_eCem7Q0yCf52SMA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET skeleton.gif
static.adsafeprotected.com/ 0
0

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9390.1s0YygAnHi8RJJ4E-otq8NzVb1JIlybojnbugaIkG8z-JPbaXU9AYWO1lJKHR7jE.694DgNPTnGN5BFZYUDb918cs_O0%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9390.UmFEsYcfc1Lly2Eezj2brT_Xy2SihhgFJSw1q-AntqxqU9gyERPYuT8U_sWOYUE1etHpODtnpV-athRacNbelA%2C%2C.9NqYKeS-SABTSn-A4IwQV5nseZM%2C

75 B
75 B

73ms
73ms

Image
text/html

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9390.UmFEsYcfc1Lly2Eezj2brT_Xy2SihhgFJSw1q-AntqxqU9gyERPYuT8U_sWOYUE1etHpODtnpV-athRacNbelA%2C%2C.9NqYKeS-SABTSn-A4IwQV5nseZM%2C

Requested by

Host: ask.fm
URL: https://ask.fm/packetquiver3735

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 16:44:19 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9390.UmFEsYcfc1Lly2Eezj2brT_Xy2SihhgFJSw1q-AntqxqU9gyERPYuT8U_sWOYUE1etHpODtnpV-athRacNbelA%2C%2C.9NqYKeS-SABTSn-A4IwQV5nseZM%2C
date: Wed, 08 Sep 2021 16:44:19 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 91ms
73ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: ask.fm
URL: https://ask.fm/packetquiver3735

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 16:44:19 GMT
last-modified: Wed, 08 Sep 2021 16:07:49 GMT
etag: "61372b26-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 08 Sep 2021 17:44:19 GMT

GET
H2 200 formats.js Show response
ad.lkqd.net/vpaid/ Frame CA2F 118 KB
35 KB 184ms
9ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/formats.js
Requested by: Host: ask.fm
URL: https://ask.fm/packetquiver3735
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 16:44:19 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 00:09:23 GMT
etag: "286704660baa2c113268f28385080796"
x-hw: 1631119459.cds127.fr8.hn,1631119459.cds289.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 35765

GET
H2 200 formats.js Show response
ad.lkqd.net/vpaid/ Frame 6C52 118 KB
35 KB 183ms
19ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/formats.js
Requested by: Host: ask.fm
URL: https://ask.fm/packetquiver3735
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 16:44:19 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 00:09:23 GMT
etag: "286704660baa2c113268f28385080796"
x-hw: 1631119459.cds127.fr8.hn,1631119459.cds289.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 35765

GET
H2

200

cookie Show response
a.vidoomy.com/api/rtbserver/ Frame CEB6
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent

43 B
290 B

60ms
9ms

Document
image/gif

3.68.1.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Requested by: Host: ask.fm
URL: https://ask.fm/packetquiver3735
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.68.1.119 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-68-1-119.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

:method: GET
:authority: a.vidoomy.com
:scheme: https
:path: /api/rtbserver/cookie?i=CEN&uid=no-consent
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ask.fm/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/

Response headers

date: Wed, 08 Sep 2021 16:44:19 GMT
content-type: image/gif
content-length: 43
content-encoding: none
set-cookie: vidoomy-uids=eyJ1aWRzIjp7IkNFTiI6eyJ1aWQiOiJuby1jb25zZW50IiwiZXhwaXJlcyI6MTYzMzcxMTQ1OX19fQ==; Path=/; Domain=vidoomy.com; Expires=Thu, 08 Sep 2022 16:44:19 GMT; Secure; SameSite=None
vary: Origin

Redirect headers

cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
content-length: 0
date: Wed, 08 Sep 2021 16:44:19 GMT
server: AC1.1

GET
H2

200

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://x.bidswitch.net/sync?ssp=vidoomy&user_id=276933411.075723351622228104.776959
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=276933411.075723351622228104.776959
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=vidoomy&bsw_param=ee67bb15-b8d0-459a-a757-a77bc471dbf9&google_hm=ZWU2N2JiMTUtYjhkMC00NTlhLWE3NTctYTc3YmM0NzFkYmY5
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm=&google_sc=&ssp=vidoomy&bsw_param=ee67bb15-b8d0-459a-a757-a77bc471dbf9&google_hm=ZWU2N2JiMTUtYjhkMC00NTlhLWE3NTctYTc3YmM0NzFkYm...
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEIe84pMTQh3C5YKkaeDcH74&google_cver=1&ssp=vidoomy&bsw_param=ee67bb15-b8d0-459a-a757-a77bc471dbf9
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=ee67bb15-b8d0-459a-a757-a77bc471dbf9

43 B
368 B

9ms
9ms

Image
image/gif

3.68.1.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=ee67bb15-b8d0-459a-a757-a77bc471dbf9
Requested by: Host: ask.fm
URL: https://ask.fm/packetquiver3735
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.68.1.119 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-68-1-119.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 16:44:19 GMT
content-encoding: none
content-length: 43
vary: Origin
content-type: image/gif

Redirect headers

location: //a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=ee67bb15-b8d0-459a-a757-a77bc471dbf9
date: Wed, 08 Sep 2021 16:44:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://sync.1rx.io/usersync2/vidoomy?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3D%5BRX_UUID%5D
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8660872260
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8660872260
https://sync.1rx.io/usersync/tradedesk/dcbe8866-48a2-4d9f-ae06-61b761f7b37c
https://sync.targeting.unrulymedia.com/csync/RX-1702692d-b5e6-4cb6-a9a8-9a64dc80800d-003?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3DRX-1702692d-b5e6-4cb6-a9a8-9a6...
https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=RX-1702692d-b5e6-4cb6-a9a8-9a64dc80800d-003

43 B
457 B

9ms
9ms

Image
image/gif

3.68.1.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=RX-1702692d-b5e6-4cb6-a9a8-9a64dc80800d-003
Requested by: Host: ask.fm
URL: https://ask.fm/packetquiver3735
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.68.1.119 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-68-1-119.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 16:44:19 GMT
content-encoding: none
content-length: 43
vary: Origin
content-type: image/gif

Redirect headers

location: https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=RX-1702692d-b5e6-4cb6-a9a8-9a64dc80800d-003
date: Wed, 08 Sep 2021 16:44:19 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX1702692db5e64cb6a9a89a64dc80800d003
content-type: text/html

GET
H/1.1 200
OK auto-user-sync
ads.stickyadstv.com/ 43 B
599 B 188ms
30ms Image
image/gif 104.80.21.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/auto-user-sync
Requested by: Host: ask.fm
URL: https://ask.fm/packetquiver3735
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.80.21.36 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-21-36.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 16:44:19 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1631119459551053-504
Expires: Wed, 08 Sep 2021 16:44:19 GMT

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame C082 4 KB
2 KB 12ms
12ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 08 Sep 2021 16:44:19 GMT
content-encoding: gzip
content-length: 1868
content-type: text/html
last-modified: Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges: bytes
etag: "81f08e6987a7c8675462207e3514d72e"
cache-control: public, max-age=1209600
x-hw: 1631119459.cds127.fr8.hn,1631119459.cds226.fr8.c
access-control-allow-origin: *

GET
H2 200 ad Show response
v.lkqd.net/ Frame CA2F 2 KB
2 KB 318ms
101ms XHR
application/xml 146.20.128.55
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fpacketquiver3735&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=975985&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.55 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: f6a71b07ddc56e59cea097f580ffad3ebd5301bb04529e54033fff242a2ea200

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 16:44:19 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://ask.fm
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1357

GET
H2

200

1 Show response
mc.yandex.com/watch/48953915/
Redirect Chain

https://mc.yandex.com/watch/48953915?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fpacketquiver3735&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A716%3Afu%3A0%3Aen%3Autf-...
https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fpacketquiver3735&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A716%3Afu%3A0%3Aen%3Aut...

383 B
465 B

71ms
71ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fpacketquiver3735&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A716%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A261427820118%3Ahid%3A414844270%3Az%3A0%3Ai%3A20210908164419%3Aet%3A1631119459%3Ac%3A1%3Arn%3A326156675%3Arqn%3A1%3Au%3A1631119459823264757%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1631119458371%3Ads%3A19%2C286%2C147%2C2%2C0%2C0%2C%2C181%2C8%2C%2C%2C%2C638%3Adsn%3A20%2C286%2C147%2C2%2C0%2C0%2C%2C182%2C8%2C%2C%2C%2C638%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1631119460%3At%3AAccount%20Suspended%20-%20Ask.fm

Requested by

Host: ask.fm
URL: https://ask.fm/packetquiver3735

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

dc5399bd200c7c3fa47e73f43bd1b16d19888200e3a4a863a1c703e5e3272bf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 16:44:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 08-Sep-2021 16:44:19 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ask.fm
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 383
x-xss-protection: 1; mode=block
expires: Wed, 08-Sep-2021 16:44:19 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 Sep 2021 16:44:19 GMT
last-modified: Wed, 08-Sep-2021 16:44:19 GMT
location: /watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fpacketquiver3735&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A716%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A261427820118%3Ahid%3A414844270%3Az%3A0%3Ai%3A20210908164419%3Aet%3A1631119459%3Ac%3A1%3Arn%3A326156675%3Arqn%3A1%3Au%3A1631119459823264757%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1631119458371%3Ads%3A19%2C286%2C147%2C2%2C0%2C0%2C%2C181%2C8%2C%2C%2C%2C638%3Adsn%3A20%2C286%2C147%2C2%2C0%2C0%2C%2C182%2C8%2C%2C%2C%2C638%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1631119460%3At%3AAccount%20Suspended%20-%20Ask.fm
strict-transport-security: max-age=31536000
access-control-allow-origin: https://ask.fm
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 08-Sep-2021 16:44:19 GMT

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame DEC6 4 KB
2 KB 11ms
10ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 08 Sep 2021 16:44:19 GMT
content-encoding: gzip
content-length: 1868
content-type: text/html
last-modified: Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges: bytes
etag: "81f08e6987a7c8675462207e3514d72e"
cache-control: public, max-age=1209600
x-hw: 1631119459.cds127.fr8.hn,1631119459.cds226.fr8.c
access-control-allow-origin: *

GET
H2 200 ad Show response
v.lkqd.net/ Frame 6C52 180 B
349 B 299ms
101ms XHR
application/xml 146.20.128.55
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1148643&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fpacketquiver3735&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=5883180&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.55 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 16:44:19 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://ask.fm
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 150

GET
H2 200 cs
cs.lkqd.net/ Frame C082 43 B
309 B 304ms
94ms Image
image/gif 146.20.128.140
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.140 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 16:44:20 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame C082 43 B
308 B 307ms
98ms Image
image/gif 146.20.128.140
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.140 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 16:44:20 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame C082 43 B
308 B 305ms
97ms Image
image/gif 146.20.128.140
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.140 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 16:44:20 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame C082 43 B
308 B 306ms
98ms Image
image/gif 146.20.128.140
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.140 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 16:44:20 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame C082
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4504867596234818164

43 B
308 B

239ms
96ms

Image
image/gif

146.20.128.140
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4504867596234818164
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.140 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 16:44:20 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4504867596234818164
pragma: no-cache
date: Wed, 08 Sep 2021 16:44:19 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 cs
cs.lkqd.net/ Frame DEC6 43 B
308 B 305ms
98ms Image
image/gif 146.20.128.140
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.140 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 16:44:20 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame DEC6 43 B
308 B 302ms
96ms Image
image/gif 146.20.128.140
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.140 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 16:44:20 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame DEC6 43 B
308 B 303ms
97ms Image
image/gif 146.20.128.140
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.140 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 16:44:20 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame DEC6 43 B
308 B 300ms
94ms Image
image/gif 146.20.128.140
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.140 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 16:44:20 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame DEC6
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4432810002196890228

43 B
308 B

236ms
95ms

Image
image/gif

146.20.128.140
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4432810002196890228
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.140 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 16:44:20 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4432810002196890228
pragma: no-cache
date: Wed, 08 Sep 2021 16:44:19 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

POST t
t.lkqd.net/ Frame BA62 0
0

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 324ms
94ms Preflight
text/plain 146.20.132.120
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.120 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://ask.fm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 08 Sep 2021 16:44:20 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://ask.fm

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 313ms
93ms Preflight
text/plain 146.20.132.120
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.120 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://ask.fm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 08 Sep 2021 16:44:20 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://ask.fm

POST
H2 200 t Show response
t.lkqd.net/ Frame 119C 0
159 B 289ms
95ms XHR
text/plain 146.20.132.120
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.120 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://ask.fm
date: Wed, 08 Sep 2021 16:44:20 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame B5FB 230 KB
61 KB 13ms
10ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 16:44:20 GMT
content-encoding: gzip
last-modified: Mon, 10 May 2021 16:09:54 GMT
etag: "18431b5d583ab7507824ab63424fc76a"
x-hw: 1631119460.cds127.fr8.hn,1631119460.cds107.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62012

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 7DD7 4 KB
2 KB 12ms
12ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 08 Sep 2021 16:44:20 GMT
content-encoding: gzip
content-length: 1868
content-type: text/html
last-modified: Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges: bytes
etag: "81f08e6987a7c8675462207e3514d72e"
cache-control: public, max-age=1209600
x-hw: 1631119460.cds127.fr8.hn,1631119460.cds226.fr8.c
access-control-allow-origin: *

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 294ms
93ms Preflight 146.20.128.55
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fpacketquiver3735&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=975985&m=&rtv=1&thost=ask.fm
Protocol: H2
Server: 146.20.128.55 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://ask.fm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 08 Sep 2021 16:44:20 GMT
content-length: 0
access-control-allow-origin: https://ask.fm
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

POST
H2 200 ad Show response
v.lkqd.net/ Frame B5FB 66 KB
5 KB 213ms
212ms XHR
application/json 146.20.128.55
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fpacketquiver3735&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=975985&m=&rtv=1&thost=ask.fm
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.55 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 4569d6bf2a0e32a079b444e4f60b1ff8d6680efbdbb5965568d508c4b329e42c

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 08 Sep 2021 16:44:20 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://ask.fm
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 5384

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 cs
cs.lkqd.net/ Frame 7DD7 43 B
308 B 91ms
90ms Image
image/gif 146.20.128.140
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.140 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 16:44:20 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 7DD7 43 B
308 B 91ms
91ms Image
image/gif 146.20.128.140
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.140 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 16:44:20 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 7DD7 43 B
308 B 91ms
91ms Image
image/gif 146.20.128.140
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.140 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 16:44:20 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 7DD7 43 B
308 B 91ms
91ms Image
image/gif 146.20.128.140
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.140 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 16:44:20 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame 7DD7
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4432810002196890228

43 B
308 B

90ms
90ms

Image
image/gif

146.20.128.140
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4432810002196890228
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.140 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 16:44:20 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4432810002196890228
pragma: no-cache
date: Wed, 08 Sep 2021 16:44:19 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

POST
H2 200 t Show response
t.lkqd.net/ Frame CEBF 0
158 B 224ms
97ms XHR
text/plain 146.20.132.120
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.120 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://ask.fm
date: Wed, 08 Sep 2021 16:44:20 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 93ms
93ms Preflight
text/plain 146.20.132.120
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.120 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://ask.fm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 08 Sep 2021 16:44:20 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://ask.fm

GET
H2 200 / Show response
adx.adform.net/adx/ 65 B
642 B 152ms
87ms XHR
text/xml 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fask.fm%2Fpacketquiver3735

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 16:44:20 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://ask.fm
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 / Show response
adx.adform.net/adx/ 65 B
643 B 118ms
57ms XHR
text/xml 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=970530&url=https%3A%2F%2Fask.fm%2Fpacketquiver3735&t=2

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 16:44:20 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://ask.fm
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1 200
OK 88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM= Show response
ads.adaptv.advertising.com/a/h/ 249 B
536 B 467ms
424ms XHR
text/xml 18.159.240.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1352513725&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fpacketquiver3735&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.159.240.81 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-159-240-81.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://ask.fm
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H/1.1 200
OK LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs= Show response
ads.adaptv.advertising.com/a/h/ 249 B
536 B 257ms
215ms XHR
text/xml 18.159.240.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=118814726&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fpacketquiver3735&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.159.240.81 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-159-240-81.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://ask.fm
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
729 B 130ms
130ms XHR
application/xml 104.80.21.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C17129592991319625331663320989,,
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.80.21.36 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-21-36.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 16:44:20 GMT
Server: nginx
x-sticky-vk: 1631119460519092-589
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://ask.fm
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
nnCoection: close
Expires: Wed, 08 Sep 2021 16:44:20 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 56ms
26ms XHR
application/xml 104.80.21.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C20564369471712959299131962533,,
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.80.21.36 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-21-36.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d9de38a7765aef878874c510291d2eb88f78b505f7a4465dbed6f07c405b3424

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 16:44:20 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://ask.fm
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1158
x-sticky-vk: 1631119460609067-558
Expires: Wed, 08 Sep 2021 16:44:20 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 65ms
35ms XHR
application/xml 104.80.21.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=0&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C1712959299131962533293054462%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.80.21.36 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-21-36.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: babd04bca5bced2419243cb468ffbe7b40475f02ec42ef73df1c526144054342

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 16:44:20 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://ask.fm
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1190
x-sticky-vk: 1631119460574063-510
Expires: Wed, 08 Sep 2021 16:44:20 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 58ms
27ms XHR
application/xml 104.80.21.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=0&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C17129592991319625331222058308%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.80.21.36 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-21-36.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9f583ece4a103a6a2a6d8fe1ceb6005762b68f3c7739234bbac4a2f7fc04c0c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 16:44:20 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://ask.fm
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1192
x-sticky-vk: 1631119460577069-522
Expires: Wed, 08 Sep 2021 16:44:20 GMT

GET skeleton.js
static.adsafeprotected.com/ 0
0

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 95ms
94ms Preflight
text/plain 146.20.132.120
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.120 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://ask.fm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 08 Sep 2021 16:44:21 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://ask.fm

POST
H2 200 t Show response
t.lkqd.net/ Frame CEBF 0
158 B 153ms
153ms XHR
text/plain 146.20.132.120
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.120 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://ask.fm
date: Wed, 08 Sep 2021 16:44:21 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame 37A5 330 KB
112 KB 91ms
17ms Script
application/x-javascript 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 5837176a5be205c861565cdec44ff713ed7874620fd4b2967a59a0d184477a48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 16:44:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Jul 2021 02:54:23 GMT
ETag: "1625108063"
X-HW: 1631119461.dop010.ml1.t,1631119461.cds025.ml1.shn,1631119461.cds025.ml1.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 113854

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame 37A5 25 KB
25 KB 79ms
19ms XHR
application/octet-stream 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1631119461308
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 16:44:21 GMT
Last-Modified: Thu, 01 Jul 2021 02:54:23 GMT
ETag: "1625108063"
X-HW: 1631119461.dop021.ml1.t,1631119461.cds025.ml1.shn,1631119461.cds025.ml1.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://ask.fm
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET

wGbQAlJJ
sync-tm.everesttech.net/upi/pid/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=eaf06c6a67fb6d62a44d611a88834de8&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l176a_7005604740864613732
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZWFmMDZjNmE2N2ZiNmQ2MmE0NGQ2MTFhODg4MzRkZTg=&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEHt3SAL5Ypptc6HATFvw6JM&google_cver=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=dcbe8866-48a2-4d9f-ae06-61b761f7b37c
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.stickyadstv.com%252Fuser-registering%253FdataProviderId%253D209%26gdpr%3D0%26gdpr_consent%3D%2526userId%253D%24UID
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=7828100818536297263
https://pr-bh.ybp.yahoo.com/sync/stickyads/eaf06c6a67fb6d62a44d611a88834de8&gdpr=0&gdpr_consent=?gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-ElGAu59E2oOytBKRUuI.9UWv5lFV.HYykX1RGFn.~A
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=b8466138-e866-4400-a6b2-5c0008695c26&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=&_bee_ppp=1
https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AACVik7CcdEAABxCG5zDuw&gdpr=0
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0
https://c1.adform.net/serving/cookie/match/?CC=1&party=18&gdpr=0
https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=4757525346826380865
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D

0
0

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame 37A5 301 B
846 B 36ms
35ms XHR
text/xml 104.80.21.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fask.fm%2Fpacketquiver3735
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.80.21.36 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-21-36.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 16:44:21 GMT
Server: nginx
Access-Control-Allow-Origin: https://ask.fm
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1631119461282035-572
Expires: Wed, 08 Sep 2021 16:44:21 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 37A5 67 B
710 B 138ms
137ms XHR
application/xml 104.80.21.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&schain=1.0%2C1!vidoomy.com%2C54345%2C1%2C20564369471712959299131962533%2C%2C&vav=25f5ea84bb93f865c1301c488a1d540e&vaviv=6749c461eb5f11cad4160c50903dadf1&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.11.9.4&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fask.fm%2Fpacketquiver3735&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.80.21.36 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-21-36.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 16:44:21 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://ask.fm
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1631119461195082-544
Expires: Wed, 08 Sep 2021 16:44:21 GMT

POST
H2 200 t Show response
t.lkqd.net/ Frame CEBF 0
158 B 95ms
95ms XHR
text/plain 146.20.132.120
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.120 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://ask.fm
date: Wed, 08 Sep 2021 16:44:21 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 95ms
95ms Preflight
text/plain 146.20.132.120
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.120 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://ask.fm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 08 Sep 2021 16:44:21 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://ask.fm

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZWFmMDZjNmE2N2ZiNmQ2MmE0NGQ2MTFhODg4MzRkZTg=&gdpr=0&gdpr_consent=

170 B
188 B

29ms
29ms

Image
image/png

216.58.214.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZWFmMDZjNmE2N2ZiNmQ2MmE0NGQ2MTFhODg4MzRkZTg=&gdpr=0&gdpr_consent=

Requested by

Host: ask.fm
URL: https://ask.fm/packetquiver3735

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.214.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

par10s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 16:44:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 16:44:21 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZWFmMDZjNmE2N2ZiNmQ2MmE0NGQ2MTFhODg4MzRkZTg=&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1631119461392004-515
Expires: Wed, 08 Sep 2021 16:44:21 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=eaf06c6a67fb6d62a44d611a88834de8&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
556 B

325ms
103ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=eaf06c6a67fb6d62a44d611a88834de8&ex=freewheel.tv&gdpr=0&gdpr_consent=

Requested by

Host: ask.fm
URL: https://ask.fm/packetquiver3735

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 16:44:21 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: SN18J985FNYG4BHVYDYS
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 16:44:21 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=eaf06c6a67fb6d62a44d611a88834de8&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1631119461303040-595
Expires: Wed, 08 Sep 2021 16:44:21 GMT

GET
DATA 200
OK truncated
/ Frame B5FB 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 vpaid_44854a27.js Show response
vpaid.springserve.com/production/ Frame 3E75 487 KB
87 KB 135ms
27ms Script
application/javascript 2600:9000:219c:aa00:15:6f6c:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_44854a27.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:219c:aa00:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 11e41d859e2bb2f97068bbbffff15522b7852828e938a464164ffbad62cfa389

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 15:01:09 GMT
content-encoding: br
last-modified: Wed, 25 Aug 2021 15:00:31 GMT
server: AmazonS3
age: 1215793
etag: W/"d48d9d8b9aa42be3c59a03030903498a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9f63706579db7391acaa39a0dddcff5e.cloudfront.net (CloudFront)
cache-control: max-age=2678400
x-amz-cf-pop: CDG3-C2
x-amz-cf-id: l2OVOXAaQuWs615j8Xzb1xqjygVL7fiqvlp-xKU8viVzGlrLSPG-HQ==

POST
H2 200 t Show response
t.lkqd.net/ Frame CEBF 0
158 B 95ms
94ms XHR
text/plain 146.20.132.120
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.120 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://ask.fm
date: Wed, 08 Sep 2021 16:44:21 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 95ms
94ms Preflight
text/plain 146.20.132.120
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.120 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://ask.fm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 08 Sep 2021 16:44:21 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://ask.fm

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 3E75 966 B
845 B 114ms
43ms XHR
application/xml 23.217.9.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fpacketquiver3735&schain=1.0,1!vidoomy.com,54345,1,1631119460582,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_44854a27.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.217.9.140 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-9-140.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: fa320bf53da2e1f2255bbb95a8389bd3f34789db1a05ea83a2bf363010b1fd81

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 16:44:21 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5b82218517c94"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://ask.fm
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 593
expires: Wed, 08 Sep 2021 16:44:21 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame 3E75 0
207 B 221ms
221ms XHR
application/json 18.159.240.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_44854a27.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.240.81 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-240-81.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ask.fm
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 3E75 166 B
1 KB 147ms
108ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_44854a27.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

8a8722d7448cc1bfe6f1cec3b7f17c9b1990605273cb6cb7f6d4e0906f8319b2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 16:44:21 GMT
X-Proxy-Origin: 185.232.23.184; 185.232.23.184; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: ba8d5093-c73d-4f66-9e90-c9b1def9cf6d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ask.fm
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 166
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 3E75 166 B
1 KB 96ms
58ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_44854a27.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

10c05067921c5f5a9dfd5a63a6b354992ee20c4d11ab6ca8cc9f1855dbf44498

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 16:44:21 GMT
X-Proxy-Origin: 185.232.23.184; 185.232.23.184; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: f6ad5459-6047-441a-9f23-459a18993476
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ask.fm
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 166
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame C2FB 152 KB
36 KB 32ms
32ms Script
text/javascript 23.217.9.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fpacketquiver3735&schain=1.0,1!vidoomy.com,54345,1,1631119460582,,
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.217.9.140 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-9-140.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 16:44:21 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 05:02:46 GMT
server: Apache/2.2.15 (CentOS)
etag: "1408294-25f9a-5c92d699d3c58"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 36260

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 04E6 38 KB
14 KB 46ms
25ms Document
text/html 23.217.9.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fpacketquiver3735&schain=1.0,1!vidoomy.com,54345,1,1631119460582,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.217.9.140 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-9-140.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

last-modified: Tue, 15 Jun 2021 06:07:52 GMT
etag: "13006b6-974e-5c4c7cb53d8cb"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13946
content-type: text/html; charset=UTF-8
cache-control: public, max-age=79119
expires: Thu, 09 Sep 2021 14:43:01 GMT
date: Wed, 08 Sep 2021 16:44:22 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame C2FB 38 KB
14 KB 50ms
28ms Script
text/html 23.217.9.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fpacketquiver3735&schain=1.0,1!vidoomy.com,54345,1,1631119460582,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.217.9.140 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-9-140.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 16:44:22 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:07:52 GMT
server: Apache/2.2.15 (CentOS)
etag: "13006b6-974e-5c4c7cb53d8cb"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=79119
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 13946
expires: Thu, 09 Sep 2021 14:43:01 GMT

POST
H2 200 48953915 Show response
mc.yandex.com/webvisor/ 43 B
145 B 203ms
202ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=1&wv-hit=414844270&page-url=https%3A%2F%2Fask.fm%2Fpacketquiver3735&rn=414022141&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1631119462%3Aw%3A1600x1200%3Av%3A631%3Az%3A0%3Ai%3A20210908164422%3Au%3A1631119459823264757%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1631119462

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ask.fm/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 16:44:22 GMT
last-modified: Wed, 08-Sep-2021 16:44:22 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://ask.fm
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 08-Sep-2021 16:44:22 GMT

POST
H2 200 48953915 Show response
mc.yandex.com/webvisor/ 43 B
73 B 202ms
201ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=1&wv-hit=414844270&page-url=https%3A%2F%2Fask.fm%2Fpacketquiver3735&rn=683794059&wv-type=5&browser-info=gdpr%3A14%3Aet%3A1631119462%3Aw%3A1600x1200%3Av%3A631%3Az%3A0%3Ai%3A20210908164422%3Au%3A1631119459823264757%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1631119462

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ask.fm/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 16:44:22 GMT
last-modified: Wed, 08-Sep-2021 16:44:22 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://ask.fm
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 08-Sep-2021 16:44:22 GMT

GET PugMaster
image6.pubmatic.com/AdServer/ Frame 04E6 0
0

GET
H2 200 container.html Show response
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 27B1 6 KB
3 KB 100ms
24ms Document
text/html 2a00:1450:4007:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: colossalcoat.com
URL: https://colossalcoat.com/v2doydDDr7mj6NrgHnAK5ak-qxBmJSRZTUAYuHM-2FpCgUsDt2NNH9aFlN0Jtm2lc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:813::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ask.fm/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Wed, 01 Sep 2021 18:26:27 GMT
expires: Thu, 01 Sep 2022 18:26:27 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 598675
cache-control: public, immutable, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 ADTECH;v=2;cmd=bid;cors=yes
adserver.adtech.advertising.com/pubapi/3.0/1/654584.54/0/0/ 0
0 591ms
134ms Fetch 2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtech.advertising.com/pubapi/3.0/1/654584.54/0/0/ADTECH;v=2;cmd=bid;cors=yes
Requested by: Host: colossalcoat.com
URL: https://colossalcoat.com/v2doydDDr7mj6NrgHnAK5ak-qxBmJSRZTUAYuHM-2FpCgUsDt2NNH9aFlN0Jtm2lc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: awselb/2.0 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 16:44:22 GMT
server: awselb/2.0

GET
H2 200 AdServerServlet
vid.pubmatic.com/AdServer/ Frame C2FB 27 B
0 98ms
40ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fpacketquiver3735&schain=1.0,1!vidoomy.com,54345,1,1631119460582,,&us_privacy=&cb=1631119461998&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fask.fm%252Fpacketquiver3735&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fask.fm%252Fpacketquiver3735&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-9-8%2016:44:22&ranreq=0.6485281065560558&timezone=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fpacketquiver3735&schain=1.0,1!vidoomy.com,54345,1,1631119460582,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 16:44:22 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://ask.fm
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-vdbg: 1:0/165:-1
content-type: application/xml; charset=utf-8

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 3E75 67 B
710 B 136ms
135ms XHR
application/xml 104.80.21.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&playerSize=400x225&loc=https%3A%2F%2Fask.fm%2Fpacketquiver3735&_fw_gdpr=&_fw_gdpr_consent=&cb=1631119460582&width=400&height=225&dnt=&ip=146.20.128.39&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&schain=1.0,1!vidoomy.com,54345,1,1631119460582,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_44854a27.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.80.21.36 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-21-36.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 16:44:22 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://ask.fm
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1631119462520050-593
Expires: Wed, 08 Sep 2021 16:44:22 GMT

GET
H2 200 track
aktrack.pubmatic.com/ Frame 3E75 0
61 B 70ms
16ms Image
text/html 104.80.22.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1631119461&wa=0&e=96&ier=901
Requested by: Host: ask.fm
URL: https://ask.fm/packetquiver3735
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.80.22.145 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-80-22-145.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 16:44:22 GMT
content-length: 0
content-type: text/html

POST
H2 200 i Show response
vid-io-cle.springserve.com/vd/ Frame 3E75 0
111 B 364ms
113ms XHR
text/plain 3.140.219.195

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io-cle.springserve.com/vd/i?suuid=fc263ee5&ps_id=357265&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_44854a27.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.140.219.195 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ask.fm
date: Wed, 08 Sep 2021 16:44:23 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0

POST
H2 200 t Show response
t.lkqd.net/ Frame CEBF 0
158 B 95ms
95ms XHR
text/plain 146.20.132.120
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.120 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://ask.fm
date: Wed, 08 Sep 2021 16:44:23 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 93ms
92ms Preflight
text/plain 146.20.132.120
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.120 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://ask.fm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 08 Sep 2021 16:44:23 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://ask.fm

GET
H2 200 ad Show response
v.lkqd.net/ Frame CA2F 2 KB
2 KB 95ms
94ms XHR
application/xml 146.20.128.55
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fpacketquiver3735&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=23241616&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.55 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 2eff85d284b6f90e68ba471cc5e778859bc619c700435e236815814bd67b8113

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 16:44:23 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://ask.fm
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1357

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame 9F34 230 KB
61 KB 12ms
12ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 16:44:23 GMT
content-encoding: gzip
last-modified: Mon, 10 May 2021 16:09:54 GMT
etag: "18431b5d583ab7507824ab63424fc76a"
x-hw: 1631119463.cds127.fr8.hn,1631119463.cds107.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62012

GET
H2 200 usync.html
ad.lkqd.net/cookie-sync/ Frame 5719 4 KB
2 KB 9ms
9ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 08 Sep 2021 16:44:23 GMT
content-encoding: gzip
content-length: 1868
content-type: text/html
last-modified: Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges: bytes
etag: "81f08e6987a7c8675462207e3514d72e"
cache-control: public, max-age=1209600
x-hw: 1631119463.cds127.fr8.hn,1631119463.cds226.fr8.c
access-control-allow-origin: *

POST ad
v.lkqd.net/ Frame 9F34 0
0

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 102ms
102ms Preflight 146.20.128.55
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fpacketquiver3735&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=23241616&m=&rtv=1&thost=ask.fm
Protocol: H2
Server: 146.20.128.55 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://ask.fm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 08 Sep 2021 16:44:23 GMT
content-length: 0
access-control-allow-origin: https://ask.fm
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

GET cs
cs.lkqd.net/ Frame 5719 0
0

GET

cs
cs.lkqd.net/ Frame 5719
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4432810002196890228

0
0

POST t
t.lkqd.net/ Frame 06A5 0
0

OPTIONS t
t.lkqd.net/ Frame 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/skeleton.gif

Domain: t.lkqd.net
URL: https://t.lkqd.net/t

Domain: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/skeleton.js

Domain: sync-tm.everesttech.net
URL: https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D

Domain: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=13873111&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=

Domain: v.lkqd.net
URL: https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fpacketquiver3735&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=23241616&m=&rtv=1&thost=ask.fm

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4432810002196890228

Domain: t.lkqd.net
URL: https://t.lkqd.net/t

Domain: t.lkqd.net
URL: https://t.lkqd.net/t

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

52 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ask.fm/	1970-01-20 05:51:17	Name: locale Value: de
ask.fm/	1970-01-20 05:51:17	Name: uuid Value: fa756788-912d-4c87-905a-4178ea59b9ea
ask.fm/	1970-01-20 05:51:17	Name: country Value: DE
ask.fm/	1970-01-19 21:09:38	Name: _m_ask_fm_session Value: NndIZWxod3dWQ21NeEtMdS9EN0VBN3ZjdUdLTTA0VW94RW5lRko5NUF5ZUhQeUtoQUNHYUx1eGI2SWtQRHh3akM5a2lJTWw0RWF0L0RPTXNsaVpqd2x0a1Z2b2Z4czVXcGY4U3ZpczBzMlV2Q2lRNXZXV00yQmVwYmRWY0dua2t5NG8wZCtCQ1NNWnNubmFNNTFoM2NYdVU3eG9kS3Y5dW56VUVwUDhLUGFLK3RHTVdMRk1GWnVhbm5BRmRFRHR0Rkk4WXIzeEtLUElZT2JOOFl3QVdYRHFmdkgzb0ZFU1BCcm9Dd0NpUkNpZ0gwL1lEMmVEdXJzT1lCaCtkVnF1VS0tTUVrZjgxaHdNMVJtWVU2enNJNm91UT09--82a1ba6d27ddf7e5d35f7edb598c4ad6171f8fc7
.ask.fm/	1970-01-20 05:50:55	Name: _ym_uid Value: 1631119459823264757
.ask.fm/	1970-01-20 05:50:55	Name: _ym_d Value: 1631119459
.mc.yandex.com/	1970-01-19 21:05:20	Name: sync_cookie_csrf Value: 977179462fake
.ask.fm/	1970-01-19 21:06:31	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-19 21:05:20	Name: sync_cookie_csrf Value: 3444264107fake
.bidswitch.net/	1970-01-20 05:50:55	Name: tuuid Value: ee67bb15-b8d0-459a-a757-a77bc471dbf9
.bidswitch.net/	1970-01-20 05:50:55	Name: c Value: 1631119459
.bidswitch.net/	1970-01-20 05:50:55	Name: tuuid_lu Value: 1631119459
ads.stickyadstv.com/	1970-01-19 21:48:31	Name: UID Value: eaf06c6a67fb6d62a44d611a88834de8
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: 54cc3dd793ecbe577e15ab42fec717
.yandex.com/	1970-01-20 05:50:55	Name: yandexuid Value: 2765092681631119459
.yandex.com/	1970-01-20 05:50:55	Name: yuidss Value: 2765092681631119459
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 59727021631119459
.yandex.com/	1970-01-23 12:41:19	Name: i Value: dwnHPIuPMLS321G9MJyCJa3bIamUV2KT1qg2jIsqj9eXANVUB52FQbEAjetRJWXezFjLaGnwvtdQ6p8f6GEZPyHEWRs=
.yandex.com/	1970-01-20 05:50:55	Name: ymex Value: 1662655459.yrts.1631119459#1662655459.yrtsi.1631119459
.adsrvr.org/	1970-01-20 05:50:55	Name: TDID Value: dcbe8866-48a2-4d9f-ae06-61b761f7b37c
.turn.com/	1970-01-20 01:24:31	Name: uid Value: 4432810002196890228
.doubleclick.net/	1970-01-20 06:26:55	Name: IDE Value: AHWqTUnjm4j0W_xgV-KhfMvtY0cHOlahj3-vbM2wDoQIi1D3E_occ7wjy74wAvtxtAM
.1rx.io/	1970-01-20 05:50:55	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-1702692d-b5e6-4cb6-a9a8-9a64dc80800d-003%22%7D
.ask.fm/	1970-01-19 21:05:21	Name: _ym_visorc Value: w
.targeting.unrulymedia.com/	1970-01-20 05:50:55	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-1702692d-b5e6-4cb6-a9a8-9a64dc80800d-003%22%7D
.vidoomy.com/	1970-01-20 05:50:55	Name: vidoomy-uids Value: eyJ1aWRzIjp7IkJTIjp7InVpZCI6ImVlNjdiYjE1LWI4ZDAtNDU5YS1hNzU3LWE3N2JjNDcxZGJmOSIsImV4cGlyZXMiOjE2MzM3MTE0NTl9LCJDRU4iOnsidWlkIjoibm8tY29uc2VudCIsImV4cGlyZXMiOjE2MzM3MTE0NTl9LCJVTiI6eyJ1aWQiOiJSWC0xNzAyNjkyZC1iNWU2LTRjYjYtYTlhOC05YTY0ZGM4MDgwMGQtMDAzIiwiZXhwaXJlcyI6MTYzMzcxMTQ1OX19fQ==
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: pxId Value: 7169
ask.fm/	1970-01-19 21:05:20	Name: freewheel-detected-bandwidth Value: 266
ads.stickyadstv.com/	1970-01-19 21:25:29	Name: uid-bp-30833 Value: 1
.fwmrm.net/	1970-01-20 01:24:31	Name: _uid Value: "l176a_7005604740864613732"
ads.stickyadstv.com/	1970-01-19 22:31:43	Name: uid-bp-36033 Value: l176a_7005604740864613732
ads.stickyadstv.com/	1970-01-19 22:31:43	Name: MRM_UID Value: l176a_7005604740864613732
ads.stickyadstv.com/	1970-01-19 22:31:43	Name: uid-bp-159 Value: CAESEHt3SAL5Ypptc6HATFvw6JM
.adsrvr.org/	1970-01-20 05:50:55	Name: TDCPM Value: CAEYASABKAIyCwi6y9281Lz5ORAFOAFaCXN0aWNreWFkc2AC
ads.stickyadstv.com/	1970-01-19 22:31:43	Name: uid-bp-892 Value: dcbe8866-48a2-4d9f-ae06-61b761f7b37c
ads.stickyadstv.com/	1970-01-19 22:31:43	Name: uid-bp-951 Value: 7828100818536297263
.adnxs.com/	1970-01-19 23:14:55	Name: icu Value: ChgI1dN1EAoYASABKAEw5dDjiQY4AUABSAEQ5dDjiQYYAA..
.adnxs.com/	1970-01-19 23:14:55	Name: uuid2 Value: 5025629203162603961
.yahoo.com/	1970-01-20 05:51:17	Name: A3 Value: d=AQABBGboOGECEAJIusYfoPN2Pw8Kxoshk70&S=AQAAAjnmV-httVY64tWH8kdwDqI
ads.stickyadstv.com/	1970-01-19 21:48:31	Name: uid-bp-717 Value: y-ElGAu59E2oOytBKRUuI.9UWv5lFV.HYykX1RGFn.~A
.mathtag.com/	1970-01-20 06:31:14	Name: uuid Value: b8466138-e866-4400-a6b2-5c0008695c26
ads.stickyadstv.com/	1970-01-19 22:31:43	Name: uid-bp-529 Value: b8466138-e866-4400-a6b2-5c0008695c26
.bidr.io/	1970-01-20 06:33:53	Name: bito Value: AACVik7CcdEAABxCG5zDuw
.bidr.io/	1970-01-20 06:33:53	Name: bitoIsSecure Value: ok
ads.stickyadstv.com/	1970-01-19 21:48:31	Name: uid-bp-26913 Value: AACVik7CcdEAABxCG5zDuw
.pubmatic.com/	1970-01-19 23:14:55	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-19 23:14:55	Name: pp Value: 156498
.pubmatic.com/	1970-01-19 21:06:45	Name: PMDTSHR Value: cat:
.adform.net/	1970-01-19 21:48:31	Name: C Value: 1
.adform.net/	1970-01-19 22:31:43	Name: uid Value: 4757525346826380865
ads.stickyadstv.com/	1970-01-19 22:31:43	Name: uid-bp-617 Value: 4757525346826380865
.everesttech.net/	1970-01-20 05:50:55	Name: everest_g_v2 Value: g_surferid~YTjoZgAEY3sL_QAC

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ask.fm/packetquiver3735 Message: Failed to load resource: the server responded with a status of 410 (Gone)
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9390.UmFEsYcfc1Lly2Eezj2brT_Xy2SihhgFJSw1q-AntqxqU9gyERPYuT8U_sWOYUE1etHpODtnpV-athRacNbelA%2C%2C.9NqYKeS-SABTSn-A4IwQV5nseZM%2C Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.vidoomy.com
ad.lkqd.net
ad.turn.com
ads.adaptv.advertising.com
ads.pubmatic.com
ads.stickyadstv.com
ads.vidoomy.com
adserver.adtech.advertising.com
adx.adform.net
aktrack.pubmatic.com
ask.fm
cdn.stickyadstv.com
cm.g.doubleclick.net
colossalcoat.com
cs.lkqd.net
d16vsmxl4d5tw1.cloudfront.net
d3r6ceqp4shltl.cloudfront.net
dbq8hrmshvuto.cloudfront.net
ib.adnxs.com
image6.pubmatic.com
match.adsrvr.org
mc.yandex.com
mc.yandex.ru
pixel-sync.sitescout.com
s.amazon-adsystem.com
static.adsafeprotected.com
sync-tm.everesttech.net
sync.1rx.io
sync.targeting.unrulymedia.com
t.lkqd.net
tpc.googlesyndication.com
v.lkqd.net
vid-io-cle.springserve.com
vid.pubmatic.com
vpaid.pubmatic.com
vpaid.springserve.com
x.bidswitch.net
cs.lkqd.net
image6.pubmatic.com
static.adsafeprotected.com
sync-tm.everesttech.net
t.lkqd.net
v.lkqd.net
104.80.21.36
104.80.22.145
13.248.242.197
146.20.128.140
146.20.128.55
146.20.132.120
151.139.128.11
18.159.240.81
185.64.190.75
193.138.77.143
2001:4de0:ac19::1:b:3a
2001:678:cb4:bbbb::11
209.54.176.128
213.19.147.44
216.58.214.66
23.217.9.140
2600:9000:20e1:6000:11:3771:2e40:21
2600:9000:2117:ee00:c:d85b:b300:21
2600:9000:218d:9600:13:811c:e440:21
2600:9000:219c:aa00:15:6f6c:b180:93a1
2606:2800:233:97b6:26be:138a:cba8:bb01
2a00:1450:4007:813::2001
2a02:6b8::1:119
3.129.250.65
3.140.219.195
3.68.1.119
35.201.96.133
37.157.4.24
37.252.172.38
52.28.167.107
66.155.71.149
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d712c6bbf7ad22dd39c8d72c74f8505c6c3472d61570159485f8abc49ce3b82
10c05067921c5f5a9dfd5a63a6b354992ee20c4d11ab6ca8cc9f1855dbf44498
11207361fdb98331fc89bedaca3943092c73bf3f6fd493fdb5a5bb81ec66ed14
11e41d859e2bb2f97068bbbffff15522b7852828e938a464164ffbad62cfa389
12ebeaec9bf52a5506ff5ebe5f2ac19770ad9ecff7ea0fa7eaa33ab411163137
168c964442c127d6e41e7756b9861dfd332855eb2c0d010c5a0a6d5a2890d1ea
1f2ed977ada559dbdfe490dc7be853ab2affc14996370ce0574f022a5c8dd9a5
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2eff85d284b6f90e68ba471cc5e778859bc619c700435e236815814bd67b8113
314f77ceb6eeb867506034066927d975a3619c9decd8a952150949f822e1d6ff
41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401
4569d6bf2a0e32a079b444e4f60b1ff8d6680efbdbb5965568d508c4b329e42c
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5837176a5be205c861565cdec44ff713ed7874620fd4b2967a59a0d184477a48
5bab5ebf681692fa03a6189a614e96a6cea674084db4d76421c54db3aa9f1c2f
602a16342b622ddbb17b9d027d017884c185b2387d5ba8cdc2b4cbbe1e4708a2
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3
6bf4d1a5ab84231d4d77a7aa49811be50601ad46f93002a7dfc4b29403980787
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
7cb4560c15852d4f239dbe2b2fb095b3e1dcd15086b7a4307d42ae1e6c20c139
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
859a4ff23ab2346c3e477dd4d3b5d21fe9dde54f05b1412da0c63c04c20923f7
8a8722d7448cc1bfe6f1cec3b7f17c9b1990605273cb6cb7f6d4e0906f8319b2
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
9223221e834e3ff92630329768fe393734aa884fc5c1400ceea60f7d0cefeca5
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
96435b65a9bc4acadcab0bf8daf883784bd9ffc382c52fefbbef0d2129913aed
96e61209b1c1fff1abe78fb763fbf093a04e6e992dc24b299ab1c4c5f4272f16
98afa8b224957cd05b6b4f4e0bd6637c6929a682137e78595bbcbd0f3f07334b
98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f
9b5ec09d89133ac8a7b95e5e00d570d32fead2791bae14ff525da4ace9d7a9b0
9f0cffc6f8c25f207060acd6dcf2ae6362f1bf950a33ae3020dfe6fcc9facae1
9f583ece4a103a6a2a6d8fe1ceb6005762b68f3c7739234bbac4a2f7fc04c0c1
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
b570d38ee9fb9d3c62cdd3395021b23cf0c1b8d6e55aa0f4c31496723a30c202
b69a83dc0b640a124fc33432c003f2e4ac22d367dbcab0398220019e7ac7ca5b
babd04bca5bced2419243cb468ffbe7b40475f02ec42ef73df1c526144054342
bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477
bfa27d44851e5946d6d6218886e6d30819cd3c254be4e31294ee7a409efcaa1e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4610f8b95bbc72f8f0d5942257044a9858cc319e3fdf62d064c0837bcb5a028
c823abcf5705827215b02b26b20eb77214c9090bd2e39e76ea13551b5dc64862
d82212d39d1b89ae91067e3e3e80c68827d21c2eeb263b05751f547dbd25a950
d9de38a7765aef878874c510291d2eb88f78b505f7a4465dbed6f07c405b3424
dc5399bd200c7c3fa47e73f43bd1b16d19888200e3a4a863a1c703e5e3272bf8
e05e863b4966a3f41111e2ccf4d76877b3e03093abadac039ae8f3f0bcc8c71b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a56b177dbde29ba6894fc6c91b6c838108e84cb185da4dbba1de0d130ee41d
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
e8fd5e541497eb50cb01cb6b72e101dbff2b358cd716c60576547ecea86a5eca
eb0e0f07463dba9c92d21ce04b257af21511164f92d50f85f22358a3864858ac
ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8
f1a1c11bb2dce349412313720814f9eeb59f1954d2c284a32a56e45840e5b1e1
f4e89d55b3744b0828b311ba8580099a01a6351326b9ab3640afc400e199724a
f6a71b07ddc56e59cea097f580ffad3ebd5301bb04529e54033fff242a2ea200
f8850cefb4de41ccc6605f1dfb4a878ea180b2c1b7caf09fe406e4f9e16ff126
fa320bf53da2e1f2255bbb95a8389bd3f34789db1a05ea83a2bf363010b1fd81
fabc2040b8a703e60517f7d7bf91405c583eeb35695fb596afaa9b0515a9fbd6

ask.fm Open in urlscan Pro 193.138.77.143 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

127 Requests

90 %HTTPS

29 %IPv6

24 Domains

37 Subdomains

27 IPs

9 Countries

1342 kBTransfer

3198 kBSize

52 Cookies

14 Outgoing links

Redirected requests

127 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ask.fm Open in urlscan Pro
193.138.77.143 Public Scan

Screenshot
Live screenshot

Full Image

127
Requests

90 %
HTTPS

29 %
IPv6

24
Domains

37
Subdomains

27
IPs

9
Countries

1342 kB
Transfer

3198 kB
Size

52
Cookies

127 HTTP transactions
3 data transactions