urlscan.io logo urlscan.io
SecurityTrails logo

ask.fm Open in urlscan Pro
193.138.77.146  Public Scan

Go To Rescan Add Verdict Report
URL: https://ask.fm/altopeanut514
Submission: On September 25 via manual from HK — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 86 IPs in 12 countries across 93 domains to perform 415 HTTP transactions. The main IP is 193.138.77.146, located in Latvia and belongs to ASK-FM, US. The main domain is ask.fm.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on September 15th 2021. Valid for: a year.
This is the only time ask.fm was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 193.138.77.146 395754 (ASK-FM)
6 2600:9000:223... 16509 (AMAZON-02)
1 3.129.250.65 16509 (AMAZON-02)
3 35.201.96.133 15169 (GOOGLE)
1 2a05:d018:ac8... 16509 (AMAZON-02)
3 14 2a02:6b8::1:119 208722 (YNDX)
21 2600:9000:223... 16509 (AMAZON-02)
4 2600:9000:225... 16509 (AMAZON-02)
1 52.209.141.213 16509 (AMAZON-02)
14 151.139.128.11 20446 (HIGHWINDS3)
4 4 66.155.71.149 13768 (COGECO-PEER1)
2 3.68.1.119 16509 (AMAZON-02)
12 13 52.57.48.21 16509 (AMAZON-02)
1 34.98.67.61 15169 (GOOGLE)
9 9 213.19.147.45 26120 (RHYTHMONE)
3 4 76.223.111.131 16509 (AMAZON-02)
12 34 2.18.234.233 16625 (AKAMAI-AS)
15 146.20.132.143 27357 (RACKSPACE)
35 146.20.132.148 27357 (RACKSPACE)
10 10 2001:678:cb4:... 56396 (AMOBEE)
42 146.20.132.52 27357 (RACKSPACE)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
2 2600:9000:225... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f12... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
1 2a04:4e42::485 54113 (FASTLY)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 178.250.2.146 44788 (ASN-CRITE...)
6 147.75.38.124 54825 (PACKET)
6 51.89.9.254 16276 (OVH)
1 8 23.111.200.118 7979 (SERVERS-COM)
6 20 185.33.220.242 29990 (ASN-APPNEX)
1 13 2606:4700:10:... 13335 (CLOUDFLAR...)
1 185.86.138.121 201081 (SMARTADSE...)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
10 37.157.4.28 198622 (ADFORM)
1 184.31.84.150 16625 (AKAMAI-AS)
1 185.94.180.124 35220 (SPOTX-AMS)
8 15 3.120.211.246 16509 (AMAZON-02)
28 2.18.233.180 16625 (AKAMAI-AS)
1 2 34.98.64.218 15169 (GOOGLE)
2 2600:9000:224... 16509 (AMAZON-02)
3 151.101.65.108 54113 (FASTLY)
5 185.64.190.78 62713 (AS-PUBMATIC)
4 5 37.157.6.251 198622 (ADFORM)
2 2 213.155.156.185 1299 (TWELVE99 ...)
1 23 185.64.190.80 62713 (AS-PUBMATIC)
1 178.250.2.151 44788 (ASN-CRITE...)
10 12 142.250.186.130 15169 (GOOGLE)
3 3 185.29.134.248 30419 (MEDIAMATH...)
3 185.64.189.114 62713 (AS-PUBMATIC)
1 2 146.59.148.16 16276 (OVH)
2 2 54.78.254.47 16509 (AMAZON-02)
1 2 159.253.128.188 36351 (SOFTLAYER)
1 1 2620:116:800d... 16509 (AMAZON-02)
5 185.64.190.75 62713 (AS-PUBMATIC)
2 3.141.243.179 16509 (AMAZON-02)
4 2001:4de0:ac1... 20446 (HIGHWINDS3)
6 95.217.114.174 24940 (HETZNER-AS)
4 15 2.18.234.21 16625 (AKAMAI-AS)
5 5 216.52.2.39 30282 (AS-INAPCD...)
3 3 18.159.118.206 16509 (AMAZON-02)
5 6 18.156.0.31 16509 (AMAZON-02)
2 2 35.210.53.219 ()
2 2 193.232.148.149 48061 (UMA-TECH-AS)
6 6 31.172.81.160 44066 (DE-FIRSTC...)
2 2 31.172.81.172 44066 (DE-FIRSTC...)
1 151.236.71.82 204720 (CDNETWORKS)
2 6 209.54.177.54 ()
1 2 34.253.109.165 16509 (AMAZON-02)
2 4 54.77.6.213 16509 (AMAZON-02)
2 173.231.180.197 29791 (VOXEL-DOT...)
1 2 141.95.3.40 16276 (OVH)
2 178.162.133.149 60781 (LEASEWEB-...)
1 1 3.126.175.244 16509 (AMAZON-02)
1 2 185.33.221.89 ()
2 2a00:1288:110... ()
2 2 185.183.112.148 ()
2 2 18.185.243.227 ()
1 1 85.114.159.118 ()
2 2 35.201.96.126 ()
1 185.64.189.229 ()
1 2 77.243.60.138 ()
1 2606:4700:10:... ()
1 2 34.206.192.53 ()
2 2 99.80.151.46 ()
1 2a02:fa8:8806... ()
2 2 151.101.130.49 ()
1 1 159.65.196.12 ()
2 2 89.108.119.28 ()
1 1 31.172.81.158 ()
1 3 2a02:6b8::90 ()
1 1 2.19.35.65 ()
2 104.109.78.125 ()
1 69.173.144.165 ()
1 2 2001:6d0:4001... ()
1 3.217.216.1 ()
1 82.145.213.8 ()
8 52.28.33.143 ()
1 1 162.55.6.211 ()
1 2606:4700:20:... ()
1 1 188.165.4.142 ()
1 2 2606:4700::68... ()
1 1 2a04:4e42:200... ()
1 151.101.65.44 ()
1 38.91.45.7 ()
1 1 34.98.107.212 ()
1 52.208.41.69 ()
2 2 34.239.198.206 ()
1 1 2607:ae80:5::49 ()
2 2 44.194.177.202 ()
1 1 154.59.122.79 ()
1 1 3.125.99.7 ()
1 38.27.122.158 ()
1 1 52.44.53.247 ()
415 86
4    193.138.77.146 (Latvia)

ASN395754 (ASK-FM, US)
ask.fm
6    2600:9000:223d:3a00:11:3771:2e40:21 (United States)

ASN16509 (AMAZON-02, US)
d3r6ceqp4shltl.cloudfront.net
1    3.129.250.65 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-129-250-65.us-east-2.compute.amazonaws.com
ads.vidoomy.com
3    35.201.96.133 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 133.96.201.35.bc.googleusercontent.com
colossalcoat.com
1    2a05:d018:ac8:b900:f121:163b:7bd1:59c (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
esputnik.com
14    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
mc.yandex.ru
mc.yandex.com
21    2600:9000:223e:d400:13:811c:e440:21 (United States)

ASN16509 (AMAZON-02, US)
d16vsmxl4d5tw1.cloudfront.net
4    2600:9000:2251:4800:c:d85b:b300:21 (United States)

ASN16509 (AMAZON-02, US)
dbq8hrmshvuto.cloudfront.net
1    52.209.141.213 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-141-213.eu-west-1.compute.amazonaws.com
static.adsafeprotected.com
14    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
ad.lkqd.net
4    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    3.68.1.119 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-1-119.eu-central-1.compute.amazonaws.com
a.vidoomy.com
13    52.57.48.21 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-48-21.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
9    213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
4    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
34    2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
15    146.20.132.143 (United States)

ASN27357 (RACKSPACE, US)
v.lkqd.net
35    146.20.132.148 (United States)

ASN27357 (RACKSPACE, US)
cs.lkqd.net
10    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
42    146.20.132.52 (United States)

ASN27357 (RACKSPACE, US)
t.lkqd.net
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:223c:800:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.optad360.io
2    2600:9000:225e:c200:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)
get.optad360.io
2    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    2606:4700::6812:ea1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
2    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
6    147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
6    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
8    23.111.200.118 (Russian Federation)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
20    185.33.220.242 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
13    2606:4700:10::ac43:2ac6 (United States)

ASN13335 (CLOUDFLARENET, US)
useast.quantumdex.io
sync.quantumdex.io
ms.quantumdex.io
1    185.86.138.121 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
3    2606:4700:10::ac43:8ae (United States)

ASN13335 (CLOUDFLARENET, US)
i.connectad.io
cdn.connectad.io
sync-eu.connectad.io
10    37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
1    184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
1    185.94.180.124 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
15    3.120.211.246 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-211-246.eu-central-1.compute.amazonaws.com
ads.adaptv.advertising.com
28    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
vpaid.pubmatic.com
ads.pubmatic.com
aktrack.pubmatic.com
2    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
vidoomy-d.openx.net
2    2600:9000:2240:c200:15:6f6c:b180:93a1 (United States)

ASN16509 (AMAZON-02, US)
vpaid.springserve.com
3    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
5    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
5    37.157.6.251 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
c1.adform.net
2    213.155.156.185 (Uppsala, Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-185.teliacarrier-cust.com
d5p.de17a.com
23    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
12    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net
3    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
2    146.59.148.16 (France)

ASN16276 (OVH, FR)
PTR: pikafka-2.cloudy.ovh
pixel.onaudience.com
2    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loada.exelator.com
2    159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
1    2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
5    185.64.190.75 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
vid.pubmatic.com
2    3.141.243.179 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-141-243-179.us-east-2.compute.amazonaws.com
vid-io-cle.springserve.com
4    2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)
cdn.stickyadstv.com
6    95.217.114.174 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: ap10.adplayer.pro
serving.stat-rock.com
15    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
5    216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
3    18.159.118.206 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-118-206.eu-central-1.compute.amazonaws.com
pixel.advertising.com
6    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    35.210.53.219 (None, )

ASN- ()
pool.admedo.com
2    193.232.148.149 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp10.sender.ltmse.com
px.adhigh.net
6    31.172.81.160 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
2    31.172.81.172 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync3.adsniper.ru
1    151.236.71.82 (Moscow, Russian Federation)

ASN204720 (CDNETWORKS, RU)
cache.betweendigital.com
6    209.54.177.54 (None, )

ASN- ()
s.amazon-adsystem.com
2    34.253.109.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-109-165.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
4    54.77.6.213 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-6-213.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    173.231.180.197 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
2    141.95.3.40 (France)

ASN16276 (OVH, FR)
PTR: p30.id5-sync.com
id5-sync.com
2    178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
1    3.126.175.244 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-175-244.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    185.33.221.89 (None, )

ASN- ()
secure.adnxs.com
2    2a00:1288:110:c305::8000 (None, )

ASN- ()
pr-bh.ybp.yahoo.com
2    185.183.112.148 (None, )

ASN- ()
sync.adotmob.com
2    18.185.243.227 (None, )

ASN- ()
ads.creative-serving.com
1    85.114.159.118 (None, )

ASN- ()
dsp.adfarm1.adition.com
2    35.201.96.126 (None, )

ASN- ()
visitor.fiftyt.com
1    185.64.189.229 (None, )

ASN- ()
aud.pubmatic.com
2    77.243.60.138 (None, )

ASN- ()
uipglob.semasio.net
1    2606:4700:10::6816:1857 (None, )

ASN- ()
mwzeom.zeotap.com
2    34.206.192.53 (None, )

ASN- ()
a.audrte.com
2    99.80.151.46 (None, )

ASN- ()
r.scoota.co
1    2a02:fa8:8806:16::1370 (None, )

ASN- ()
pubmatic-match.dotomi.com
2    151.101.130.49 (None, )

ASN- ()
sync-tm.everesttech.net
1    159.65.196.12 (None, )

ASN- ()
match.adsby.bidtheatre.com
2    89.108.119.28 (None, )

ASN- ()
x01.aidata.io
1    31.172.81.158 (None, )

ASN- ()
sync3.sniperlog.ru
3    2a02:6b8::90 (None, )

ASN- ()
an.yandex.ru
1    2.19.35.65 (None, )

ASN- ()
secure-assets.rubiconproject.com
2    104.109.78.125 (None, )

ASN- ()
eus.rubiconproject.com
1    69.173.144.165 (None, )

ASN- ()
token.rubiconproject.com
2    2001:6d0:4001::226 (None, )

ASN- ()
www.tns-counter.ru
1    3.217.216.1 (None, )

ASN- ()
jadserve.postrelease.com
1    82.145.213.8 (None, )

ASN- ()
t.adx.opera.com
8    52.28.33.143 (None, )

ASN- ()
ads-eu.v.ssp.yahoo.com
1    162.55.6.211 (None, )

ASN- ()
csync.loopme.me
1    2606:4700:20::681a:ad1 (None, )

ASN- ()
ad4m.at
1    188.165.4.142 (None, )

ASN- ()
green.erne.co
2    2606:4700::6812:d05 (None, )

ASN- ()
a.tribalfusion.com
s.tribalfusion.com
1    2a04:4e42:200::300 (None, )

ASN- ()
trc.taboola.com
1    151.101.65.44 (None, )

ASN- ()
match.taboola.com
1    38.91.45.7 (None, )

ASN- ()
match.deepintent.com
1    34.98.107.212 (None, )

ASN- ()
ads.playground.xyz
1    52.208.41.69 (None, )

ASN- ()
rtb.gumgum.com
2    34.239.198.206 (None, )

ASN- ()
sync.ipredictive.com
1    2607:ae80:5::49 (None, )

ASN- ()
7e1d5.v.fwmrm.net
2    44.194.177.202 (None, )

ASN- ()
vop.sundaysky.com
1    154.59.122.79 (None, )

ASN- ()
ums.acuityplatform.com
1    3.125.99.7 (None, )

ASN- ()
pm.w55c.net
1    38.27.122.158 (None, )

ASN- ()
match.bnmla.com
1    52.44.53.247 (None, )

ASN- ()
sync.srv.stackadapt.com
Apex Domain
Subdomains		 Transfer
106 lkqd.net
ad.lkqd.net
v.lkqd.net
cs.lkqd.net
t.lkqd.net
433 KB
65 pubmatic.com
vpaid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
simage2.pubmatic.com
vid.pubmatic.com
aktrack.pubmatic.com
aud.pubmatic.com
simage4.pubmatic.com
360 KB
38 stickyadstv.com
ads.stickyadstv.com
cdn.stickyadstv.com
320 KB
31 cloudfront.net
d3r6ceqp4shltl.cloudfront.net
d16vsmxl4d5tw1.cloudfront.net
dbq8hrmshvuto.cloudfront.net
682 KB
25 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
68 KB
18 advertising.com
ads.adaptv.advertising.com
pixel.advertising.com
11 KB
16 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
ads-eu.v.ssp.yahoo.com
10 KB
15 adform.net
adx.adform.net
c1.adform.net
9 KB
14 casalemedia.com
htlb.casalemedia.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
15 KB
13 quantumdex.io
useast.quantumdex.io
sync.quantumdex.io
ms.quantumdex.io
2 KB
13 doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net Failed
2 KB
13 bidswitch.net
x.bidswitch.net
3 KB
12 yandex.com
mc.yandex.com
3 KB
10 turn.com
ad.turn.com
4 KB
9 betweendigital.com
ads.betweendigital.com
cache.betweendigital.com
7 KB
6 amazon-adsystem.com
s.amazon-adsystem.com
4 KB
6 bumlam.com
sync.bumlam.com
4 KB
6 stat-rock.com
serving.stat-rock.com
97 KB
6 onetag-sys.com
onetag-sys.com
4 KB
6 a-mo.net
prebid.a-mo.net
1 KB
6 1rx.io
sync.1rx.io
4 KB
5 lijit.com
ap.lijit.com
3 KB
5 criteo.com
gum.criteo.com
mug.criteo.com
dis.criteo.com
2 KB
5 yandex.ru
mc.yandex.ru
an.yandex.ru
66 KB
4 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
11 KB
4 bidr.io
match.prod.bidr.io
2 KB
4 springserve.com
vpaid.springserve.com
vid-io-cle.springserve.com
174 KB
4 adsrvr.org
match.adsrvr.org
2 KB
4 sitescout.com
pixel-sync.sitescout.com
1 KB
4 ask.fm
ask.fm
44 KB
3 mathtag.com
sync.mathtag.com
2 KB
3 connectad.io
i.connectad.io
cdn.connectad.io
sync-eu.connectad.io
1 KB
3 optad360.io
cmp.optad360.io
get.optad360.io
226 KB
3 unrulymedia.com
sync.targeting.unrulymedia.com
1 KB
3 colossalcoat.com
colossalcoat.com
30 KB
3 vidoomy.com
ads.vidoomy.com
a.vidoomy.com
7 KB
2 sundaysky.com
vop.sundaysky.com
2 KB
2 ipredictive.com
sync.ipredictive.com
981 B
2 taboola.com
trc.taboola.com
match.taboola.com
651 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 tns-counter.ru
www.tns-counter.ru
706 B
2 aidata.io
x01.aidata.io
1 KB
2 everesttech.net
sync-tm.everesttech.net
742 B
2 scoota.co
r.scoota.co
1 KB
2 audrte.com
a.audrte.com
2 KB
2 semasio.net
uipglob.semasio.net
1 KB
2 fiftyt.com
visitor.fiftyt.com
1 KB
2 creative-serving.com
ads.creative-serving.com
1 KB
2 adotmob.com
sync.adotmob.com
1 KB
2 sonobi.com
sync.go.sonobi.com
1 KB
2 id5-sync.com
id5-sync.com
3 KB
2 adgrx.com
cm.adgrx.com
816 B
2 crwdcntrl.net
bcp.crwdcntrl.net
1 KB
2 adsniper.ru
sync3.adsniper.ru
1 KB
2 adhigh.net
px.adhigh.net
821 B
2 admedo.com
pool.admedo.com
715 B
2 indexww.com
js-sec.indexww.com
2 KB
2 simpli.fi
um.simpli.fi
1 KB
2 exelator.com
loada.exelator.com
2 KB
2 onaudience.com
pixel.onaudience.com
736 B
2 de17a.com
d5p.de17a.com
634 B
2 openx.net
vidoomy-d.openx.net
757 B
2 4dex.io
script.4dex.io
22 KB
2 google-analytics.com
www.google-analytics.com
20 KB
2 facebook.net
connect.facebook.net
79 KB
1 stackadapt.com
sync.srv.stackadapt.com
649 B
1 bnmla.com
match.bnmla.com
114 B
1 w55c.net
pm.w55c.net
891 B
1 acuityplatform.com
ums.acuityplatform.com
707 B
1 fwmrm.net
7e1d5.v.fwmrm.net
461 B
1 gumgum.com
rtb.gumgum.com
238 B
1 playground.xyz
ads.playground.xyz
485 B
1 deepintent.com
match.deepintent.com
44 B
1 erne.co
green.erne.co
326 B
1 ad4m.at
ad4m.at
974 B
1 loopme.me
csync.loopme.me
217 B
1 opera.com
t.adx.opera.com
393 B
1 postrelease.com
jadserve.postrelease.com
428 B
1 sniperlog.ru
sync3.sniperlog.ru
297 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 zeotap.com
mwzeom.zeotap.com
455 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 sharethrough.com
match.sharethrough.com
240 B
1 quantserve.com
pixel.quantserve.com
541 B
1 spotxchange.com
search.spotxchange.com
1 KB
1 smartadserver.com
prg.smartadserver.com
2 KB
1 jsdelivr.net
cdn.jsdelivr.net
1 KB
1 facebook.com
www.facebook.com
313 B
1 googletagmanager.com
www.googletagmanager.com
40 KB
1 mookie1.com
odr.mookie1.com
324 B
1 adsafeprotected.com
static.adsafeprotected.com
259 B
1 esputnik.com
esputnik.com
11 KB
415 93
Domain Requested by
42 t.lkqd.net ad.lkqd.net
35 cs.lkqd.net ad.lkqd.net
34 ads.stickyadstv.com 12 redirects ask.fm
ad.lkqd.net
vpaid.springserve.com
cdn.stickyadstv.com
21 d16vsmxl4d5tw1.cloudfront.net ask.fm
20 ib.adnxs.com 6 redirects get.optad360.io
vpaid.springserve.com
acdn.adnxs.com
15 simage2.pubmatic.com ads.pubmatic.com
15 ads.adaptv.advertising.com 8 redirects ad.lkqd.net
vpaid.springserve.com
15 v.lkqd.net ad.lkqd.net
14 ad.lkqd.net ask.fm
ad.lkqd.net
13 x.bidswitch.net 12 redirects
12 ads.pubmatic.com vpaid.pubmatic.com
ads.pubmatic.com
sync.quantumdex.io
12 cm.g.doubleclick.net
12 mc.yandex.com 2 redirects ask.fm
mc.yandex.ru
11 sync.quantumdex.io get.optad360.io
sync.quantumdex.io
ssum-sec.casalemedia.com
ads.pubmatic.com
11 vpaid.pubmatic.com ad.lkqd.net
vpaid.springserve.com
blank
10 adx.adform.net get.optad360.io
ad.lkqd.net
10 ad.turn.com 10 redirects
8 ads-eu.v.ssp.yahoo.com
8 image2.pubmatic.com 1 redirects ads.pubmatic.com
8 ads.betweendigital.com 1 redirects get.optad360.io
ads.betweendigital.com
7 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
6 s.amazon-adsystem.com 2 redirects ssum-sec.casalemedia.com
6 sync.bumlam.com 6 redirects
6 ups.analytics.yahoo.com 5 redirects ssum-sec.casalemedia.com
6 serving.stat-rock.com get.optad360.io
6 onetag-sys.com get.optad360.io
sync.quantumdex.io
cache.betweendigital.com
6 prebid.a-mo.net get.optad360.io
6 sync.1rx.io 6 redirects
6 d3r6ceqp4shltl.cloudfront.net ask.fm
d3r6ceqp4shltl.cloudfront.net
5 ap.lijit.com 5 redirects
5 aktrack.pubmatic.com
5 vid.pubmatic.com vpaid.pubmatic.com
5 c1.adform.net 4 redirects ads.pubmatic.com
5 image6.pubmatic.com ads.pubmatic.com
4 match.prod.bidr.io 2 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
4 ssum-sec.casalemedia.com js-sec.indexww.com
ssum-sec.casalemedia.com
sync.quantumdex.io
4 cdn.stickyadstv.com ad.lkqd.net
cdn.stickyadstv.com
4 match.adsrvr.org 3 redirects ssum-sec.casalemedia.com
4 pixel-sync.sitescout.com 4 redirects
4 dbq8hrmshvuto.cloudfront.net ask.fm
4 ask.fm d3r6ceqp4shltl.cloudfront.net
serving.stat-rock.com
3 an.yandex.ru 1 redirects
3 pixel.advertising.com 3 redirects
3 sync.mathtag.com 3 redirects
3 acdn.adnxs.com vpaid.springserve.com
get.optad360.io
3 sync.targeting.unrulymedia.com 3 redirects
3 colossalcoat.com ask.fm
colossalcoat.com
2 vop.sundaysky.com 2 redirects
2 sync.ipredictive.com 2 redirects
2 www.tns-counter.ru 1 redirects
2 eus.rubiconproject.com cache.betweendigital.com
eus.rubiconproject.com
2 x01.aidata.io 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 r.scoota.co 2 redirects
2 a.audrte.com 1 redirects ads.pubmatic.com
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 visitor.fiftyt.com 2 redirects
2 ads.creative-serving.com 2 redirects
2 sync.adotmob.com 2 redirects
2 pr-bh.ybp.yahoo.com ssum-sec.casalemedia.com
ads.pubmatic.com
2 secure.adnxs.com 1 redirects ssum-sec.casalemedia.com
2 sync.go.sonobi.com sync.quantumdex.io
2 id5-sync.com 1 redirects sync.quantumdex.io
2 cm.adgrx.com ssum-sec.casalemedia.com
ads.pubmatic.com
2 bcp.crwdcntrl.net 1 redirects ssum-sec.casalemedia.com
2 sync3.adsniper.ru 2 redirects
2 px.adhigh.net 2 redirects
2 pool.admedo.com 2 redirects
2 ssum.casalemedia.com 2 redirects
2 js-sec.indexww.com get.optad360.io
ssum-sec.casalemedia.com
2 vid-io-cle.springserve.com vpaid.springserve.com
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 1 redirects ads.pubmatic.com
2 image4.pubmatic.com ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 vpaid.springserve.com ad.lkqd.net
2 vidoomy-d.openx.net 1 redirects
2 mug.criteo.com
2 script.4dex.io get.optad360.io
script.4dex.io
2 gum.criteo.com 1 redirects
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 get.optad360.io d3r6ceqp4shltl.cloudfront.net
get.optad360.io
2 connect.facebook.net d3r6ceqp4shltl.cloudfront.net
connect.facebook.net
2 a.vidoomy.com ask.fm
2 mc.yandex.ru 1 redirects d3r6ceqp4shltl.cloudfront.net
1 sync.srv.stackadapt.com 1 redirects
1 match.bnmla.com ads.pubmatic.com
1 pm.w55c.net 1 redirects
1 ums.acuityplatform.com 1 redirects
1 7e1d5.v.fwmrm.net 1 redirects
1 rtb.gumgum.com ads.pubmatic.com
1 ads.playground.xyz 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 green.erne.co 1 redirects
1 ad4m.at ads.pubmatic.com
1 csync.loopme.me 1 redirects
1 simage4.pubmatic.com ads.pubmatic.com
1 t.adx.opera.com
1 jadserve.postrelease.com
1 token.rubiconproject.com eus.rubiconproject.com
1 secure-assets.rubiconproject.com 1 redirects
1 sync3.sniperlog.ru 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 aud.pubmatic.com ads.pubmatic.com
1 dsp.adfarm1.adition.com 1 redirects
1 ms.quantumdex.io 1 redirects
1 match.sharethrough.com 1 redirects
1 sync-eu.connectad.io cdn.connectad.io
1 cache.betweendigital.com ads.betweendigital.com
1 cdn.connectad.io get.optad360.io
1 pixel.quantserve.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 search.spotxchange.com ad.lkqd.net
1 htlb.casalemedia.com get.optad360.io
1 i.connectad.io get.optad360.io
1 prg.smartadserver.com get.optad360.io
1 useast.quantumdex.io get.optad360.io
1 cdn.jsdelivr.net get.optad360.io
1 stats.g.doubleclick.net www.google-analytics.com
1 www.facebook.com
1 cmp.optad360.io d3r6ceqp4shltl.cloudfront.net
1 www.googletagmanager.com d3r6ceqp4shltl.cloudfront.net
1 odr.mookie1.com ask.fm
1 static.adsafeprotected.com ask.fm
1 esputnik.com ask.fm
1 ads.vidoomy.com ask.fm
415 133

This site contains links to these domains. Also see Links.

Domain
about.ask.fm
safety.ask.fm
support.ask.fm
www.facebook.com
instagram.com
twitter.com
vk.com
Subject Issuer Validity Valid
*.ask.fm
AlphaSSL CA - SHA256 - G2		 2021-09-15 -
2022-10-17		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2021-08-06 -
2022-09-05		 a year crt.sh
colossalcoat.com
R3		 2021-09-11 -
2021-12-10		 3 months crt.sh
*.esputnik.com
Sectigo RSA Domain Validation Secure Server CA		 2019-11-28 -
2021-11-27		 2 years crt.sh
mc.yandex.ru
Yandex CA		 2021-07-28 -
2022-01-07		 5 months crt.sh
static.adsafeprotected.com
Amazon		 2021-01-06 -
2022-02-04		 a year crt.sh
ad.lkqd.net
R3		 2021-07-25 -
2021-10-23		 3 months crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
ads.stickyadstv.com
DigiCert SHA2 Secure Server CA		 2021-09-19 -
2022-09-20		 a year crt.sh
*.lkqd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-09 -
2022-07-14		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-09 -
2021-12-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.optad360.io
Amazon		 2020-12-17 -
2022-01-15		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-30 -
2022-06-01		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-08 -
2022-07-07		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.a-mo.net
R3		 2021-07-16 -
2021-10-14		 3 months crt.sh
onetag-sys.com
R3		 2021-07-26 -
2021-10-24		 3 months crt.sh
ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-19 -
2021-12-20		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2021-05-16 -
2022-05-15		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2021-03-10 -
2022-03-29		 a year crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-05-24 -
2021-11-17		 6 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.springserve.com
Amazon		 2021-04-30 -
2022-05-29		 a year crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
*.onaudience.com
Certyfikat SSL		 2021-05-28 -
2022-05-28		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.stickyadstv.com
DigiCert SHA2 High Assurance Server CA		 2019-11-25 -
2022-02-18		 2 years crt.sh
serving.stat-rock.com
R3		 2021-08-22 -
2021-11-20		 3 months crt.sh
cache.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2019-11-08 -
2022-02-05		 2 years crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-17 -
2022-02-09		 6 months crt.sh
*.id5-sync.com
R3		 2021-07-13 -
2021-10-11		 3 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
*.pbp.bf2.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-18 -
2021-11-17		 3 months crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-09 -
2022-04-10		 a year crt.sh
*.audrte.com
Amazon		 2021-01-26 -
2022-02-24		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
bs.yandex.ru
Yandex CA		 2021-05-31 -
2021-11-29		 6 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.tns-counter.ru
GlobalSign ECC OV SSL CA 2018		 2020-11-10 -
2021-12-12		 a year crt.sh
*.postrelease.com
Amazon		 2021-01-28 -
2022-02-25		 a year crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-14 -
2022-06-10		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.bnmla.com
Go Daddy Secure Certificate Authority - G2		 2021-01-06 -
2022-02-07		 a year crt.sh

This page contains 72 frames:

Primary Page: https://ask.fm/altopeanut514
Frame ID: 4CC584ACD77EDED72353F57AC3AA7CFC
Requests: 147 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 7F61A61600D3E3EF631B6796835A3DF4
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 238021A3DBA6D2929B5C5D133015565F
Requests: 2 HTTP requests in this frame

Frame: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Frame ID: 47BCE96FD84D3FEFBAD36EC531E8A645
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 14DB9F357D3D933169808AE57FDEF8DA
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 3CA4BC74A813C19AD9BF70CD573280A3
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 5D0D577AB9671615E7DBD7475720147D
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 66E05C7556E61571B50E404C5637048C
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: D714AE066268399CC831997F50839A3E
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 41564E889B7DFA9653484A16C5A1FD81
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 9CFDCD69E051BAA8F0F1FCD1DB0896A6
Requests: 6 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Frame ID: 80348682146E1D8B0F9D7901EEE18A79
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 61E854724681F3DC6876CBD683DB245D
Requests: 3 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&schain=1.0,1!vidoomy.com,54345,1,1632575564515,,
Frame ID: C44FEE99562AA619F58506D0FB4D3C4E
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 118D2E5EC81E32F083213D0EA513ACC3
Requests: 13 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A
Frame ID: 361043357CF19D5B5B138DCBEFDCD618
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=987620221106058175
Frame ID: 7636423DDFC1561FC4497E1C3842E5BE
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: C9579A80040321B849E03ED3CC795AFE
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 5AC6CEFA0FF125337B154D18EAB93855
Requests: 4 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: A29B9DF1BD6A0466309D708CE3AA3413
Requests: 11 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 2C1B67DBD6C6F25FECC3DEA50F72250C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A99177F82B5A6EF2FCB010D39C6F335F
Requests: 3 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 3683C7927165A883E48BD10DE3A8F4A1
Requests: 5 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1632575567119
Frame ID: 5DB8EC412DCC4AB45D026037ACEC923B
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1632575564512
Frame ID: DF26B3645D1102A1EE688F052B98EC23
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: ECFD96434450564AC70F212683BAC752
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 06BF6FDAA32878BC82D954DB8C898E38
Requests: 3 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=1c5515e0-a932-510c-8278-6f2ce3374f60&CACHEBUSTER=341115
Frame ID: 6A96191C838AF8379BB5A92E63CDABD7
Requests: 7 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1
Frame ID: 31E76A0ECEFE65FB548A521EE5120667
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: ADA43B1E99B6563934C16B81F3AFDF20
Requests: 10 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 6C89239D08309165F4DC92DFBABE2E14
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 89E46406C71067139CA55A52B385D47B
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: ACD9390AC031FE189058E17C6079DA6F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 31BFED0736A04CE6A027C769E2B8A33A
Requests: 15 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7011858668534036631
Frame ID: E60C82FA2BC21B91EF337702A9FDA37D
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 18E737FE8556347A2EDDCBD1114B16EB
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A
Frame ID: E45F5FE382900F3B77BA344DB86CE528
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C16697977432225618525224100008%2C%2C
Frame ID: A42DA35A61B5A886C03286B0300DFA6F
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: DF5EECF5608B34FB528D8349B892C3CA
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: 5880201E49C0523CF711CBEF535AAE08
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 9E4E03D1101A4B7703469BA7A11CA8C6
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: E057035F574E1B0AE00CCBA5BC859F0F
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 1D70B0D5B87AD789F2B010C86B75D2C3
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: 3AD49C5254E1BD0EC64138D128044410
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: CC57B5AFB64097845E9BF1A63E25645D
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: B7B296BEC1A459A8C690971D10F8A879
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 0D10949ED3D8C8564A0E84DB0CE66AEA
Requests: 6 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Frame ID: 041423F34142590AD40E6DB666E452B2
Requests: 6 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&schain=1.0,1!vidoomy.com,54345,1,1632575571728,,
Frame ID: 671AD04DF4F75EE50217A8F0E7DA17E0
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: D46306814993D83B2BDA866EA2CE3F4C
Requests: 4 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: BE6EABCD3730616A0764D08C01B11B8A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-c91a1d0f-81a0-4258-a831-9ecf1e8e2183-003
Frame ID: F2EA1D61120A56B1E425022BA593A098
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 9749B397CE0E380D16A4BB2FC2E647A9
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: BA2A54DCD605BC614A7DF687D886A372
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=TLYMbhNX8FSGhFoCoYtuXio4
Frame ID: 6E8F358350291A88EB75ADD5ABB85311
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 9CA03652C07F080E4C0869D9BABA0B03
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=5e3bb289-0f6c-4e5b-b35e-a2e97a086cc4-tuct848a5d5&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: ADBC0B77A88E219B9AEF5D547319E1A9
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 4AEDCA18192CEC9A93002D545F29DA0B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: AED0827FA8FA0D8436A56749230BC3B3
Requests: 5 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C9966824327242497849004195953%2C%2C
Frame ID: E65C5C31A0A5290EC60650D9937E861A
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 73C367C57F655268399422EE327C470A
Requests: 3 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:pLHl0XgY1Mu7u05&gdpr=0&gdpr_consent=
Frame ID: EC72649644F0A5367B65FED3679C50FB
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: B22C6202F549C3E85A055713500AC773
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:1E004AB5FABD4A84BCF4E2B19FEF125E
Frame ID: 0636F6865AFDE197D21AA5400DC30898
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-_HaVIRqTBF4D-21W9jZtFvHdkw
Frame ID: 231F965426D9FD22166FCA1F3D16EC5C
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 388B4C682A91E279794C0FFF69D50C07
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 6B9E2987ACED16DE8272C43FA5C57B8E
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 55D1E5AE8897B7857A42E0CDC17AB7CC
Requests: 4 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C17264174335856554807134739027%2C%2C
Frame ID: 8EE090726F6A4AF116154FA3798F058A
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: F9CC787D151C53CBB1FEDA79C3EB3614
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: DD9BDC8DECB76EE03A4E9CB12764F731
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 286DA6939A1C00F176889FE3EEBF46B8
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Account Suspended - Ask.fm

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

415
Requests

99 %
HTTPS

25 %
IPv6

93
Domains

133
Subdomains

86
IPs

12
Countries

2740 kB
Transfer

7830 kB
Size

126
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9407.Knz4Q14aRujl8xqCW9eruJ3-kfgu8aOD-EwRcBl18iUgMijaREvdlpBOCS9WAWCE.JsNvVR6i_4fiWk6jtJjtSZc-cvs%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9407.d8J2rl4FBnTh7UFITl6Hy1RnKFf1dwPFqXrhB_4fcLWuRtxveJR0wLq6iv-KNtEbfZqfLdbHkXuJbSj2O1W68Q%2C%2C.wuZvn-hM2858jslVTn06-NrkBJs%2C
Request Chain 38
  • https://mc.yandex.com/watch/48953915?wmode=7&page-url=https%3A%2F%2Fask.fm%2Faltopeanut514&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A1010%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A1424243023836%3Ahid%3A795551383%3Az%3A0%3Ai%3A20210925131243%3Aet%3A1632575563%3Ac%3A1%3Arn%3A712893797%3Arqn%3A1%3Au%3A1632575563880604643%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1632575562046%3Ads%3A13%2C300%2C154%2C91%2C0%2C0%2C%2C124%2C6%2C%2C%2C%2C927%3Adsn%3A13%2C300%2C154%2C91%2C0%2C0%2C%2C366%2C6%2C%2C%2C%2C927%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1632575563%3At%3AAccount%20Suspended%20-%20Ask.fm HTTP 302
  • https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Faltopeanut514&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A1010%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A1424243023836%3Ahid%3A795551383%3Az%3A0%3Ai%3A20210925131243%3Aet%3A1632575563%3Ac%3A1%3Arn%3A712893797%3Arqn%3A1%3Au%3A1632575563880604643%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1632575562046%3Ads%3A13%2C300%2C154%2C91%2C0%2C0%2C%2C124%2C6%2C%2C%2C%2C927%3Adsn%3A13%2C300%2C154%2C91%2C0%2C0%2C%2C366%2C6%2C%2C%2C%2C927%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1632575563%3At%3AAccount%20Suspended%20-%20Ask.fm
Request Chain 41
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Request Chain 42
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=983210265.31752251653087263.7353657 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=983210265.31752251653087263.7353657 HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=6cb7c9dc-c4fa-434e-886d-1c7105398e76&ssp=vidoomy&gdpr=&gdpr_consent=
Request Chain 43
  • https://sync.1rx.io/usersync2/vidoomy?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1251127362 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1251127362 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-c91a1d0f-81a0-4258-a831-9ecf1e8e2183-003?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3DRX-c91a1d0f-81a0-4258-a831-9ecf1e8e2183-003 HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=RX-c91a1d0f-81a0-4258-a831-9ecf1e8e2183-003
Request Chain 53
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7324640424251641362
Request Chain 58
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7252582830213713426
Request Chain 78
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7252582830213713426
Request Chain 91
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=OjwDIHx0S0taazlFU0lCWjkxcEdpMDlzc1NYN2VtS2Jub3ZpYzdQOTJxNFZ0UWNndnp6VndpNEQ5ZksxS01jbmsxcU9FdWExYVFMOXBvVlZzVzdDWkxDSlRYRGVIZjQ5d3JWQ3NiMFZKL2JQYnlBL3hGazdDUVR6T0JpTmJKRHgybU5FcHlMYjRhSFZKaE5LTlY3dTV2L2U4Nk51S1ExOWNUV0EwNTNPTWdRMG9INFN2VjhWWTZoZWZySjVIbXc1VkF2bTZSempuRnR6K2Y4c1d3QUhUWWxGRnpGQW5EcFo3OUVPem9pWi9ia2xBNjRzPXw&cppv=2
Request Chain 105
  • https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fask.fm%2Faltopeanut514&cb=1325996002&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C2225618525224100008109147015,, HTTP 302
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fask.fm%2Faltopeanut514&cb=1325996002&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C2225618525224100008109147015,, HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Request Chain 118
  • https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fask.fm%2Faltopeanut514&cb=1325996002&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C2225618525224100008109147015,, HTTP 302
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fask.fm%2Faltopeanut514&cb=1325996002&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C2225618525224100008109147015,,
Request Chain 135
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 137
  • https://c1.adform.net/serving/cookie/match?party=14&cid=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A
Request Chain 138
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=987620221106058175
Request Chain 140
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_r1vqrFXTr2Dyh91CdZbGg%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 141
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ba1c614f-204d-4600-9bd5-42180ca7e8a4
Request Chain 142
  • https://pixel.onaudience.com/?partner=214&mapped=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=318d9fe07b519d1d04ab4ef3667bdd31
Request Chain 143
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RkVCRDZGQUEtQjE1Ny00RUJELTgzQ0EtMUY3NTA5RDY1QjFB&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 144
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAMN9GLynvTCPFX3wlg9Stk&google_cver=1
Request Chain 146
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9
Request Chain 147
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3196635862961852579
Request Chain 148
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:a41c614f-204d-4e00-82b5-82420cc0a8a7&gdpr=0&gdpr_consent=
Request Chain 149
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4052348112198880942&gdpr=0&gdpr_consent=
Request Chain 150
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=3TmqINk4qiLGbq0k0jizd95up3bGP6t12Twy2EZh
Request Chain 177
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D32e092a3-32a2-43ee-b676-ef022766cbbf%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D32e092a3-32a2-43ee-b676-ef022766cbbf%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://prebid.a-mo.net/setuid?A=32e092a3-32a2-43ee-b676-ef022766cbbf&D=&bidder=sovrn&uid=e73a2f314ad509028b031230
Request Chain 178
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D32e092a3-32a2-43ee-b676-ef022766cbbf%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID HTTP 302
  • https://prebid.a-mo.net/setuid?A=32e092a3-32a2-43ee-b676-ef022766cbbf&D=&bidder=pubmatic&uid=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A
Request Chain 180
  • https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=32e092a3-32a2-43ee-b676-ef022766cbbf HTTP 302
  • https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=32e092a3-32a2-43ee-b676-ef022766cbbf&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=32e092a3-32a2-43ee-b676-ef022766cbbf&apid=UP47467410-1e02-11ec-9e09-026026bb297a HTTP 302
  • https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=32e092a3-32a2-43ee-b676-ef022766cbbf&apid=UP47467410-1e02-11ec-9e09-026026bb297a&verify=true HTTP 302
  • https://prebid.a-mo.net/setuid/verizon_video?uid=UP47467410-1e02-11ec-9e09-026026bb297a&gdpr=0&gdpr_consent=
Request Chain 181
  • https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D32e092a3-32a2-43ee-b676-ef022766cbbf%26D%3D%26bidder%3Dindex_rtb%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D32e092a3-32a2-43ee-b676-ef022766cbbf%26D%3D%26bidder%3Dindex_rtb%26uid%3D&s=191503&C=1 HTTP 302
  • https://prebid.a-mo.net/setuid?A=32e092a3-32a2-43ee-b676-ef022766cbbf&D=&bidder=index_rtb&uid=YU8gT.8YpUffu51V2cqPtAAA%261137
Request Chain 182
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D32e092a3-32a2-43ee-b676-ef022766cbbf%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/setuid?A=32e092a3-32a2-43ee-b676-ef022766cbbf&D=&bidder=appnexus&uid=8927850195643254724
Request Chain 185
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=6cb7c9dc-c4fa-434e-886d-1c7105398e76 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=6cb7c9dc-c4fa-434e-886d-1c7105398e76 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=5777dea3-8fa8-490c-bd66-41eb7e460022&user_group=1&ssp=between&bsw_param=6cb7c9dc-c4fa-434e-886d-1c7105398e76 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=6cb7c9dc-c4fa-434e-886d-1c7105398e76
Request Chain 186
  • https://px.adhigh.net/p/cm/btw HTTP 302
  • https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=jsds7aivMM.AikABlF8HRY3uw
Request Chain 187
  • https://sync.bumlam.com/?src=bw1&uid=1c5515e0-a932-510c-8278-6f2ce3374f60 HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjPwLyKBlIFvp7KygpiJDFjNTUxNWUwLWE5MzItNTEwYy04Mjc4LTZmMmNlMzM3NGY2MA** HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjPwLyKBlIFvp7KygpiJDFjNTUxNWUwLWE5MzItNTEwYy04Mjc4LTZmMmNlMzM3NGY2MKIBEEdXUGIeAhHshuAAJZDAZHw* HTTP 302
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQABjPwLyKBmIkMWM1NTE1ZTAtYTkzMi01MTBjLTgyNzgtNmYyY2UzMzc0ZjYwogEQR1dQYh4CEeyG4AAlkMBkfA** HTTP 302
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQARjPwLyKBmIkMWM1NTE1ZTAtYTkzMi01MTBjLTgyNzgtNmYyY2UzMzc0ZjYwogEQR1dQYh4CEeyG4AAlkMBkfA** HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=18&external_user_id=47575062-1e02-11ec-86e0-002590c0647c
Request Chain 188
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.betweendigital.com/match?bidder_id=114&external_user_id=ccf92b5941375174c26fa655
Request Chain 194
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YU8gT-8YpUffu51V2cqPtAAABHEAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENINJpqBZL7wKxdMX6i6mXc&google_cver=1
Request Chain 195
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YU8gT-8YpUffu51V2cqPtAAABHEAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YU8gT-8YpUffu51V2cqPtAAABHEAAAIB&dcc=t
Request Chain 196
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YU8gT.8YpUffu51V2cqPtAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENv6bS-zEYs8_ronTLUPGYA&google_cver=1&gdpr=1&google_hm=2
Request Chain 198
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YU8gT.8YpUffu51V2cqPtAAA%261137?gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YU8gT.8YpUffu51V2cqPtAAA%261137?gdpr_consent=&us_privacy=&gdpr=1
Request Chain 203
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Request Chain 205
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8927850195643254724
Request Chain 206
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-x2MY60RE2uF6egs3D3sD2pYwtpBLAwjRpjwNDdE-~A
Request Chain 207
  • https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-c91a1d0f-81a0-4258-a831-9ecf1e8e2183-003&rndcb=4264948998 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=6cb7c9dc-c4fa-434e-886d-1c7105398e76&google_hm=NmNiN2M5ZGMtYzRmYS00MzRlLTg4NmQtMWM3MTA1Mzk4ZTc2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEK8HgWwVrf_7WHOTJmBHD14&google_cver=1&ssp=adconductor&bsw_param=6cb7c9dc-c4fa-434e-886d-1c7105398e76 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/6cb7c9dc-c4fa-434e-886d-1c7105398e76?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-c91a1d0f-81a0-4258-a831-9ecf1e8e2183-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-c91a1d0f-81a0-4258-a831-9ecf1e8e2183-003 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-c91a1d0f-81a0-4258-a831-9ecf1e8e2183-003
Request Chain 208
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP47467410-1e02-11ec-9e09-026026bb297a HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP47467410-1e02-11ec-9e09-026026bb297a
Request Chain 209
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=cbdca909-bc2e-4a8f-ba01-f245dc58bf85
Request Chain 210
  • https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=61a46153-8193-4dcb-a444-6f5fc56358de
Request Chain 211
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8927850195643254724
Request Chain 212
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=ccf92b5941375174c26fa655
Request Chain 218
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=1f2f4917044a5f2f28572734ffc1875&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l1a40_7011858672808634824 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=MWYyZjQ5MTcwNDRhNWYyZjI4NTcyNzM0ZmZjMTg3NQ==&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEB5NnQSPhuMzLf0g_qCab0w&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=8927850195643254724 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/1f2f4917044a5f2f28572734ffc1875&gdpr=0&gdpr_consent=?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-Ekj8DkVE2oOcvoZH.504NGvWLKYZe4svXuunwIy8~A HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=ba1c614f-204d-4600-9bd5-42180ca7e8a4&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 303
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AADQPk7CnkEAADGw8FYMKw&gdpr=0 HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YU8gUAAEQinUIAA6&gdpr=0 HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=pLHl0XgY1Mu7u05&gdpr=0 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0
Request Chain 224
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MWYyZjQ5MTcwNDRhNWYyZjI4NTcyNzM0ZmZjMTg3NQ==&gdpr=0&gdpr_consent=
Request Chain 225
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=1f2f4917044a5f2f28572734ffc1875&ex=freewheel.tv&gdpr=0&gdpr_consent=
Request Chain 229
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7252582830213713426
Request Chain 230
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=ba1c614f-204d-4600-9bd5-42180ca7e8a4&gdpr=1&gdpr_consent=
Request Chain 231
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YU8gT.8YpUffu51V2cqPtAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENv6bS-zEYs8_ronTLUPGYA&google_cver=1&gdpr=1&google_hm=2
Request Chain 232
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YU8gT-8YpUffu51V2cqPtAAABHEAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENINJpqBZL7wKxdMX6i6mXc&google_cver=1
Request Chain 233
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06c0220402c21fe50e1f718a&expiration=[EXPIRATION]&gdpr=1
Request Chain 234
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YU8gT-8YpUffu51V2cqPtAAABHEAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YU8gT-8YpUffu51V2cqPtAAABHEAAAIB&dcc=t
Request Chain 236
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=6cb7c9dc-c4fa-434e-886d-1c7105398e76 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=6cb7c9dc-c4fa-434e-886d-1c7105398e76 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=09d26556-4df1-4bd8-aaa3-da49efd83a80&ssp=between&expires=30&user_group=5&bsw_param=6cb7c9dc-c4fa-434e-886d-1c7105398e76 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=6cb7c9dc-c4fa-434e-886d-1c7105398e76
Request Chain 237
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7011858668534036631
Request Chain 238
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEUVBrN0Nua0VBQURHdzhGWU1Ldw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 240
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A&addseg=19,36,42
Request Chain 241
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 243
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A HTTP 302
  • https://a.audrte.com/p
Request Chain 244
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-lKcw_PdE2uWmuUvONxP23y_0l057m0k-~A&gdpr=0&gdpr_consent=
Request Chain 246
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=a3b0047c-0d58-4994-b664-453f6a94e715&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=6cb7c9dc-c4fa-434e-886d-1c7105398e76&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 248
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YU8gUAAEQinUIAA6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YU8gUAAEQinUIAA6&gdpr=0&gdpr_consent=&_test=YU8gUAAEQinUIAA6
Request Chain 249
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7252582830213713426&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 250
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 251
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:aba65aae-bf6c-4a1d-9971-58e18dbcffc4&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 256
  • https://sync.bumlam.com/?src=aid0 HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=47575062-1e02-11ec-86e0-002590c0647c HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=47575062-1e02-11ec-86e0-002590c0647c&bounce=1 HTTP 302
  • https://sync.bumlam.com/?src=aid1&uid=y2C%2F4NxE66jf%2FOS0ZjvYpQ& HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=y2C/4NxE66jf/OS0ZjvYpQ&extra2=aidata HTTP 302
  • https://sync3.sniperlog.ru/?src=ggl&extra1=y2C/4NxE66jf/OS0ZjvYpQ&extra2=aidata&google_gid=CAESEJGrXzE6KeSmH57mgudfTPI&google_cver=1 HTTP 301
  • https://sync.bumlam.com/?src=ggl&extra1=y2C/4NxE66jf/OS0ZjvYpQ&extra2=aidata&google_gid=CAESEJGrXzE6KeSmH57mgudfTPI&google_cver=1 HTTP 302
  • https://an.yandex.ru/setud/adsniper/42d751cbed1f82cd?sign=3661354027 HTTP 302
  • https://an.yandex.ru/setud/adsniper/42d751cbed1f82cd?redir-setuniq=1&sign=3661354027
Request Chain 264
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Request Chain 267
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/341115 HTTP 302
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/341115
Request Chain 269
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=1c5515e0-a932-510c-8278-6f2ce3374f60&expires=60 HTTP 302
  • https://jadserve.postrelease.com/suid/1011?vk=6cb7c9dc-c4fa-434e-886d-1c7105398e76
Request Chain 278
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7252582830213713426
Request Chain 282
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F1c5515e0-a932-510c-8278-6f2ce3374f60 HTTP 302
  • https://an.yandex.ru/mapuid/betweendigitalis/1c5515e0-a932-510c-8278-6f2ce3374f60
Request Chain 287
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1871060359&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1 HTTP 302
  • https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1871060359&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=dc36caca-38e7-4351-a00b-62688eb854f9&a.is_yahoo=3&redirect_y=dHM9MTYzMjU3NTU3MDIwMS4yMDcyNzU6YXBpZD1VUDQ3NDY3NDEwLTFlMDItMTFlYy05ZTA5LTAyNjAyNmJiMjk3YTpyZXF1ZXN0X2lkPWRjMzZjYWNhLTM4ZTctNDM1MS1hMDBiLTYyNjg4ZWI4NTRmOQ==
Request Chain 289
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=1370586794&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1 HTTP 302
  • https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=1370586794&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=f6a6ea35-56bc-4ceb-bf5a-566801b9e682&a.is_yahoo=3&redirect_y=dHM9MTYzMjU3NTU3MDIxMi40ODM4ODc6YXBpZD1VUDQ3NDY3NDEwLTFlMDItMTFlYy05ZTA5LTAyNjAyNmJiMjk3YTpyZXF1ZXN0X2lkPWY2YTZlYTM1LTU2YmMtNGNlYi1iZjVhLTU2NjgwMWI5ZTY4Mg==
Request Chain 295
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=651651275&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1 HTTP 302
  • https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=651651275&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=756177a2-be92-499e-b1dd-3f01e09a14d9&a.is_yahoo=3&redirect_y=dHM9MTYzMjU3NTU3MDIwOS41ODkzNTU6YXBpZD1VUDQ3NDY3NDEwLTFlMDItMTFlYy05ZTA5LTAyNjAyNmJiMjk3YTpyZXF1ZXN0X2lkPTc1NjE3N2EyLWJlOTItNDk5ZS1iMWRkLTNmMDFlMDlhMTRkOQ==
Request Chain 309
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7252582830213713426
Request Chain 315
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=1444411495&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1 HTTP 302
  • https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=1444411495&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=1c575732-a48e-426c-b02c-98eb7f2424f6&a.is_yahoo=3&redirect_y=dHM9MTYzMjU3NTU3MjIzMi4zMDQxOTk6YXBpZD1VUDQ3NDY3NDEwLTFlMDItMTFlYy05ZTA5LTAyNjAyNmJiMjk3YTptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPTFjNTc1NzMyLWE0OGUtNDI2Yy1iMDJjLTk4ZWI3ZjI0MjRmNg==
Request Chain 321
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1894255927&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1 HTTP 302
  • https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1894255927&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=4ca06f7c-ffe0-4866-abf0-5ebfad532a2f&a.is_yahoo=3&redirect_y=dHM9MTYzMjU3NTU3MjI0NS45Nzg1MTY6YXBpZD1VUDQ3NDY3NDEwLTFlMDItMTFlYy05ZTA5LTAyNjAyNmJiMjk3YTptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPTRjYTA2ZjdjLWZmZTAtNDg2Ni1hYmYwLTVlYmZhZDUzMmEyZg==
Request Chain 335
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 336
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F1508%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=7975788851 HTTP 302
  • https://sync.1rx.io/usersync3/centro/1508/no-consent?zcc=0&sspret=1&rndcb=7975788851 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-c91a1d0f-81a0-4258-a831-9ecf1e8e2183-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-c91a1d0f-81a0-4258-a831-9ecf1e8e2183-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-c91a1d0f-81a0-4258-a831-9ecf1e8e2183-003
Request Chain 339
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=TLYMbhNX8FSGhFoCoYtuXio4
Request Chain 340
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 341
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=5e3bb289-0f6c-4e5b-b35e-a2e97a086cc4-tuct848a5d5&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 343
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8927850195643254724
Request Chain 350
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=3196635862961852579 HTTP 302
  • https://ad.turn.com/r/cs?pid=34&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=7252582830213713426 HTTP 302
  • https://sync.adotmob.com/cookie/stickyads?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=257&userId=06c0220402c21fe50e1f718a&gdpr=0&gdprConsent= HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=6623204&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=4b5c71bf-1e02-11ec-a122-f3fe5a1407a4 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=103&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D721%26userId%3D%7BuserId%7D HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=721&userId=no-consent HTTP 302
  • https://7e1d5.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D993%26userId%3d%23%7buser.id%7d HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=993&userId=l1a40_7011858672808634824 HTTP 302
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D609%26userId%3D%24%7Bssky_uuid%7D HTTP 302
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D609%26userId%3D%24%7Bssky_uuid%7D&_cvt=t HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=609&userId=d6.a09d61ea9a2b4445b26cc6ac3bcc1528 HTTP 302
  • https://x.bidswitch.net/sync?ssp=stickyads&gdpr=0&gdpr_consent= HTTP 302
  • https://ums.acuityplatform.com/bum?tpid=29&uid=6cb7c9dc-c4fa-434e-886d-1c7105398e76&bidswitch_ssp_id=stickyads HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=236&user_id=609746078224&expires=30&user_group=1&ssp=StickyAds
Request Chain 356
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=1f2f4917044a5f2f28572734ffc1875&ex=freewheel.tv&gdpr=0&gdpr_consent=
Request Chain 357
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MWYyZjQ5MTcwNDRhNWYyZjI4NTcyNzM0ZmZjMTg3NQ==&gdpr=0&gdpr_consent=
Request Chain 365
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:pLHl0XgY1Mu7u05&gdpr=0&gdpr_consent=
Request Chain 367
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:1E004AB5FABD4A84BCF4E2B19FEF125E
Request Chain 368
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-_HaVIRqTBF4D-21W9jZtFvHdkw
Request Chain 369
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=4b5d0d2d-1e02-11ec-9130-efd842e42202&gdpr=0&gdpr_consent=
Request Chain 383
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7252582830213713426
Request Chain 387
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1994156417&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1 HTTP 302
  • https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1994156417&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=3ab1f524-8f5e-480d-9d1c-b2514029c1c4&a.is_yahoo=3&redirect_y=dHM9MTYzMjU3NTU3NTYyOC45NTgyNTI6YXBpZD1VUDQ3NDY3NDEwLTFlMDItMTFlYy05ZTA5LTAyNjAyNmJiMjk3YTptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPTNhYjFmNTI0LThmNWUtNDgwZC05ZDFjLWIyNTE0MDI5YzFjNA==
Request Chain 389
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=1379518558&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1 HTTP 302
  • https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=1379518558&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=ab167191-2baf-4019-a184-07eb82387009&a.is_yahoo=3&redirect_y=dHM9MTYzMjU3NTU3NTYzMy4wNDA3NzE6YXBpZD1VUDQ3NDY3NDEwLTFlMDItMTFlYy05ZTA5LTAyNjAyNmJiMjk3YTptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPWFiMTY3MTkxLTJiYWYtNDAxOS1hMTg0LTA3ZWI4MjM4NzAwOQ==
Request Chain 395
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=235387362&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1 HTTP 302
  • https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=235387362&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=03c27843-e12f-40f4-8754-95a8a43db99c&a.is_yahoo=3&redirect_y=dHM9MTYzMjU3NTU3NTY0My4zNTc0MjI6YXBpZD1VUDQ3NDY3NDEwLTFlMDItMTFlYy05ZTA5LTAyNjAyNmJiMjk3YTptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPTAzYzI3ODQzLWUxMmYtNDBmNC04NzU0LTk1YThhNDNkYjk5Yw==
Request Chain 419
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7252582830213713426

415 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set altopeanut514
ask.fm/ 		13 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ask.fm/altopeanut514
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.138.77.146 , Latvia, ASN395754 (ASK-FM, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
b8918cf58614d09642498594f4a082de9eb9b07df0419fd70acd1207b79da8de
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
ask.fm
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Status
410 Gone
Cache-Control
no-cache
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Date
Sat, 25 Sep 2021 13:12:42 GMT
Set-Cookie
locale=de; path=/; expires=Sun, 25 Sep 2022 19:12:42 GMT uuid=7212ab51-33a2-454e-ab85-3fd71008cf91; path=/; expires=Sun, 25 Sep 2022 19:12:42 GMT; secure; HttpOnly country=DE; path=/; expires=Sun, 25 Sep 2022 19:12:42 GMT _m_ask_fm_session=cWduMENQTWxMdHU3M2c2czhKcS9xQmcwYXloTlpSSDJFRTNKbE56SnovOGJ4Z20wSlBmbnp2QlNWVEFQQjR5WjJQTlVMenZDUWRkSlliV1dQYXdmcTlNTTVvMDlIYVB5WDlVK0xsYlhkTXh2YlBSREx0U3psN3gzOFJ1NHViNkxibFhEL3R4UU1URWNzbEZ3WHZwUUZWYnAxSDNxa2hTY3ViWXNDSW5kMTJtWjdxSDFPamJlV1NjZjZJNExHVStNNnBqWFdLM0NRQzhuWVkxVDVPdFhDWVVyZjFmaWZCbURxenE2anc1NFpEUjZmdlJMQXFmZ1c3SjloQ1FjaDhxNy0teFY3MEFFQmlnc0RvSjN6aGhmMEdGdz09--354bae6579a140679f0e706855f9d1adacf67641; path=/; expires=Tue, 28 Sep 2021 13:12:42 GMT; secure; HttpOnly
Server
Ask.FM Web Service
Content-Security-Policy
frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security
max-age=63072000
application_ltr-e431b1b76f357244f36acf55909bf2867bff80742139afe7b2313cff66aa5d39.css
d3r6ceqp4shltl.cloudfront.net/assets/ 		205 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-e431b1b76f357244f36acf55909bf2867bff80742139afe7b2313cff66aa5d39.css
Requested by
Host: ask.fm
URL: https://ask.fm/altopeanut514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:3a00:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
f35eb63af5172e2882f9880d0668b3517869ae1dcf15cec3b5b4ebd506ffb544
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:00:24 GMT
content-encoding
gzip
vary
Accept-Encoding
age
447138
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000
access-control-allow-origin
https://ask.fm
last-modified
Mon, 20 Sep 2021 08:56:03 GMT
server
Ask.FM Web Service
etag
W/"61484ca3-33492"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
via
1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront)
cache-control
public, max-age=315360000, immutable
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
NsjDZLf04LM5584ZapfE7uj5YPDfW5daAdWO4t3hI4AkOaq1KI1UIQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
application-f82948a8cf5896011175c1fbf42c5b3ad45aaa9cfae7d60fa0f42812eb0e410e.js
d3r6ceqp4shltl.cloudfront.net/assets/ 		216 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3r6ceqp4shltl.cloudfront.net/assets/application-f82948a8cf5896011175c1fbf42c5b3ad45aaa9cfae7d60fa0f42812eb0e410e.js
Requested by
Host: ask.fm
URL: https://ask.fm/altopeanut514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:3a00:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
68bbd771eecb76f98639a65674facba6df78abad6550a712aff0d30fefe11c71
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:00:23 GMT
content-encoding
gzip
vary
Accept-Encoding
age
447139
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000
access-control-allow-origin
https://ask.fm
last-modified
Mon, 20 Sep 2021 08:56:04 GMT
server
Ask.FM Web Service
etag
W/"61484ca4-35fe0"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront)
cache-control
public, max-age=315360000, immutable
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
ZEc3b03XU8Ca_pCz3PSRlnjaPWWdG7P1Ppa45PYAazR_zMJSSarC9A==
expires
Thu, 31 Dec 2037 23:55:55 GMT
askfm_4249.js
ads.vidoomy.com/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.vidoomy.com/askfm_4249.js
Requested by
Host: ask.fm
URL: https://ask.fm/altopeanut514
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.129.250.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-129-250-65.us-east-2.compute.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash
7cb4560c15852d4f239dbe2b2fb095b3e1dcd15086b7a4307d42ae1e6c20c139

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:43 GMT
Server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By
PHP/7.0.33
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=300
Content-Length
5794
account-suspended.gif
d3r6ceqp4shltl.cloudfront.net/images/errors/ 		380 KB
380 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3r6ceqp4shltl.cloudfront.net/images/errors/account-suspended.gif
Requested by
Host: ask.fm
URL: https://ask.fm/altopeanut514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:3a00:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
b570d38ee9fb9d3c62cdd3395021b23cf0c1b8d6e55aa0f4c31496723a30c202
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 15:38:28 GMT
via
1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront)
age
3274454
x-cache
Hit from cloudfront
content-length
388641
last-modified
Wed, 18 Aug 2021 12:19:47 GMT
server
Ask.FM Web Service
etag
"611cfae3-5ee21"
strict-transport-security
max-age=63072000
content-type
image/gif
cache-control
max-age=315360000, public
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
x-amz-cf-id
_O3UHgcn70FPlzjjLDwoiKD_73qVQ_eVW2xgvly31h9bFgf5r79FIw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
v2doydDDr7mj6NrgHnAK5ak-qxBmJSRZTUAYuHM-2FpCgUsDt2NNH9aFlN0Jtm2lc
colossalcoat.com/ 		103 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://colossalcoat.com/v2doydDDr7mj6NrgHnAK5ak-qxBmJSRZTUAYuHM-2FpCgUsDt2NNH9aFlN0Jtm2lc
Requested by
Host: ask.fm
URL: https://ask.fm/altopeanut514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
133.96.201.35.bc.googleusercontent.com
Software
/
Resource Hash
7a2b9a9375f9ea27cb98d1bcd8181da509b505992571d8d58833cc9e0abba4ce
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"7796c0b3069549379f0bb7e2e12b057a0e4c4c779190a66b7178ee145e3c6d43"
vary
Accept-Encoding, Accept-Language
x-hostname
a26589ac
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Sat, 25 Sep 2021 13:12:43 GMT
timing-allow-origin
*
scripts
esputnik.com/scripts/v1/public/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://esputnik.com/scripts/v1/public/scripts?apiKey=eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI0NTI0ZWZhYTJkYzI2MGRmYTM4YTE1NDBlMWFlYmU1M2QxYjUyMDE3MzM0OWZhOTIxZGExMGU3OWRmYzEwMDRmMjJhOGU1MzE1ZmJlYTIyZTBhMDMzY2FhODU3ZDgzNTY1MGFhYTM0NjEwNjUzNGMxZTcyMjRhOTU2ODVlYmQ0N2JkZDhlYjZkNmIyMDc0NWFhNDY3YjIyMWI0ODI0NTE2MGY4ZmU1OTY5MDU3In0.G6LVcfCiI7Js2CYtqG0BsrNJdgaviLhvqlodAVkkBkzVwQmSlSOsrIkTvP_QNoXGzaogwOdqcjtaXPMKvwWD0A&domain=1152F29B-9126-4F22-869C-ECC03B33FB2B
Requested by
Host: ask.fm
URL: https://ask.fm/altopeanut514
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:ac8:b900:f121:163b:7bd1:59c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0df33bbf056c61ab7c3c2d0bbfe612a27d73899ff4e9379a65592d3894209531
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 13:12:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=300
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Expires
Sat, 25 Sep 2021 13:17:43 GMT
tag.js
mc.yandex.ru/metrika/ 		191 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-f82948a8cf5896011175c1fbf42c5b3ad45aaa9cfae7d60fa0f42812eb0e410e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
8ce174fc34969d02274382ec6da5a274b254802c3814de6971de6ec349c7dd6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:43 GMT
content-encoding
br
last-modified
Sat, 25 Sep 2021 10:27:39 GMT
etag
"614ecf6b-1031a"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
66330
expires
Sat, 25 Sep 2021 14:12:43 GMT
160685.jpg
d16vsmxl4d5tw1.cloudfront.net/fa6/d2763/64f4/4cc1/ba69/36138b58fd9c/thumb/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/fa6/d2763/64f4/4cc1/ba69/36138b58fd9c/thumb/160685.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/altopeanut514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:d400:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2de6a5c68add58b2ecece8047495cca72871b4155e9d701d45e9620d44160ead

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 12:52:01 GMT
via
1.1 d9bcd0a29e17b9290f8c9f1617335955.cloudfront.net (CloudFront)
last-modified
Mon, 03 Jun 2019 12:13:02 GMT
server
AmazonS3
age
1243
etag
"09b6903a2c9207d35ffe43c64b9958dd"
x-edge-origin-shield-skipped
0
x-amz-version-id
A2RHIhpw5PqYRs5N_Dw_Kb_t.YBxUdPU
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-type
image/jpeg
content-length
3515
x-amz-cf-id
2mStQvq8opbC-ou3TJnPiMtMWFj8vYhOocIQHOzoxM7NvjWbC8zIHw==
130072.jpg
d16vsmxl4d5tw1.cloudfront.net/0aa/329be/1af9/456b/8651/dee358178940/thumb/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/0aa/329be/1af9/456b/8651/dee358178940/thumb/130072.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/altopeanut514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:d400:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
30a39ee37659a4d38954b8fb0ed164bf5ee9114aa32cf5c64f7e790fb08b844a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:01:57 GMT
via
1.1 d9bcd0a29e17b9290f8c9f1617335955.cloudfront.net (CloudFront)
last-modified
Sat, 18 May 2019 03:31:52 GMT
server
AmazonS3
age
647
etag
"ea482cd2ce95688a24c91f3b2032101f"
x-edge-origin-shield-skipped
0
x-amz-version-id
GdWVheYS0vdLBvwAIbwaPzO4zw3r5jL3
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-type
image/jpeg
content-length
4911
x-amz-cf-id
uvjRanXX-3exXiXndGaVz-EO8Y3NaTvHbUeVoMPBzcEZMVrgjGjnLA==
144463.jpg
d16vsmxl4d5tw1.cloudfront.net/709/732f1/a370/4c88/a877/f67d943add9e/thumb/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/709/732f1/a370/4c88/a877/f67d943add9e/thumb/144463.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/altopeanut514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:d400:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d82c4f6cf5fc74227860fbeafbd157a5e5205f761cc1285b3d427a48ce6658a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 12:57:24 GMT
via
1.1 d9bcd0a29e17b9290f8c9f1617335955.cloudfront.net (CloudFront)
last-modified
Sun, 23 Sep 2018 23:03:31 GMT
server
AmazonS3
age
920
etag
"e127c47257bb61c215b6497e7c0223c0"
x-edge-origin-shield-skipped
0
x-amz-version-id
bjZaO.50vJRUK1uG4QhTYZAQibqPnj21
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-type
image/jpeg
content-length
3797
x-amz-cf-id
Zz0xClYdim-aKFJ7-qBNIApbeleqSK8cUvjIoNXMoWZheWf1bMEEXg==
1130929.jpg
d16vsmxl4d5tw1.cloudfront.net/096/d8408/5b73/4984/a8a6/e6c1498b8f1b/thumb/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/096/d8408/5b73/4984/a8a6/e6c1498b8f1b/thumb/1130929.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/altopeanut514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:d400:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b7e6cef2761bf01e8659ae76d9783100e16d3b893510ab94a6e2ac7eb40377fc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:04:44 GMT
via
1.1 d9bcd0a29e17b9290f8c9f1617335955.cloudfront.net (CloudFront)
last-modified
Mon, 05 Feb 2018 16:23:43 GMT
server
AmazonS3
age
480
etag
"f2243df94f4d0705f797f557b2e32082"
x-edge-origin-shield-skipped
0
x-amz-version-id
qr0PIbEBqam8aMk7h8LbNASfnzlPkju3
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-type
image/jpeg
content-length
3846
x-amz-cf-id
-4OpS2yPtOWCYU4QzFycihBioh2SEAE1YurHos9_U_sots1fxvxDSA==
214840.jpg
d16vsmxl4d5tw1.cloudfront.net/13b/8269f/4282/4828/824a/98b5daa062bf/thumb/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/13b/8269f/4282/4828/824a/98b5daa062bf/thumb/214840.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/altopeanut514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:d400:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2bbe871c732e3d6a80d1c16d299bb5359048c2455d6afb8c53df852be0ca7fa4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:44 GMT
via
1.1 d9bcd0a29e17b9290f8c9f1617335955.cloudfront.net (CloudFront)
last-modified
Thu, 29 Nov 2018 18:11:31 GMT
server
AmazonS3
x-edge-origin-shield-skipped
0
etag
"abb593becbf772cfd0c9fbeea32061fd"
x-cache
Miss from cloudfront
x-amz-version-id
wdzUKNbvYxeuE7uSYY0e8ITDvyCLY3J.
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-type
image/jpeg
content-length
2470
x-amz-cf-id
7lPmBicm00u4IiSkXBiyFkTQVsK8eh5i03XSYeBKMgs1BRPh5ax3GA==
386511.jpg
d16vsmxl4d5tw1.cloudfront.net/e10/c8aa0/73d3/4e82/ad21/fcdfa6c380c9/thumb/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/e10/c8aa0/73d3/4e82/ad21/fcdfa6c380c9/thumb/386511.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/altopeanut514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:d400:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
30b0f5ab04d24ee07e8852dfd155fe964e0c8ee1d2efdc2c06fa88450cbc48db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 12:41:09 GMT
via
1.1 d9bcd0a29e17b9290f8c9f1617335955.cloudfront.net (CloudFront)
last-modified
Wed, 16 May 2018 13:07:21 GMT
server
AmazonS3
age
1895
etag
"7b6f04eab02e18f3afbd3566e598b687"
x-edge-origin-shield-skipped
0
x-amz-version-id
.ZLuUL652IWe74QUsgwXFbJOCP.l68BZ
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-type
image/jpeg
content-length
3049
x-amz-cf-id
rEN26C98BMBh3AWnDwoSqnGvwM6Y0PyalJqwq5lOtMt2WMvWn4eNUA==
435638.jpg
d16vsmxl4d5tw1.cloudfront.net/dae/203c3/76a7/4d56/83fd/01610e23800d/thumb/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/dae/203c3/76a7/4d56/83fd/01610e23800d/thumb/435638.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/altopeanut514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:d400:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5f92887259fd8c11e568ccffd8e8027bc11621beb41f858b3a5a604974d83c9b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
2Bb0rrS7Hj5pMuzvUgGLaVY9zR.4_0UH
via
1.1 d9bcd0a29e17b9290f8c9f1617335955.cloudfront.net (CloudFront)
last-modified
Sat, 19 May 2018 09:18:22 GMT
server
AmazonS3
age
4929
etag
"1d70b981ba750547d1f37597133014d9"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-storage-class
REDUCED_REDUNDANCY
date
Sat, 25 Sep 2021 11:50:35 GMT
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-length
1318
x-amz-cf-id
oj5_EcSjJdyCZliat3ApYaUekPoQe1G8qcEvzLXw5pXi7_MmsUxI1g==
7632.jpg
d16vsmxl4d5tw1.cloudfront.net/f3e/03245/17f2/4eed/be2a/a134e13199e3/thumb/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/f3e/03245/17f2/4eed/be2a/a134e13199e3/thumb/7632.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/altopeanut514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:d400:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5e478cfc8a02406a1d4faa9ef917ed50aeda52efa3baa501357cf56c382e5db9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 01:53:09 GMT
via
1.1 d9bcd0a29e17b9290f8c9f1617335955.cloudfront.net (CloudFront)
last-modified
Thu, 19 Dec 2019 11:37:52 GMT
server
AmazonS3
age
40775
etag
"02d33c6d5bc713f16d9e0b7b0fc26e1c"
x-edge-origin-shield-skipped
0
x-amz-version-id
25yzLG.2J586UHmg8nUd41cjZTrh_bvg
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-type
image/jpeg
content-length
1866
x-amz-cf-id
5q2TE_7_bDf_CfFcJ0VWA5jbLIhmsyHdOAsQ3iCpaOrEJYFWXxilTQ==
184876.jpg
d16vsmxl4d5tw1.cloudfront.net/605/c0607/7eae/45db/924e/edfdf1389ae9/thumb/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/605/c0607/7eae/45db/924e/edfdf1389ae9/thumb/184876.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/altopeanut514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:d400:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7e05d93a1d37f503d61a6549642faf2b4d8088ce93651e6ce3f26e3a931db647

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 12:15:02 GMT
via
1.1 d9bcd0a29e17b9290f8c9f1617335955.cloudfront.net (CloudFront)
last-modified
Sat, 27 Apr 2019 14:12:27 GMT
server
AmazonS3
age
3462
etag
"d5496e7a7b1ad605f874f33e29237a5d"
x-edge-origin-shield-skipped
0
x-amz-version-id
2jrV.PothhyBGBWlEj7acWKnHgIFYHX0
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-type
image/jpeg
content-length
4161
x-amz-cf-id
TgFFpbwXIr0KLCpJDipKMNlddWLNlVwDwIuhUNv8_nqB5ysE7YZp_Q==
47538.jpg
dbq8hrmshvuto.cloudfront.net/eaf/fa9cc/39ea/4320/a855/357f93c1bbf4/thumb/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dbq8hrmshvuto.cloudfront.net/eaf/fa9cc/39ea/4320/a855/357f93c1bbf4/thumb/47538.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/altopeanut514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:4800:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df1a70cfdd7e2672bc7cce12b5bece1e6bbc6339d2b6a96c9b7d262c880f4b51

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
o0Wi1IA0nDqNX3rBO07hPxLdoZFsml9r
via
1.1 68b2682a924ac399aa2724b5b439e75d.cloudfront.net (CloudFront)
last-modified
Sun, 21 Jun 2020 15:43:04 GMT
server
AmazonS3
x-edge-origin-shield-skipped
0
etag
"54c33f9094ba6cb541aa47a925a43773"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-storage-class
REDUCED_REDUNDANCY
date
Sat, 25 Sep 2021 13:12:43 GMT
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-length
4587
x-amz-cf-id
EgLlXWAtwqC2dCuOmjF31pbTjr4i6rsOeSrf2PiWl1pj1fFh7qkd4Q==
64906.jpg
dbq8hrmshvuto.cloudfront.net/d20/7bc53/f62f/4b8f/849c/ba1469d62ec9/thumb/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dbq8hrmshvuto.cloudfront.net/d20/7bc53/f62f/4b8f/849c/ba1469d62ec9/thumb/64906.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/altopeanut514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:4800:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bc48ed93567fdd17b88530b500a6e8f04fc3060039be1f962c399e15c75c990c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 00:51:46 GMT
via
1.1 68b2682a924ac399aa2724b5b439e75d.cloudfront.net (CloudFront)
last-modified
Wed, 26 Feb 2020 10:31:52 GMT
server
AmazonS3
age
44458
etag
"aaf8ca758bd967290bcf5a6c0a98968b"
x-edge-origin-shield-skipped
0
x-amz-version-id
k6EswaRqCN_gwEYatrR1MHrIcuPnmnmy
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
image/jpeg
content-length
4074
x-amz-cf-id
riLFPkb7DJ8RWu-nImOihf7v_Wa57jAlVZ0EuQNPv1Yv9wY7bTWgqw==
884994.jpg
d16vsmxl4d5tw1.cloudfront.net/7be/d1c71/a1f6/4e63/9d24/92cc3e4ba69f/thumb/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/7be/d1c71/a1f6/4e63/9d24/92cc3e4ba69f/thumb/884994.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/altopeanut514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:d400:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2ae66a14d2719ef431b2a12c42371178f9106a06e2d77ca73aaf94c42708aba7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Wk5K6iOBzPZ7KR4rf._Lni0LeB7cXOxH
via
1.1 d9bcd0a29e17b9290f8c9f1617335955.cloudfront.net (CloudFront)
last-modified
Sat, 27 Jan 2018 07:25:25 GMT
server
AmazonS3
age
647
etag
"3c7c23a239c5ffae255390ba73062a46"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-storage-class
REDUCED_REDUNDANCY
date
Sat, 25 Sep 2021 13:01:57 GMT
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-length
4561
x-amz-cf-id
7jUjw3lEuIv5QTzZLsRYdUNgGYwlwmyZ8tQzf7mc9El2zAUqXrCFIA==
71114.jpg
dbq8hrmshvuto.cloudfront.net/fc0/e2cf8/f401/4f33/bba6/820fd01d8237/thumb/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dbq8hrmshvuto.cloudfront.net/fc0/e2cf8/f401/4f33/bba6/820fd01d8237/thumb/71114.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/altopeanut514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:4800:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
64c7407a3b9548eec5138fc967b065c1df48b277bf8436496c2bf871f8a4cef3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:44 GMT
via
1.1 68b2682a924ac399aa2724b5b439e75d.cloudfront.net (CloudFront)
last-modified
Thu, 13 Aug 2020 11:57:16 GMT
server
AmazonS3
x-edge-origin-shield-skipped
0
etag
"69071aefb0ff17cd495bf033dab800b5"
x-cache
Miss from cloudfront
x-amz-version-id
zwFW6tViqdZhgKZUNRcwq5AnBsbREbn0
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
image/jpeg
content-length
2240
x-amz-cf-id
Kgrk0emr1x9YoLvMm6AzOelyt1TuLMZ8BJb_VvaCF3-bN1TOUz2PCQ==
113477.jpg
d16vsmxl4d5tw1.cloudfront.net/b56/b1387/3894/49a2/9a0c/974b77880ffd/thumb/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/b56/b1387/3894/49a2/9a0c/974b77880ffd/thumb/113477.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/altopeanut514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:d400:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6bb357f0dfb332bb81d3cbd3854e2dd6173964ebd57892914a506f89db45176d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
ibfc6YHlVFWl5bWli6SmK4XMu_eTHzYo
via
1.1 d9bcd0a29e17b9290f8c9f1617335955.cloudfront.net (CloudFront)
last-modified
Sun, 21 Jul 2019 21:01:51 GMT
server
AmazonS3
age
402
etag
"4e66aef5358b4c3d35ead8009d8085fe"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-storage-class
REDUCED_REDUNDANCY
date
Sat, 25 Sep 2021 13:06:02 GMT
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-length
2266
x-amz-cf-id
mMPP8qQnvZ61EBZTPy6mKXy1_gxJn6olKkomTQFIZY_A_Cduv37jsg==
36050.jpg
d16vsmxl4d5tw1.cloudfront.net/ab1/4b9d5/a539/47e8/80cd/12a75ae2590e/thumb/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/ab1/4b9d5/a539/47e8/80cd/12a75ae2590e/thumb/36050.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/altopeanut514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:d400:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1afc2b50436db59bfc667a608d21b51d7865628c8e20dfb816648ea2bb702a93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 00:31:17 GMT
via
1.1 d9bcd0a29e17b9290f8c9f1617335955.cloudfront.net (CloudFront)
last-modified
Fri, 06 Sep 2019 01:10:20 GMT
server
AmazonS3
age
45687
etag
"2d9ccfdaceada951a29d95c2ba67cd7b"
x-edge-origin-shield-skipped
0
x-amz-version-id
S7OfKBXqJl.HFxrIg8rBpnhZiWsuqDqc
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-type
image/jpeg
content-length
3814
x-amz-cf-id
vF-StxpizVdqXefARxDXq2mwPu9cfoqOKWJj1cZgSVHYGGz6Wo8xPA==
183120.jpg
d16vsmxl4d5tw1.cloudfront.net/274/0f175/0e03/4a1a/a84d/e3eca3e6d987/thumb/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/274/0f175/0e03/4a1a/a84d/e3eca3e6d987/thumb/183120.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/altopeanut514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:d400:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
32d509af247e77213914f337d5aca5a56c0b7fcb3888821d4c2cfd68a7d2e851

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
6fTh103Gu0r1GUrMnfsKAM6nriSmUE29
via
1.1 d9bcd0a29e17b9290f8c9f1617335955.cloudfront.net (CloudFront)
last-modified
Tue, 25 Dec 2018 11:34:47 GMT
server
AmazonS3
age
29190
etag
"a9ec996da5207893cfa453ca6a142862"
x-edge-origin-shield-skipped
0
content-type
image/jpeg
x-amz-storage-class
REDUCED_REDUNDANCY
date
Sat, 25 Sep 2021 05:06:14 GMT
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-length
3351
x-amz-cf-id
UT-brK39OqPzjKeNzngmFyH8xaAJTti7rhgUk4dpjDSIkF0PoF9mJg==
371507.jpg
d16vsmxl4d5tw1.cloudfront.net/c8e/88fbb/9f38/4e12/a349/219fdf0ac40a/thumb/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/c8e/88fbb/9f38/4e12/a349/219fdf0ac40a/thumb/371507.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/altopeanut514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:d400:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f3552801b441666b9d584a2f7170a21117877d1b8127e4aed9ebb10e14be1ca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:08:09 GMT
via
1.1 d9bcd0a29e17b9290f8c9f1617335955.cloudfront.net (CloudFront)
last-modified
Tue, 15 May 2018 16:24:04 GMT
server
AmazonS3
age
275
etag
"c049d057813f99325f2a5358d9ac9d78"
x-edge-origin-shield-skipped
0
x-amz-version-id
fuNn6laZlSwFWXjwmE7.0qthSiPE6fZO
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-type
image/jpeg
content-length
5703
x-amz-cf-id
DwM2HylHphfZqQKr17DTi7cffbaJ93wqiC0cz528MHa909qeMMozfg==
533018.jpg
d16vsmxl4d5tw1.cloudfront.net/645/a300e/846b/4e30/b1f3/b454c40a3ced/thumb/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/645/a300e/846b/4e30/b1f3/b454c40a3ced/thumb/533018.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/altopeanut514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:d400:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ba6ea4d92a71a77082b60c3541215068fe83a64339a48725f91b5f7a44ca0650

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
eWpDH10zXJODQ_XVykXnGnk52zd1nmam
via
1.1 d9bcd0a29e17b9290f8c9f1617335955.cloudfront.net (CloudFront)
last-modified
Sat, 07 Jul 2018 22:05:26 GMT
server
AmazonS3
x-edge-origin-shield-skipped
0
etag
"845171f31f5be466e74d853dcc7d43ec"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-storage-class
REDUCED_REDUNDANCY
date
Sat, 25 Sep 2021 13:12:43 GMT
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-length
2223
x-amz-cf-id
n4RUQuQD8t28ehK0odXEBipIO_Jmr1euMM2SPuCnMOGFg4tZNtCiQw==
229167.jpg
d16vsmxl4d5tw1.cloudfront.net/cbf/d82e8/5ea1/439e/93a3/9ee856775cc5/thumb/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/cbf/d82e8/5ea1/439e/93a3/9ee856775cc5/thumb/229167.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/altopeanut514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:d400:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1749a7be158b3b2b580581409bfb965170d3d6bda8300e4e72798ffd0c520c98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 12:28:02 GMT
via
1.1 d9bcd0a29e17b9290f8c9f1617335955.cloudfront.net (CloudFront)
last-modified
Thu, 24 May 2018 21:35:34 GMT
server
AmazonS3
age
2682
etag
"56999983c8d99b2d215b721ddc72324a"
x-edge-origin-shield-skipped
0
x-amz-version-id
6UVw8Gy4YRE1PS49W6kfbRWtMZmfNQ1O
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-type
image/jpeg
content-length
4377
x-amz-cf-id
gfLv25JSXbflq-gkNl92jJjcgVcLlHtTNo_Z3kDtncIU3mWN3Kd1qg==
236402.jpg
d16vsmxl4d5tw1.cloudfront.net/f22/62e5f/ca02/4a93/bae4/3b82c8d174f1/thumb/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/f22/62e5f/ca02/4a93/bae4/3b82c8d174f1/thumb/236402.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/altopeanut514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:d400:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6ddb1c007f4d1d0158b68c9c17475e0e10e92ed653e2a802aaed0d9738b18476

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 02:43:14 GMT
via
1.1 d9bcd0a29e17b9290f8c9f1617335955.cloudfront.net (CloudFront)
last-modified
Wed, 10 Oct 2018 03:01:46 GMT
server
AmazonS3
age
37770
etag
"a264e96d22753b78fbe49f5bb6fd529b"
x-edge-origin-shield-skipped
0
x-amz-version-id
LNGhNoiyWZt8zSaVuQYFx8Lk5SAEOYbc
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-type
image/jpeg
content-length
4034
x-amz-cf-id
VHKIQNXs25sbDOVtAXIpzbTR99-PAZ1mHLIR2iqgO3u2zbhbi4nzrg==
32798.jpg
d16vsmxl4d5tw1.cloudfront.net/904/b4d92/5d52/41f2/b175/24edef009d5d/thumb/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/904/b4d92/5d52/41f2/b175/24edef009d5d/thumb/32798.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/altopeanut514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:d400:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2159cce3f11b76a8e92d490b1dfa6c5e7acd330eb75d44ff3dfbe9107229d81a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:08 GMT
via
1.1 d9bcd0a29e17b9290f8c9f1617335955.cloudfront.net (CloudFront)
last-modified
Sun, 01 Dec 2019 08:54:03 GMT
server
AmazonS3
age
36
etag
"681cf6db2fbc8f2d1402889d40d95790"
x-edge-origin-shield-skipped
0
x-amz-version-id
DtNT4tlZasu_2_CW63VjiWY6m2pIiV1b
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-type
image/jpeg
content-length
2374
x-amz-cf-id
CTdVvODRfiAUJkGqHbQEd2rXtaxtz7fdmFURBjgcSZ2ahqTOmG-3sQ==
640338.png
d16vsmxl4d5tw1.cloudfront.net/ab6/f98e2/5e73/400f/95de/9f15ed19731c/thumb/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/ab6/f98e2/5e73/400f/95de/9f15ed19731c/thumb/640338.png
Requested by
Host: ask.fm
URL: https://ask.fm/altopeanut514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:d400:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
314f77ceb6eeb867506034066927d975a3619c9decd8a952150949f822e1d6ff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
ZIZZ3EhCbdxqhI5.SHrLdwmUhhWBdQkg
via
1.1 d9bcd0a29e17b9290f8c9f1617335955.cloudfront.net (CloudFront)
last-modified
Tue, 29 May 2018 16:52:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
etag
"8f9c1b509ab5fafc1414256c22a314a0"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-storage-class
REDUCED_REDUNDANCY
date
Sat, 25 Sep 2021 13:12:43 GMT
accept-ranges
bytes
content-length
6809
x-amz-cf-id
fR9YcuyT-RnxpapLVUWmXbrkgcbBPVKCyVpROkmFYDx2v05xK5mf0w==
593866.jpg
d16vsmxl4d5tw1.cloudfront.net/5af/43bec/d285/40a2/813e/64eda8be8313/thumb/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/5af/43bec/d285/40a2/813e/64eda8be8313/thumb/593866.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/altopeanut514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:d400:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
99de1d50a2476ef2e1ccd8f8ea6102fbb9bccfba323d5cf6e2e8e2b49382b0c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 11:34:48 GMT
via
1.1 d9bcd0a29e17b9290f8c9f1617335955.cloudfront.net (CloudFront)
last-modified
Wed, 11 Jul 2018 14:42:53 GMT
server
AmazonS3
age
5876
etag
"e5d7801daa3aebd961d03c372d3c5dba"
x-edge-origin-shield-skipped
0
x-amz-version-id
avhXXdaAwwJUtLHQojXeOljS9lSPvuMZ
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-type
image/jpeg
content-length
2113
x-amz-cf-id
qNAqnwDqDcY1hne8yswbqbRMEgp2Z2Yk6JUTdEXHrnwvi0nb5-qLUw==
71108.jpg
dbq8hrmshvuto.cloudfront.net/b1f/3257d/81d1/492c/9dc6/35081147070e/thumb/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dbq8hrmshvuto.cloudfront.net/b1f/3257d/81d1/492c/9dc6/35081147070e/thumb/71108.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/altopeanut514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:4800:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b83d2ea80784c796b721c442b1a443b6c4a44a483bec7d9559c52e9e295a260c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:01:57 GMT
via
1.1 68b2682a924ac399aa2724b5b439e75d.cloudfront.net (CloudFront)
last-modified
Fri, 29 May 2020 23:46:28 GMT
server
AmazonS3
age
647
etag
"59707865aa09fc2a7584d380e645855a"
x-edge-origin-shield-skipped
0
x-amz-version-id
Xz0DXuQ.45PJ0XJ1hS.CtpUhRT_sxjPQ
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
image/jpeg
content-length
2745
x-amz-cf-id
Yt1fYOqhrsVU9QUKSG53xCFxrMXGhGC_Cy7bEIX2Gm7SgT1ig-I_YA==
175011.jpg
d16vsmxl4d5tw1.cloudfront.net/5a3/c0377/6b52/49ac/abcb/8cbc9343ed0b/thumb/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/5a3/c0377/6b52/49ac/abcb/8cbc9343ed0b/thumb/175011.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/altopeanut514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:d400:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
55f985c3d95828387a6f6b849967cca181390bee6da483faa8ee301b871c5e0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 06:55:37 GMT
via
1.1 d9bcd0a29e17b9290f8c9f1617335955.cloudfront.net (CloudFront)
last-modified
Sat, 06 Oct 2018 03:43:55 GMT
server
AmazonS3
age
22627
etag
"837a905a23558cedfee11dee000ff9a8"
x-edge-origin-shield-skipped
0
x-amz-version-id
pdqJno_2IbWIyO6v9TIe8izcLG.JzuZq
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-type
image/jpeg
content-length
2336
x-amz-cf-id
Zlei-veFjtFsgEMq3S5qaSZdAm8A7uCK7qUCVA2ubi-fgGB0t82qnQ==
fontello-6de8dcc952e62df3b6c6537122b71ee61f92674b1ae412f27efae801f9d65884.woff2
d3r6ceqp4shltl.cloudfront.net/assets/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3r6ceqp4shltl.cloudfront.net/assets/fontello-6de8dcc952e62df3b6c6537122b71ee61f92674b1ae412f27efae801f9d65884.woff2
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-e431b1b76f357244f36acf55909bf2867bff80742139afe7b2313cff66aa5d39.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:3a00:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-e431b1b76f357244f36acf55909bf2867bff80742139afe7b2313cff66aa5d39.css
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:34:09 GMT
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
age
1298314
x-cache
Hit from cloudfront
access-control-max-age
3000
content-length
17880
last-modified
Fri, 10 Sep 2021 12:31:15 GMT
server
Ask.FM Web Service
etag
"613b5013-45d8"
strict-transport-security
max-age=63072000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
https://ask.fm
cache-control
public, max-age=315360000, immutable
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
x-amz-cf-id
jeB9FyK8wU5nnPRHqb7KIqDbCGeISTrHWGtTRW0R4jlAJQS3XPExHA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
proximanova-semibold-a2a83f94ebfbd8389d8941dd31fce0d6de92ab5054d892a53d3cf495980ce7de.woff2
d3r6ceqp4shltl.cloudfront.net/assets/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3r6ceqp4shltl.cloudfront.net/assets/proximanova-semibold-a2a83f94ebfbd8389d8941dd31fce0d6de92ab5054d892a53d3cf495980ce7de.woff2
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-e431b1b76f357244f36acf55909bf2867bff80742139afe7b2313cff66aa5d39.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:3a00:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-e431b1b76f357244f36acf55909bf2867bff80742139afe7b2313cff66aa5d39.css
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:34:09 GMT
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
age
1298314
x-cache
Hit from cloudfront
access-control-max-age
3000
content-length
25400
last-modified
Fri, 10 Sep 2021 12:31:22 GMT
server
Ask.FM Web Service
etag
"613b501a-6338"
strict-transport-security
max-age=63072000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
https://ask.fm
cache-control
public, max-age=315360000, immutable
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
x-amz-cf-id
Y8aKw8RziAFd445mUZPDzf30ZFQ-0UvEL1E28X9BLbimFb4pFXsa2A==
expires
Thu, 31 Dec 2037 23:55:55 GMT
proximanovareg-160969822c078cfce7f0e80a45d30a168b9e4b202f5c2480a520bd09e47df7de.woff2
d3r6ceqp4shltl.cloudfront.net/assets/ 		51 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3r6ceqp4shltl.cloudfront.net/assets/proximanovareg-160969822c078cfce7f0e80a45d30a168b9e4b202f5c2480a520bd09e47df7de.woff2
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-e431b1b76f357244f36acf55909bf2867bff80742139afe7b2313cff66aa5d39.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:3a00:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-e431b1b76f357244f36acf55909bf2867bff80742139afe7b2313cff66aa5d39.css
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:34:09 GMT
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
age
1298314
x-cache
Hit from cloudfront
access-control-max-age
3000
content-length
52204
last-modified
Fri, 10 Sep 2021 12:31:15 GMT
server
Ask.FM Web Service
etag
"613b5013-cbec"
strict-transport-security
max-age=63072000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
https://ask.fm
cache-control
public, max-age=315360000, immutable
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
x-amz-cf-id
-2Y82DlDvd6BmXPmc-yQ8YkFyNhrnBB8E2tj5CsVnYCfpqVSnJ31bA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
skeleton.gif
static.adsafeprotected.com/ 		43 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif
Requested by
Host: ask.fm
URL: https://ask.fm/altopeanut514
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.141.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-141-213.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:43 GMT
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
nginx/1.16.1
age
16116046
etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-cache-status
HIT
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
content-length
43
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9407.Knz4Q14aRujl8xqCW9eruJ3-kfgu8aOD-EwRcBl18iUgMijaREvdlpBOCS9WAWCE.JsNvVR6i_4fiWk6jtJjtSZc-cvs%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9407.d8J2rl4FBnTh7UFITl6Hy1RnKFf1dwPFqXrhB_4fcLWuRtxveJR0wLq6iv-KNtEbfZqfLdbHkXuJbSj2O1W68Q%2C%2C.wuZvn-hM2858jslVTn06-NrkBJs%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9407.d8J2rl4FBnTh7UFITl6Hy1RnKFf1dwPFqXrhB_4fcLWuRtxveJR0wLq6iv-KNtEbfZqfLdbHkXuJbSj2O1W68Q%2C%2C.wuZvn-hM2858jslVTn06-NrkBJs%2C
Requested by
Host: ask.fm
URL: https://ask.fm/altopeanut514
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:43 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9407.d8J2rl4FBnTh7UFITl6Hy1RnKFf1dwPFqXrhB_4fcLWuRtxveJR0wLq6iv-KNtEbfZqfLdbHkXuJbSj2O1W68Q%2C%2C.wuZvn-hM2858jslVTn06-NrkBJs%2C
date
Sat, 25 Sep 2021 13:12:43 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: ask.fm
URL: https://ask.fm/altopeanut514
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:43 GMT
last-modified
Sat, 25 Sep 2021 10:27:39 GMT
etag
"614ecf6b-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sat, 25 Sep 2021 14:12:43 GMT
1
mc.yandex.com/watch/48953915/
Redirect Chain
  • https://mc.yandex.com/watch/48953915?wmode=7&page-url=https%3A%2F%2Fask.fm%2Faltopeanut514&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A1010%3Afu%3A0%3Aen%3Autf-8%...
  • https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Faltopeanut514&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A1010%3Afu%3A0%3Aen%3Autf-...
383 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Faltopeanut514&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A1010%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A1424243023836%3Ahid%3A795551383%3Az%3A0%3Ai%3A20210925131243%3Aet%3A1632575563%3Ac%3A1%3Arn%3A712893797%3Arqn%3A1%3Au%3A1632575563880604643%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1632575562046%3Ads%3A13%2C300%2C154%2C91%2C0%2C0%2C%2C124%2C6%2C%2C%2C%2C927%3Adsn%3A13%2C300%2C154%2C91%2C0%2C0%2C%2C366%2C6%2C%2C%2C%2C927%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1632575563%3At%3AAccount%20Suspended%20-%20Ask.fm
Requested by
Host: ask.fm
URL: https://ask.fm/altopeanut514
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
04a5c3929b45f8cfac7fb2fb1da040c0025cc14c915d06998341df2478a0d3b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:43 GMT
x-content-type-options
nosniff
last-modified
Sat, 25-Sep-2021 13:12:43 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
383
x-xss-protection
1; mode=block
expires
Sat, 25-Sep-2021 13:12:43 GMT

Redirect headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:43 GMT
last-modified
Sat, 25-Sep-2021 13:12:43 GMT
location
/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Faltopeanut514&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A1010%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A1424243023836%3Ahid%3A795551383%3Az%3A0%3Ai%3A20210925131243%3Aet%3A1632575563%3Ac%3A1%3Arn%3A712893797%3Arqn%3A1%3Au%3A1632575563880604643%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1632575562046%3Ads%3A13%2C300%2C154%2C91%2C0%2C0%2C%2C124%2C6%2C%2C%2C%2C927%3Adsn%3A13%2C300%2C154%2C91%2C0%2C0%2C%2C366%2C6%2C%2C%2C%2C927%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1632575563%3At%3AAccount%20Suspended%20-%20Ask.fm
strict-transport-security
max-age=31536000
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sat, 25-Sep-2021 13:12:43 GMT
formats.js
ad.lkqd.net/vpaid/ Frame 7F61 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: ask.fm
URL: https://ask.fm/altopeanut514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:43 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1632575563.cds167.fr8.hn,1632575563.cds289.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
formats.js
ad.lkqd.net/vpaid/ Frame 2380 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: ask.fm
URL: https://ask.fm/altopeanut514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:43 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1632575563.cds167.fr8.hn,1632575563.cds289.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
cookie
a.vidoomy.com/api/rtbserver/ Frame 47BC
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
  • https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
43 B
290 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Requested by
Host: ask.fm
URL: https://ask.fm/altopeanut514
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.68.1.119 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-68-1-119.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

:method
GET
:authority
a.vidoomy.com
:scheme
https
:path
/api/rtbserver/cookie?i=CEN&uid=no-consent
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ask.fm/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

date
Sat, 25 Sep 2021 13:12:43 GMT
content-type
image/gif
content-length
43
content-encoding
none
set-cookie
vidoomy-uids=eyJ1aWRzIjp7IkNFTiI6eyJ1aWQiOiJuby1jb25zZW50IiwiZXhwaXJlcyI6MTYzNTE2NzU2M319fQ==; Path=/; Domain=vidoomy.com; Expires=Sun, 25 Sep 2022 13:12:43 GMT; Secure; SameSite=None
vary
Origin

Redirect headers

cache-control
max-age=0,no-cache,no-store
pragma
no-cache
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
content-length
0
date
Sat, 25 Sep 2021 13:12:42 GMT
server
AC1.1
sync
odr.mookie1.com/t/v2/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=983210265.31752251653087263.7353657
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=983210265.31752251653087263.7353657
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=6cb7c9dc-c4fa-434e-886d-1c7105398e76&ssp=vidoomy&gdpr=&gdpr_consent=
43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=6cb7c9dc-c4fa-434e-886d-1c7105398e76&ssp=vidoomy&gdpr=&gdpr_consent=
Requested by
Host: ask.fm
URL: https://ask.fm/altopeanut514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:43 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=6cb7c9dc-c4fa-434e-886d-1c7105398e76&ssp=vidoomy&gdpr=&gdpr_consent=
date
Sat, 25 Sep 2021 13:12:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://sync.1rx.io/usersync2/vidoomy?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1251127362
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1251127362
  • https://sync.1rx.io/usersync/tradedesk/2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9
  • https://sync.targeting.unrulymedia.com/csync/RX-c91a1d0f-81a0-4258-a831-9ecf1e8e2183-003?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3DRX-c91a1d0f-81a0-4258-a831-9ec...
  • https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=RX-c91a1d0f-81a0-4258-a831-9ecf1e8e2183-003
43 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=RX-c91a1d0f-81a0-4258-a831-9ecf1e8e2183-003
Requested by
Host: ask.fm
URL: https://ask.fm/altopeanut514
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.68.1.119 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-68-1-119.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:43 GMT
content-encoding
none
content-length
43
vary
Origin
content-type
image/gif

Redirect headers

location
https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=RX-c91a1d0f-81a0-4258-a831-9ecf1e8e2183-003
date
Sat, 25 Sep 2021 13:12:43 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXc91a1d0f81a04258a8319ecf1e8e2183003
content-type
text/html
auto-user-sync
ads.stickyadstv.com/ 		43 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/auto-user-sync
Requested by
Host: ask.fm
URL: https://ask.fm/altopeanut514
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:43 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1632575563398092-380
Expires
Sat, 25 Sep 2021 13:12:43 GMT
usync.html
ad.lkqd.net/cookie-sync/ Frame 14DB 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 25 Sep 2021 13:12:43 GMT
content-encoding
gzip
content-length
1868
content-type
text/html
last-modified
Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges
bytes
etag
"81f08e6987a7c8675462207e3514d72e"
cache-control
public, max-age=1209600
x-hw
1632575563.cds167.fr8.hn,1632575563.cds226.fr8.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 7F61 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=51381466&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.143 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
adbc9685db0316498266b865741db1abdf081c46302e93cd65c92dd641cff408

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:43 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1359
usync.html
ad.lkqd.net/cookie-sync/ Frame 3CA4 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 25 Sep 2021 13:12:43 GMT
content-encoding
gzip
content-length
1868
content-type
text/html
last-modified
Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges
bytes
etag
"81f08e6987a7c8675462207e3514d72e"
cache-control
public, max-age=1209600
x-hw
1632575563.cds167.fr8.hn,1632575563.cds226.fr8.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 2380 		180 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148643&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=36176361&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.143 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:44 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
150
cs
cs.lkqd.net/ Frame 14DB 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:43 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 14DB 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:43 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 14DB 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:43 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 14DB 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:43 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 14DB
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7324640424251641362
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7324640424251641362
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:43 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7324640424251641362
pragma
no-cache
date
Sat, 25 Sep 2021 13:12:43 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame 3CA4 		43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:43 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 3CA4 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:43 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 3CA4 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:43 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 3CA4 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:43 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 3CA4
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7252582830213713426
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7252582830213713426
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:43 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7252582830213713426
pragma
no-cache
date
Sat, 25 Sep 2021 13:12:43 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 25 Sep 2021 13:12:44 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame 5D0D 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 25 Sep 2021 13:12:44 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid.js
ad.lkqd.net/vpaid/ Frame 66E0 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:43 GMT
content-encoding
gzip
last-modified
Mon, 10 May 2021 16:09:54 GMT
etag
"18431b5d583ab7507824ab63424fc76a"
x-hw
1632575563.cds167.fr8.hn,1632575563.cds107.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62012
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-f82948a8cf5896011175c1fbf42c5b3ad45aaa9cfae7d60fa0f42812eb0e410e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
07d140e4095dbf0e94f48de1afe2802a5ca80294391021e5eb3d179008e3c154
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
oO5OUPq1ZhwG8IADmnEJDQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1686
x-fb-rlafr
0
x-fb-debug
jzFmhSF8dsc/EwHwIFK6H+4UoV7/0jz+zuEP9pt9QoyFDia6ln/ZXKFImGEPb3D55X2kmeh4/XiltKPBozcj7Q==
x-fb-trip-id
2050670934
x-fb-content-md5
a38e74786143de152001cd4d886b27a7
x-frame-options
DENY
date
Sat, 25 Sep 2021 13:12:43 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"e619631083b3085935bfa495a10c317a"
timing-allow-origin
*
expires
Sat, 25 Sep 2021 13:22:03 GMT
gtm.js
www.googletagmanager.com/ 		101 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NDJVZHZ
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-f82948a8cf5896011175c1fbf42c5b3ad45aaa9cfae7d60fa0f42812eb0e410e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1bc00bb1c55ec57faf9147bc31e205478a39ff0f5c4077ea8e61cbddbb1b7c99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:43 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40251
x-xss-protection
0
last-modified
Sat, 25 Sep 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 25 Sep 2021 13:12:43 GMT
3eb3366e-65c3-4a24-90f5-0026136a4131.min.js
cmp.optad360.io/items/ 		2 B
360 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.optad360.io/items/3eb3366e-65c3-4a24-90f5-0026136a4131.min.js
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-f82948a8cf5896011175c1fbf42c5b3ad45aaa9cfae7d60fa0f42812eb0e410e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:800:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:11:27 GMT
via
1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
last-modified
Wed, 28 Apr 2021 09:49:58 GMT
server
AmazonS3
age
77
etag
"99914b932bd37a50b983c5e7c90ae93b"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
2
x-amz-cf-id
z4XUs48zlAe1eiHc4Gx17eQPyJFSIu3L2RYwZHXEeO4rbacC5TmLGg==
plugin.min.js
get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/ 		276 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-f82948a8cf5896011175c1fbf42c5b3ad45aaa9cfae7d60fa0f42812eb0e410e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:c200:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0a76103406e7e58113441df8f2771a0f85544abb8f4abbf2ada5639b7326b659

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 12:37:43 GMT
content-encoding
gzip
last-modified
Wed, 15 Sep 2021 14:22:28 GMT
server
AmazonS3
age
2101
etag
W/"4074a1126a14c337156303ffa83e7e61"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
mZsNOFNprAP9OlgKdfVdeDipPzBjWSxTTkOJ2b-QcldP_fJ0CA3U9A==
v2xskCjuMasRbnoJ1BgR9c9x4LGVn06Pn48-bhucbeiInBbRxaWi0rmzduHJHLDZYkLUPgvjdFQsWN1MS0w
colossalcoat.com/ 		216 B
607 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://colossalcoat.com/v2xskCjuMasRbnoJ1BgR9c9x4LGVn06Pn48-bhucbeiInBbRxaWi0rmzduHJHLDZYkLUPgvjdFQsWN1MS0w
Requested by
Host: colossalcoat.com
URL: https://colossalcoat.com/v2doydDDr7mj6NrgHnAK5ak-qxBmJSRZTUAYuHM-2FpCgUsDt2NNH9aFlN0Jtm2lc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
133.96.201.35.bc.googleusercontent.com
Software
/
Resource Hash
c554bac50b53c2727fba8263520eefa48b3cd84500878309dd5d24f7ada47bb1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Sat, 25 Sep 2021 13:12:43 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
a26589ac
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
216
expires
Sat, 25 Sep 2021 13:12:42 GMT
Cookie set jsperf
ask.fm/track/ 		0
941 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ask.fm/track/jsperf?dns=13&tcp=300&tfb=470&req=245&dom=1014&all=1828&pid=profile%2Fanswers
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-f82948a8cf5896011175c1fbf42c5b3ad45aaa9cfae7d60fa0f42812eb0e410e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.138.77.146 , Latvia, ASN395754 (ASK-FM, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
locale=de; uuid=7212ab51-33a2-454e-ab85-3fd71008cf91; country=DE; _m_ask_fm_session=cWduMENQTWxMdHU3M2c2czhKcS9xQmcwYXloTlpSSDJFRTNKbE56SnovOGJ4Z20wSlBmbnp2QlNWVEFQQjR5WjJQTlVMenZDUWRkSlliV1dQYXdmcTlNTTVvMDlIYVB5WDlVK0xsYlhkTXh2YlBSREx0U3psN3gzOFJ1NHViNkxibFhEL3R4UU1URWNzbEZ3WHZwUUZWYnAxSDNxa2hTY3ViWXNDSW5kMTJtWjdxSDFPamJlV1NjZjZJNExHVStNNnBqWFdLM0NRQzhuWVkxVDVPdFhDWVVyZjFmaWZCbURxenE2anc1NFpEUjZmdlJMQXFmZ1c3SjloQ1FjaDhxNy0teFY3MEFFQmlnc0RvSjN6aGhmMEdGdz09--354bae6579a140679f0e706855f9d1adacf67641; _ym_uid=1632575563880604643; _ym_d=1632575563; _ym_isad=2; _ym_visorc=w
Connection
keep-alive
Referer
https://ask.fm/altopeanut514
Accept
*/*
Referer
https://ask.fm/altopeanut514
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 13:12:43 GMT
X-Content-Type-Options
nosniff
Server
Ask.FM Web Service
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=63072000
Status
204 No Content
Cache-Control
no-cache
Content-Security-Policy
frame-ancestors 'self' https://askfm.adspirit.de
Set-Cookie
locale=de; path=/; expires=Sun, 25 Sep 2022 19:12:43 GMT _m_ask_fm_session=V3l3VDJMT1BZdGIrcDEvek5ob2lldHVmemRNazNnMXhnZDRxMERZakFaNVh5Mk1za0JMQUo0bi9wRTRPcFRkbE51MW9kQlFxY0w3K0k2RVNob1RjamdtSFBRZlJZVlJFTG8zYzRHeTNqVVQ2S05VUGhjbkdRVnpMbHpTUmNDclpXQzFWQm5LMmxMalJvUUFPclZmSXNXbXZNVWt2V0ZEUWRxZHBUWU5BUEFBTERTL0VDcVNvT285b1BqQXF1WmJubFQra3lMaVFqTUVTOTZUQmhOelFScDJ3bmRERXcwcmszVVBuOVlNRUxNMVdOd0E1NEFORE92T0U3alovb05sSS0tVDhpL2xmUVVEOW50OVFkKzl5NXdFdz09--a0ecb5fba6d58205f4447c21fd3bdc222325994a; path=/; expires=Tue, 28 Sep 2021 13:12:43 GMT; secure; HttpOnly
X-XSS-Protection
1; mode=block
usync.html
ad.lkqd.net/cookie-sync/ Frame D714 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 25 Sep 2021 13:12:43 GMT
content-encoding
gzip
content-length
1868
content-type
text/html
last-modified
Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges
bytes
etag
"81f08e6987a7c8675462207e3514d72e"
cache-control
public, max-age=1209600
x-hw
1632575563.cds167.fr8.hn,1632575563.cds226.fr8.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=51381466&m=&rtv=1&thost=ask.fm
Protocol
H2
Server
146.20.132.143 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 25 Sep 2021 13:12:44 GMT
content-length
0
access-control-allow-origin
https://ask.fm
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
ad
v.lkqd.net/ Frame 66E0 		114 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=51381466&m=&rtv=1&thost=ask.fm
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.143 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
c325f1778c0ee3e96d486ec7f8a42be00abcbc8021ab2f3895cb9e3e32b3baa1

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 25 Sep 2021 13:12:44 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
7550
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sdk.js
connect.facebook.net/en_US/ 		268 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=e9c733e27e5e709e24760e5da743125e
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a08aba11eb61d250c65f1ce34b25789f47e322460a0ba713c42b6ba2748610e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
tFGe9eKnuCynJWM1CCxdpA==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
77570
x-fb-rlafr
0
x-fb-debug
lr+iVb6/4MUr+EEOcQS5mnUyOn2B5MS6HUV7011deNTeXIqOE8AUALtVlkPSeg61lx39Tal1ICDYo1S6ae+7JQ==
x-fb-trip-id
917726464
x-fb-content-md5
2bf1989755be80c7b43d84979fb48c3c
x-frame-options
DENY
date
Sat, 25 Sep 2021 13:12:43 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"9e174a0c68648f9054e61c0f63c79a99"
timing-allow-origin
*
priority
u=5,i
expires
Sun, 25 Sep 2022 12:41:05 GMT
v2hrs5PPZ2DPDI2Wa3BlYY13aLPczqAUbo7H7fH46Xz22cvWVXbNQtTrmhItTeNcs7RDCwkuoNBBCOEy6PQ
colossalcoat.com/ 		3 B
36 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://colossalcoat.com/v2hrs5PPZ2DPDI2Wa3BlYY13aLPczqAUbo7H7fH46Xz22cvWVXbNQtTrmhItTeNcs7RDCwkuoNBBCOEy6PQ
Requested by
Host: colossalcoat.com
URL: https://colossalcoat.com/v2doydDDr7mj6NrgHnAK5ak-qxBmJSRZTUAYuHM-2FpCgUsDt2NNH9aFlN0Jtm2lc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
133.96.201.35.bc.googleusercontent.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Sat, 25 Sep 2021 13:12:43 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
access-control-allow-credentials
true
x-hostname
a26589ac
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
3
cs
cs.lkqd.net/ Frame D714 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:43 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame D714 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:43 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame D714 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:43 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame D714 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:43 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame D714
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7252582830213713426
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7252582830213713426
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:43 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7252582830213713426
pragma
no-cache
date
Sat, 25 Sep 2021 13:12:43 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDJVZHZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
1243
date
Sat, 25 Sep 2021 12:52:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sat, 25 Sep 2021 14:52:00 GMT
/
www.facebook.com/tr/ 		44 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=129215213762342&ev=fb_page_view&dl=https%3A%2F%2Fask.fm%2Faltopeanut514&rl=&if=false&ts=1632575564035&sw=1600&sh=1200&at=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:44 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 25 Sep 2021 13:12:44 GMT
collect
www.google-analytics.com/j/ 		2 B
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=562247704&t=pageview&_s=1&dl=https%3A%2F%2Fask.fm%2Faltopeanut514&ul=en-us&de=UTF-8&dt=Account%20Suspended%20-%20Ask.fm&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=721874539&gjid=397134650&cid=439242087.1632575564&tid=UA-12308109-15&_gid=933855381.1632575564&_r=1&gtm=2wg9m0NDJVZHZ&z=1052157053
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-12308109-15&cid=439242087.1632575564&jid=721874539&gjid=397134650&_gid=933855381.1632575564&_u=YEBAAEAAAAAAAC~&z=1515877069
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 25 Sep 2021 13:12:44 GMT
content-type
text/plain
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 25 Sep 2021 13:12:44 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame 4156 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 25 Sep 2021 13:12:44 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 9CFD 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 25 Sep 2021 13:12:44 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 25 Sep 2021 13:12:44 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
prebid4.39.0.js
get.optad360.io/sf/ 		492 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/prebid4.39.0.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:c200:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
86a90b183aecfa70018125329bdc860971b2f20123c0f40e68bac0a1dcb58645

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 23:09:47 GMT
content-encoding
gzip
last-modified
Thu, 13 May 2021 10:44:35 GMT
server
AmazonS3
age
1519377
etag
W/"e020700f5effdce1f4be56434553da72"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
cache-control
public, max-age=360000000
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
TUHxs7llIHNStYRXhyfl-hyNkvgvtVWwowXGLaqqVilBUBYkE4p5NA==
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1&lsw=1
Protocol
H2
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://ask.fm
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1625
date
Sat, 25 Sep 2021 13:12:43 GMT
content-encoding
gzip
vary
Accept-Encoding
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210925
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8d766a9a8cba29e030ed823e1cb7797fe855542c31cfa6e8786738cc4ee9172c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
35034
x-jsd-version
1.0.1110
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
952
etag
W/"695-HhUJ4couHeu7Ei08//CtsL9+X8c"
x-served-by
cache-fra19125-FRA
x-jsd-version-type
version
date
Sat, 25 Sep 2021 13:12:44 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
localstore.js
script.4dex.io/ 		483 B
718 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:44 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 24 Sep 2021 13:44:43 GMT
server
cloudflare
age
6
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
6944817c48bbd709-FRA
x-amz-request-id
2T3ADNM0NA6XVJTY
x-amz-id-2
jfJxyshidfcTxFueSvcRLpZDL5svkJH7V5xVWWKPLBAqwrRRvGkDD6FTjU7Ytu9bd2Xme4HjNt4=
expires
Sat, 25 Sep 2021 13:42:44 GMT
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=OjwDIHx0S0taazlFU0lCWjkxcEdpMDlzc1NYN2VtS2Jub3ZpYzdQOTJxNFZ0UWNndnp6VndpNEQ5ZksxS01jbmsxcU9FdWExYVFMOXBvVlZzVzdDWkxDSlRYRGVIZjQ5d3JWQ3NiMFZKL2JQYnlBL3hGazdDUVR6T0JpTm...
320 B
583 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=OjwDIHx0S0taazlFU0lCWjkxcEdpMDlzc1NYN2VtS2Jub3ZpYzdQOTJxNFZ0UWNndnp6VndpNEQ5ZksxS01jbmsxcU9FdWExYVFMOXBvVlZzVzdDWkxDSlRYRGVIZjQ5d3JWQ3NiMFZKL2JQYnlBL3hGazdDUVR6T0JpTmJKRHgybU5FcHlMYjRhSFZKaE5LTlY3dTV2L2U4Nk51S1ExOWNUV0EwNTNPTWdRMG9INFN2VjhWWTZoZWZySjVIbXc1VkF2bTZSempuRnR6K2Y4c1d3QUhUWWxGRnpGQW5EcFo3OUVPem9pWi9ia2xBNjRzPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
33ad61b981423855627cbdbb04d5af871f33b2ab236b4a83677af032f3ab4988
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sat, 25 Sep 2021 13:12:44 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1813
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 25 Sep 2021 13:12:43 GMT
location
https://mug.criteo.com/sid?cpp=OjwDIHx0S0taazlFU0lCWjkxcEdpMDlzc1NYN2VtS2Jub3ZpYzdQOTJxNFZ0UWNndnp6VndpNEQ5ZksxS01jbmsxcU9FdWExYVFMOXBvVlZzVzdDWkxDSlRYRGVIZjQ5d3JWQ3NiMFZKL2JQYnlBL3hGazdDUVR6T0JpTmJKRHgybU5FcHlMYjRhSFZKaE5LTlY3dTV2L2U4Nk51S1ExOWNUV0EwNTNPTWdRMG9INFN2VjhWWTZoZWZySjVIbXc1VkF2bTZSempuRnR6K2Y4c1d3QUhUWWxGRnpGQW5EcFo3OUVPem9pWi9ia2xBNjRzPXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1802
content-length
482
expires
0
c
prebid.a-mo.net/a/ 		861 B
779 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
4e7319f8ff0f923e2ce6a2f45f74e44bbf0dfadea838622f297f2af25d9999e9

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 25 Sep 2021 13:12:43 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
55
content-length
355
prebid-request
onetag-sys.com/ 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://ask.fm
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
adjson
ads.betweendigital.com/ 		2 B
902 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ 		19 B
688 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:44 GMT
X-Proxy-Origin
91.199.118.76; 91.199.118.76; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
a7da0f0b-bca8-4a0e-b17d-d27830dab576
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
688 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:44 GMT
X-Proxy-Origin
91.199.118.76; 91.199.118.76; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
54cf3e49-d204-415d-a97b-2c378ad9d700
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
apacdex
useast.quantumdex.io/auction/ 		0
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 25 Sep 2021 13:12:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://ask.fm
access-control-allow-credentials
true
cf-ray
6944817c6c4a4e56-FRA
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
f5daebcd751b921440ab5818108ea8c2cbc3e54e7591be583271e54c2725cf5f

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:43 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
4%3b15%3b77
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://ask.fm
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
v2
i.connectad.io/api/ 		0
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 25 Sep 2021 13:12:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://ask.fm
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
6944817c6cda0601-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
adx.adform.net/adx/ 		5 B
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTg2NTI1MyZ0cmFuc2FjdGlvbklkPWNiZjRhOTE0LWVlM2ItNDE4MC04ZTUyLTU1MWQ2OTQzMDI4ZiZyY3VyPVBMTg%3D%3D&pt=gross&stid=76027130-49e7-4f50-a063-eb552ccbb612&gdpr=0&gdpr_consent=undefined&fd=1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:44 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
cygnus
htlb.casalemedia.com/ 		25 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=425272&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22197375721ce4444%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fask.fm%2Faltopeanut514%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.39.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A2%2C%22msi%22%3A2%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22207f56309469d5e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22207f56309469d5e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22750x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A750%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22207f56309469d5e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
93cff6995d60ec3d36611f197cbf8bdcde74aa2e62d6091fe877d0e5055346c8

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:44 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.76], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ask.fm
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
43
x-ak-client-geo
12
expires
Sat, 25 Sep 2021 13:12:44 GMT
adagio.js
script.4dex.io/ 		71 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dce90c8d06a68d557afc87d1783527292438bda3950121393107dcb663dae07

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:44 GMT
content-encoding
gzip
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
age
84282
x-amz-request-id
CNRGFM9Z8PRR9JBY
x-amz-id-2
n7qrxCVm49XhOvATybVxMFIY7ETqYAXMxDKOkZyeDkmWK3DBJkDcX/kHr6yqtx8RrHbm/n8pP0M=
last-modified
Fri, 24 Sep 2021 13:44:41 GMT
server
cloudflare
etag
W/"6cbe4a566109f9ab6c378764f4c5ba22"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
cf-ray
6944817c8a1c5c56-FRA
expires
Sat, 25 Sep 2021 13:42:44 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=OjwDIHx0S0taazlFU0lCWjkxcEdpMDlzc1NYN2VtS2Jub3ZpYzdQOTJxNFZ0UWNndnp6VndpNEQ5ZksxS01jbmsxcU9FdWExYVFMOXBvVlZzVzdDWkxDSlRYRGVIZjQ5d3JWQ3NiMFZKL2JQYnlBL3hGazdDUVR6T0JpTmJKRHgybU5FcHlMYjRhSFZKaE5LTlY3dTV2L2U4Nk51S1ExOWNUV0EwNTNPTWdRMG9INFN2VjhWWTZoZWZySjVIbXc1VkF2bTZSempuRnR6K2Y4c1d3QUhUWWxGRnpGQW5EcFo3OUVPem9pWi9ia2xBNjRzPXw&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
964
date
Sat, 25 Sep 2021 13:12:44 GMT
content-encoding
gzip
vary
Accept-Encoding
/
adx.adform.net/adx/ 		65 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fask.fm%2Faltopeanut514
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:45 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fask.fm%2Faltopeanut514&cb=1325996002&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C2225618525224100008109147015,,
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fask.fm%2Faltopeanut514&cb=1325996002&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C22256185252241000081091470...
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
0
0
218945
search.spotxchange.com/vast/2.0/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=https%3A%2F%2Fask.fm%2Faltopeanut514&cb=1448637084&player_width=400&player_height=225&regs[gdpr]=0&user[consent]=&device[geo][lat]=&device[geo][lon]=&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C2225618525224100008574259597%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 13:12:45 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000325
X-SpotX-Timing-SpotMarket
0.011528
X-SpotX-Timing-Page-Mux
0.000346
X-SpotX-Timing-Page-Require
0.000704
X-fe
001
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000035
Content-Length
77
X-SpotX-Timing-Page
0.017398
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000301
Last-Modified
Sat, 25 Sep 2021 13:12:45 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.011528
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://ask.fm
X-SpotX-Timing-Page-Misc
0.004148
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000011
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=
ads.adaptv.advertising.com/a/h/ 		249 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=991000461&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.211.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-211-246.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
/
adx.adform.net/adx/ 		65 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&url=https%3A%2F%2Fask.fm%2Faltopeanut514&t=2
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:45 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=
ads.adaptv.advertising.com/a/h/ 		249 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=1210203449&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.211.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-211-246.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHuEXTfdKx9AY=
ads.adaptv.advertising.com/a/h/ 		249 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHuEXTfdKx9AY=?cb=504881260&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&duration=&id=&title=&url=&pi.width=400&pi.height=225&pi.viewable=1&eov=eov&pet=preroll&gdpr=0&gdpr_consent=&scpid=54345&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.211.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-211-246.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C9060699902225618525224100008,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
229114c7da680c5754f79632cbcc36bdf0832ee6ff95a957eb59591f7bb03500

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:45 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1156
x-sticky-vk
1632575564938062-530
Expires
Sat, 25 Sep 2021 13:12:45 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		993 B
861 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C16697977432225618525224100008%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
624e3a8a4fccdc7226542878c9e3332b48be58c42e4c7215494d24ea9d6555d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:45 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
609
expires
Sat, 25 Sep 2021 13:12:45 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C10306161222225618525224100008,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d9223317540e41ae188075f793640d1251a6c92d22dca8195b231a14e1203d29

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:45 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1158
x-sticky-vk
1632575565065003-579
Expires
Sat, 25 Sep 2021 13:12:45 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=0&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C22256185252241000081620547424%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
142613c9f77bca8b28ce502b83a412e3b65e3f7cf39779d2574a0c84beea34d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:45 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1192
x-sticky-vk
1632575564937063-505
Expires
Sat, 25 Sep 2021 13:12:45 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=0&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C2225618525224100008471406773%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ad197b69029f51b0fda3a18915d39d375430b314eb82551e5388120efa1e108f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:45 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1190
x-sticky-vk
1632575564989031-344
Expires
Sat, 25 Sep 2021 13:12:45 GMT
vg8w_5FE244+r7CJB_4mkZ3_YehF4CBX
ads.adaptv.advertising.com/a/h/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/vg8w_5FE244+r7CJB_4mkZ3_YehF4CBX?cb=1554178390&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.211.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-211-246.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
b81f4c7a44abb261a20210f925bf126d839d0e730d34976f5deae7e13bb6f295
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
909
expires
0
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=
ads.adaptv.advertising.com/a/h/ 		249 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=281571366&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.211.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-211-246.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
av
vidoomy-d.openx.net/v/1.0/
Redirect Chain
  • https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fask.fm%2Faltopeanut514&cb=1325996002&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C2225618525224100008109147015,,
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fask.fm%2Faltopeanut514&cb=1325996002&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C22256185252241000081091470...
48 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fask.fm%2Faltopeanut514&cb=1325996002&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C2225618525224100008109147015,,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.3 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:45 GMT
content-encoding
gzip
server
OXGW/16.216.3
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ask.fm
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Sat, 25 Sep 2021 13:12:45 GMT
via
1.1 google
server
OXGW/16.216.3
location
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fask.fm%2Faltopeanut514&cb=1325996002&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C2225618525224100008109147015,,
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ask.fm
access-control-allow-credentials
true
alt-svc
clear
content-length
0
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 25 Sep 2021 13:12:45 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame 9CFD 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 25 Sep 2021 13:12:45 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid_68c68ea6.js
vpaid.springserve.com/production/ Frame 8034 		491 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:c200:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a54b6501010a2a11a342b7f1459a10336ce2b96a98c523c015de676203f1e282

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:36:21 GMT
content-encoding
br
last-modified
Wed, 22 Sep 2021 17:34:44 GMT
server
AmazonS3
age
243385
etag
W/"c41b3f31e617ac05abbd6b79785bd64a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
jYJaaGTG0uQXRPfYEuEN516ZvmLd_CNgCDza1xH9CVF2Ne5v70xn7g==
truncated
/ 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
async_usersync.html
acdn.adnxs.com/dmp/ Frame 61E8 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 23 Sep 2021 04:19:37 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Sat, 25 Sep 2021 13:12:45 GMT
Age
31984
X-Served-By
cache-lga21939-LGA, cache-fra19141-FRA
X-Cache
HIT, HIT
X-Cache-Hits
3, 228832
X-Timer
S1632575566.781842,VS0,VE0
Vary
Accept-Encoding
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 8034 		963 B
843 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&schain=1.0,1!vidoomy.com,54345,1,1632575564515,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
93ac3ea7b416e629030cc10f62f72533869a5679a1e2b4c20106ab6ff90d1e89

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:45 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
591
expires
Sat, 25 Sep 2021 13:12:45 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame 8034 		0
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.211.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-211-246.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ask.fm
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ Frame 8034 		19 B
688 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:45 GMT
X-Proxy-Origin
91.199.118.76; 91.199.118.76; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
c49f124d-3a59-4d89-ac2f-7238aa3f0c32
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 8034 		19 B
688 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:45 GMT
X-Proxy-Origin
91.199.118.76; 91.199.118.76; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
62c78bbf-4352-4286-b4ca-f1fb14c3580a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 8034 		19 B
688 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:45 GMT
X-Proxy-Origin
91.199.118.76; 91.199.118.76; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
04e2e914-3a84-4f7f-b20a-33d307580b0f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
t
t.lkqd.net/ Frame 9CFD 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 25 Sep 2021 13:12:45 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 25 Sep 2021 13:12:45 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame C44F 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&schain=1.0,1!vidoomy.com,54345,1,1632575564515,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:45 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
showad.js
ads.pubmatic.com/AdServer/js/ Frame 118D 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&schain=1.0,1!vidoomy.com,54345,1,1632575564515,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=97442
expires
Sun, 26 Sep 2021 16:16:47 GMT
date
Sat, 25 Sep 2021 13:12:45 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame C44F 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&schain=1.0,1!vidoomy.com,54345,1,1632575564515,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:45 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:07:52 GMT
server
Apache/2.2.15 (CentOS)
etag
"13006b6-974e-5c4c7cb53d8cb"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=97442
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13946
expires
Sun, 26 Sep 2021 16:16:47 GMT
48953915
mc.yandex.com/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=1&wv-hit=795551383&page-url=https%3A%2F%2Fask.fm%2Faltopeanut514&rn=653282603&wv-type=5&browser-info=gdpr%3A14%3Aet%3A1632575566%3Aw%3A1600x1200%3Av%3A660%3Az%3A0%3Ai%3A20210925131245%3Au%3A1632575563880604643%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1632575566
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:45 GMT
last-modified
Sat, 25-Sep-2021 13:12:45 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 25-Sep-2021 13:12:45 GMT
bounce
ib.adnxs.com/ Frame 61E8
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:46 GMT
X-Proxy-Origin
91.199.118.76; 91.199.118.76; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
702c63fa-4d28-4e1c-b1b8-1de6eb135b9f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:45 GMT
X-Proxy-Origin
91.199.118.76; 91.199.118.76; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
d20ecb77-500e-4c92-9bd5-488abd966369
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 118D 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=74919552&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c6dc5ae6970d1eb42628f77cddb9fbec3bbe5f5d68f7d5bd4de57d7090e00159

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:45 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame 3610
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A
35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?CC=1&party=14&cid=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 25 Sep 2021 13:12:46 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=5262850625112599127; expires=Wed, 24 Nov 2021 13:12:46 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Sat, 25 Sep 2021 13:12:46 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
C=1; expires=Mon, 25 Oct 2021 13:12:46 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 7636
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=987620221106058175
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=987620221106058175
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=987620221106058175
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A; chkChromeAb67Sec=1; DPSync3=1633737600%3A201_197_219%7C1632614400%3A174; SyncRTB3=1633737600%3A13_7_8_220_21_56_3_54_161%7C1633824000%3A35; KRTBCOOKIE_377=6810-2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9&KRTB&22918-2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9&KRTB&23031-2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9; PugT=1632575566; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7&KRTB&16736-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7&KRTB&23019-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7&KRTB&23114-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7; KRTBCOOKIE_391=22924-3196635862961852579&KRTB&23263-3196635862961852579
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 25 Sep 2021 13:12:46 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-987620221106058175; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 25-Oct-2021 13:12:46 GMT; path=/ PugT=1632575566; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 25-Oct-2021 13:12:46 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 24-Dec-2021 13:12:46 GMT; path=/
x-lat
lhrpug009:0:465
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=987620221106058175
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame C957 		43 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Sat, 25 Sep 2021 13:12:45 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Sat, 25 Sep 2021 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
550595
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 118D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_r1vqrFXTr2Dyh91CdZbGg%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:45 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=19642
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Sat, 25 Sep 2021 18:40:07 GMT

Redirect headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 118D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ba1c614f-204d-4600-9bd5-42180ca7e8a4
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ba1c614f-204d-4600-9bd5-42180ca7e8a4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:45 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 25 Sep 2021 13:12:46 GMT
Server
MT3 3984 0e3af3b master cdg-pixel-x13 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ba1c614f-204d-4600-9bd5-42180ca7e8a4
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 25 Sep 2021 13:12:45 GMT
/
pixel.onaudience.com/ Frame 118D
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=318d9fe07b519d1d04ab4ef3667bdd31
35 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=318d9fe07b519d1d04ab4ef3667bdd31
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.59.148.16 , France, ASN16276 (OVH, FR),
Reverse DNS
pikafka-2.cloudy.ovh
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-length
35
content-type
image/gif

Redirect headers

date
Sat, 25 Sep 2021 13:12:46 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=318d9fe07b519d1d04ab4ef3667bdd31
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 118D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RkVCRDZGQUEtQjE1Ny00RUJELTgzQ0EtMUY3NTA5RDY1QjFB&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:46 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug001:0:347
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 118D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAMN9GLynvTCPFX3wlg9Stk&google_cver=1
42 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAMN9GLynvTCPFX3wlg9Stk&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:46 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug006:0:432
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAMN9GLynvTCPFX3wlg9Stk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 118D 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:45 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 24 Sep 2021 13:12:45 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 118D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:46 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug018:0:354
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:45 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame 118D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3196635862961852579
42 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3196635862961852579
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:46 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug019:0:485
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:46 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3196635862961852579
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 118D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:a41c614f-204d-4e00-82b5-82420cc0a8a7&gdpr=0&gdpr_consent=
42 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:a41c614f-204d-4e00-82b5-82420cc0a8a7&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:46 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug017:0:464
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 25 Sep 2021 13:12:46 GMT
Server
MT3 3984 0e3af3b master cdg-pixel-x14 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:a41c614f-204d-4e00-82b5-82420cc0a8a7&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 25 Sep 2021 13:12:45 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 118D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4052348112198880942&gdpr=0&gdpr_consent=
42 B
288 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4052348112198880942&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:46 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug007:0:420
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:45 GMT
X-Proxy-Origin
91.199.118.76; 91.199.118.76; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
eeb08515-76cd-4482-8135-13b54ec728d5
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4052348112198880942&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 118D
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=3TmqINk4qiLGbq0k0jizd95up3bGP6t12Twy2EZh
42 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=3TmqINk4qiLGbq0k0jizd95up3bGP6t12Twy2EZh
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:46 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug008:0:472
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:45 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=3TmqINk4qiLGbq0k0jizd95up3bGP6t12Twy2EZh
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
48953915
mc.yandex.com/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=1&wv-hit=795551383&page-url=https%3A%2F%2Fask.fm%2Faltopeanut514&rn=57779150&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1632575566%3Aw%3A1600x1200%3Av%3A660%3Az%3A0%3Ai%3A20210925131246%3Au%3A1632575563880604643%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1632575566
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:46 GMT
last-modified
Sat, 25-Sep-2021 13:12:46 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 25-Sep-2021 13:12:46 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame C44F 		27 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&schain=1.0,1!vidoomy.com,54345,1,1632575564515,,&us_privacy=&cb=1632575565786&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fask.fm%252Faltopeanut514&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fask.fm%252Faltopeanut514&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-9-25%2013:12:46&ranreq=0.12862610411978959&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&schain=1.0,1!vidoomy.com,54345,1,1632575564515,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:46 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://ask.fm
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 8034 		67 B
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&playerSize=400x225&loc=https%3A%2F%2Fask.fm%2Faltopeanut514&_fw_gdpr=&_fw_gdpr_consent=&cb=1632575564515&width=400&height=225&dnt=&ip=146.20.132.66&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&schain=1.0,1!vidoomy.com,54345,1,1632575564515,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:46 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1632575566474006-604
Expires
Sat, 25 Sep 2021 13:12:46 GMT
track
aktrack.pubmatic.com/ Frame 8034 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1632575565&wa=0&e=96&ier=901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:46 GMT
content-length
0
content-type
text/html
i
vid-io-cle.springserve.com/vd/ Frame 8034 		0
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=1641a9b6&ps_id=357265&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.243.179 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-141-243-179.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 25 Sep 2021 13:12:46 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
async_usersync
ib.adnxs.com/ Frame 61E8 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:46 GMT
X-Proxy-Origin
91.199.118.76; 91.199.118.76; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
57b97db7-1f8f-46e7-8d87-b11aadfb1697
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame 66E0 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 5AC6 		337 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
473f9af2c2b3673ff53946714c6fa377298cdfd1b440b76f672d54c47653b9ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 13:12:47 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Sep 2021 12:45:27 GMT
ETag
"1632401127"
X-HW
1632575567.dop109.fr8.t,1632575567.cds041.fr8.shn,1632575567.cds041.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
116229
t
t.lkqd.net/ Frame 9CFD 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 25 Sep 2021 13:12:47 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 25 Sep 2021 13:12:47 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
optad360.js
serving.stat-rock.com/player/ 		307 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serving.stat-rock.com/player/optad360.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.217.114.174 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap10.adplayer.pro
Software
nginx /
Resource Hash
dec9b1658814521902f86d8ba736b2e32de4fc3642069815e0a7d852f0ca9383

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:47 GMT
content-encoding
gzip
last-modified
Mon, 06 Sep 2021 07:45:44 GMT
server
nginx
etag
W/"6135c728-4caf3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=600
prebid
ib.adnxs.com/ut/v3/ 		139 B
964 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
903bc9d65c961b9bd151aacfdc026226b0888b0c3bab67dfff1e103f6628defd
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:47 GMT
X-Proxy-Origin
91.199.118.76; 91.199.118.76; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
5e958369-d215-41a7-b05a-d9b4d0eb78e8
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
adx.adform.net/adx/ 		5 B
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTgwMjYyMCZ0cmFuc2FjdGlvbklkPWE5NGU1NTlhLTc0NGItNDU5Yi05NGRiLWJiN2JmNDdkYWRjNiZyY3VyPVBMTg%3D%3D&pt=gross&stid=fc87b1a6-01e9-419e-9e82-80ac40502331&gdpr=0&gdpr_consent=undefined&fd=1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:47 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
prebid
ib.adnxs.com/ut/v3/ 		19 B
843 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:47 GMT
X-Proxy-Origin
91.199.118.76; 91.199.118.76; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
7a598446-3d41-452b-aff3-976ea6565ea7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ 		630 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
Cookie set altopeanut514
ask.fm/ 		13 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ask.fm/altopeanut514
Requested by
Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/optad360.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.138.77.146 , Latvia, ASN395754 (ASK-FM, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
fc33f6ee19c23a5e87c5e5a4d03942bc814f36792b9a87b5bb7329db74edac8c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://ask.fm/altopeanut514
Cookie
locale=de; uuid=7212ab51-33a2-454e-ab85-3fd71008cf91; country=DE; _ym_uid=1632575563880604643; _ym_d=1632575563; _ym_isad=2; _ym_visorc=w; _awl=2.1632575563.0.4-f8f33467-be4e44a596c124b41b0db1ca0ab80ce3-6763652d6575726f70652d7765737431-614f204b-0; _m_ask_fm_session=V3l3VDJMT1BZdGIrcDEvek5ob2lldHVmemRNazNnMXhnZDRxMERZakFaNVh5Mk1za0JMQUo0bi9wRTRPcFRkbE51MW9kQlFxY0w3K0k2RVNob1RjamdtSFBRZlJZVlJFTG8zYzRHeTNqVVQ2S05VUGhjbkdRVnpMbHpTUmNDclpXQzFWQm5LMmxMalJvUUFPclZmSXNXbXZNVWt2V0ZEUWRxZHBUWU5BUEFBTERTL0VDcVNvT285b1BqQXF1WmJubFQra3lMaVFqTUVTOTZUQmhOelFScDJ3bmRERXcwcmszVVBuOVlNRUxNMVdOd0E1NEFORE92T0U3alovb05sSS0tVDhpL2xmUVVEOW50OVFkKzl5NXdFdz09--a0ecb5fba6d58205f4447c21fd3bdc222325994a; _ga=GA1.2.439242087.1632575564; _gid=GA1.2.933855381.1632575564; _gat_UA-12308109-15=1; _pbjs_userid_consent_data=6683316680106290; cto_bidid=FtsN3F9SR0R0QUhWR0NFZG51aW5nS0gyYWxTbkF3TnI2Q2ZLcGFoQ2g4N25PdE0lMkZYTHI1Uzc4eDhrOWUyUHE3cWd5WGk4U0FOOWdLSWNtRHQ3U1FOcDlhQmt3JTNEJTNE; cto_bundle=5iQipV8lMkJDQTlxejJybm9NJTJGdG55d0hJNUMxemw4QjhzYmlPaWQ1SHdkOGZMZEJtJTJGVXBTbVhwSDVlTlhBcHZyZ1hnZThISkFyTDk5MlVSZUZ0NTcwVTVxQ0NlejhQTTY4QWMySDklMkY2UzJnVnJJc3hrJTNE
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/altopeanut514
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 13:12:47 GMT
X-Content-Type-Options
nosniff
Server
Ask.FM Web Service
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=63072000
Content-Type
text/html; charset=utf-8
Status
410 Gone
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Security-Policy
frame-ancestors 'self' https://askfm.adspirit.de
Set-Cookie
locale=de; path=/; expires=Sun, 25 Sep 2022 19:12:47 GMT _m_ask_fm_session=UUFkbDRsQmJCVllRU0s3SWY1ek5UdmtqNy9IY1Q2Y1h3Q0szNHB3Q3BxQXVMZDJCM1NFRkpub3k0aHVaL1d0aHVYZVNSRjdkejhyK2N4MG5JZ1B2UVZHWmhLRFRaQWdEQW96R2dTeitVeUp2anJ6cW9XT2NYT2ExRG9oT3F5ek5MVnhSOXVxbmVWZlgwbkNtQXBlMkRhQlRITVhYdUxYNUo2ZjhzTzIybmJicHZIUDBFMEhXUllHeDdicC9oU2ZNT1ZYMnVyOG80dmxvakJSQXJLd3BGNjZOVWN6Q2ZIampvS28wS0xRTmxjOEtPWWQ1OTJ0a2pLcWtNSFpFaExEcy0tNXBoaUJRRldwMEpBZG9YczVxbFZPQT09--734fea42426ef9b84438b84ac907c06e3aa2d9a9; path=/; expires=Tue, 28 Sep 2021 13:12:47 GMT; secure; HttpOnly
X-XSS-Protection
1; mode=block
1
serving.stat-rock.com/v1/log/js/ 		35 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1632575567433.3223&type=INIT&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Faltopeanut514&t=160&v=96&width=528&z=p%3Adf%3Bv%3AinView%3B&r=0.9577985916135656
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.217.114.174 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap10.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 25 Sep 2021 13:12:47 GMT
srvf
95.217.114.174
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
1
serving.stat-rock.com/v1/log/js/ 		35 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1632575567433.3223&type=REQUEST&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Faltopeanut514&t=170&v=96&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.7908850645925252
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.217.114.174 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap10.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 25 Sep 2021 13:12:47 GMT
srvf
95.217.114.174
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
apacdex
sync.quantumdex.io/usersync/ Frame A29B 		3 KB
891 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01f5caba89975bb90734854ce526fdcefe9133146131e4399bd6990bc403c856

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/apacdex
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ask.fm/
accept-encoding
gzip, deflate, br
cookie
uid=c990a07e-7621-452b-bf46-088b1ee35109
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

date
Sat, 25 Sep 2021 13:12:47 GMT
content-type
text/html
set-cookie
uid=c990a07e-7621-452b-bf46-088b1ee35109; expires=Fri, 15 Oct 2021 13:12:47 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
694481913b864e56-FRA
content-encoding
gzip
connectmyusers.php
cdn.connectad.io/ Frame 2C1B 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

:method
GET
:authority
cdn.connectad.io
:scheme
https
:path
/connectmyusers.php?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ask.fm/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

date
Sat, 25 Sep 2021 13:12:47 GMT
content-type
text/html; charset=UTF-8
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
694481914a240601-FRA
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
async_usersync.html
acdn.adnxs.com/dmp/ Frame A991 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ask.fm/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=8927850195643254724
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 23 Sep 2021 04:19:37 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Sat, 25 Sep 2021 13:12:47 GMT
Age
31986
X-Served-By
cache-lga21939-LGA, cache-fra19141-FRA
X-Cache
HIT, HIT
X-Cache-Hits
3, 228844
X-Timer
S1632575568.549787,VS0,VE0
Vary
Accept-Encoding
sspmatch-iframe
ads.betweendigital.com/ Frame 3683 		658 B
837 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
105c64b2f4e05e10b46c300fe20b3f437ef3d5001aba724b0afce53df1aa49ea

Request headers

:method
GET
:authority
ads.betweendigital.com
:scheme
https
:path
/sspmatch-iframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ask.fm/
accept-encoding
gzip, deflate, br
cookie
dc=mow1; tuuid=1c5515e0-a932-510c-8278-6f2ce3374f60; ut=YU8gTAAEuvBROWnsy5AqYuimXQIxO3jvcrXFng==; ss=1; unm=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
set-cookie
unm=; Max-Age=0; Expires=Sat, 25 Sep 2021 13:12:47 GMT; Path=/; SameSite=None; Secure
content-length
658
/
onetag-sys.com/usync/ Frame 5DB8 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1632575567119
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?cb=1632575567119
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ask.fm/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
/
onetag-sys.com/usync/ Frame DF26 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1632575564512
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?cb=1632575564512
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ask.fm/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
ixmatch.html
js-sec.indexww.com/um/ Frame ECFD 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ask.fm/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Sat, 25 Sep 2021 13:12:47 GMT
Connection
keep-alive
async_usersync.html
acdn.adnxs.com/dmp/ Frame 06BF 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ask.fm/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=8927850195643254724
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 23 Sep 2021 04:19:37 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Sat, 25 Sep 2021 13:12:47 GMT
Age
31986
X-Served-By
cache-lga21939-LGA, cache-fra19141-FRA
X-Cache
HIT, HIT
X-Cache-Hits
3, 228845
X-Timer
S1632575568.558040,VS0,VE0
Vary
Accept-Encoding
setuid
prebid.a-mo.net/
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D32e092a3-32a2-43ee-b676-ef022766cbbf%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D32e092a3-32a2-43ee-b676-ef022766cbbf%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://prebid.a-mo.net/setuid?A=32e092a3-32a2-43ee-b676-ef022766cbbf&D=&bidder=sovrn&uid=e73a2f314ad509028b031230
0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=32e092a3-32a2-43ee-b676-ef022766cbbf&D=&bidder=sovrn&uid=e73a2f314ad509028b031230
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:47 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Date
Sat, 25 Sep 2021 13:12:47 GMT
Server
nginx
Location
https://prebid.a-mo.net/setuid?A=32e092a3-32a2-43ee-b676-ef022766cbbf&D=&bidder=sovrn&uid=e73a2f314ad509028b031230
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
prebid.a-mo.net/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D32e092a3-32a2-43ee-b676-ef022766cbbf%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID
  • https://prebid.a-mo.net/setuid?A=32e092a3-32a2-43ee-b676-ef022766cbbf&D=&bidder=pubmatic&uid=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A
0
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=32e092a3-32a2-43ee-b676-ef022766cbbf&D=&bidder=pubmatic&uid=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:46 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=32e092a3-32a2-43ee-b676-ef022766cbbf&D=&bidder=pubmatic&uid=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A
date
Sat, 25 Sep 2021 13:12:47 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
onetag-sys.com/usync/ 		0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?tag=img
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
verizon_video
prebid.a-mo.net/setuid/
Redirect Chain
  • https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=32e092a3-32a2-43ee-b676-ef022766cbbf
  • https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=32e092a3-32a2-43ee-b676-ef022766cbbf&verify=true
  • https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=32e092a3-32a2-43ee-b676-ef022766cbbf&apid=UP47467410-1e02-11ec-9e09-026026bb297a
  • https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=32e092a3-32a2-43ee-b676-ef022766cbbf&apid=UP47467410-1e02-11ec-9e09-026026bb297a&verify=true
  • https://prebid.a-mo.net/setuid/verizon_video?uid=UP47467410-1e02-11ec-9e09-026026bb297a&gdpr=0&gdpr_consent=
0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/verizon_video?uid=UP47467410-1e02-11ec-9e09-026026bb297a&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:47 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Date
Sat, 25 Sep 2021 13:12:47 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://prebid.a-mo.net/setuid/verizon_video?uid=UP47467410-1e02-11ec-9e09-026026bb297a&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
setuid
prebid.a-mo.net/
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D32e092a3-32a2-43ee-b676-ef022766cbbf%26D%3D%26bidder%3Dindex_rtb%26uid%3D
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D32e092a3-32a2-43ee-b676-ef022766cbbf%26D%3D%26bidder%3Dindex_rtb%26uid%3D&s=191503&C=1
  • https://prebid.a-mo.net/setuid?A=32e092a3-32a2-43ee-b676-ef022766cbbf&D=&bidder=index_rtb&uid=YU8gT.8YpUffu51V2cqPtAAA%261137
0
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=32e092a3-32a2-43ee-b676-ef022766cbbf&D=&bidder=index_rtb&uid=YU8gT.8YpUffu51V2cqPtAAA%261137
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:47 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://prebid.a-mo.net/setuid?A=32e092a3-32a2-43ee-b676-ef022766cbbf&D=&bidder=index_rtb&uid=YU8gT.8YpUffu51V2cqPtAAA%261137
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
321
Expires
Sat, 25 Sep 2021 13:12:47 GMT
setuid
prebid.a-mo.net/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D32e092a3-32a2-43ee-b676-ef022766cbbf%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=32e092a3-32a2-43ee-b676-ef022766cbbf&D=&bidder=appnexus&uid=8927850195643254724
0
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=32e092a3-32a2-43ee-b676-ef022766cbbf&D=&bidder=appnexus&uid=8927850195643254724
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:47 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:47 GMT
X-Proxy-Origin
91.199.118.76; 91.199.118.76; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
63874b22-8b69-45e5-b97f-a3f3340066aa
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://prebid.a-mo.net/setuid?A=32e092a3-32a2-43ee-b676-ef022766cbbf&D=&bidder=appnexus&uid=8927850195643254724
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame A991 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:47 GMT
X-Proxy-Origin
91.199.118.76; 91.199.118.76; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
dbc04185-fb60-4773-b967-5cd05787f00d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 06BF 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:47 GMT
X-Proxy-Origin
91.199.118.76; 91.199.118.76; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
e3c71f54-5c8e-4ac8-b01a-82a1a7c861ca
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
match
ads.betweendigital.com/ Frame 3683
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=6cb7c9dc-c4fa-434e-886d-1c7105398e76
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=6cb7c9dc-c4fa-434e-886d-1c7105398e76
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=5777dea3-8fa8-490c-bd66-41eb7e460022&user_group=1&ssp=between&bsw_param=6cb7c9dc-c4fa-434e-886d-1c7105398e76
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=6cb7c9dc-c4fa-434e-886d-1c7105398e76
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=6cb7c9dc-c4fa-434e-886d-1c7105398e76
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=6cb7c9dc-c4fa-434e-886d-1c7105398e76
date
Sat, 25 Sep 2021 13:12:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
match
ads.betweendigital.com/ Frame 3683
Redirect Chain
  • https://px.adhigh.net/p/cm/btw
  • https://px.adhigh.net/p/cm/btw?bounced=1
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=jsds7aivMM.AikABlF8HRY3uw
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=jsds7aivMM.AikABlF8HRY3uw
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:47 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f10-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=jsds7aivMM.AikABlF8HRY3uw
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
match
ads.betweendigital.com/ Frame 3683
Redirect Chain
  • https://sync.bumlam.com/?src=bw1&uid=1c5515e0-a932-510c-8278-6f2ce3374f60
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjPwLyKBlIFvp7KygpiJDFjNTUxNWUwLWE5MzItNTEwYy04Mjc4LTZmMmNlMzM3NGY2MA**
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjPwLyKBlIFvp7KygpiJDFjNTUxNWUwLWE5MzItNTEwYy04Mjc4LTZmMmNlMzM3NGY2MKIBEEdXUGIeAhHshuAAJZDAZHw*
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQABjPwLyKBmIkMWM1NTE1ZTAtYTkzMi01MTBjLTgyNzgtNmYyY2UzMzc0ZjYwogEQR1dQYh4CEeyG4AAlkMBkfA**
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQARjPwLyKBmIkMWM1NTE1ZTAtYTkzMi01MTBjLTgyNzgtNmYyY2UzMzc0ZjYwogEQR1dQYh4CEeyG4AAlkMBkfA**
  • https://ads.betweendigital.com/match?bidder_id=18&external_user_id=47575062-1e02-11ec-86e0-002590c0647c
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=47575062-1e02-11ec-86e0-002590c0647c
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Date
Sat, 25 Sep 2021 13:12:47 GMT
Server
nginx
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=47575062-1e02-11ec-86e0-002590c0647c
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
match
ads.betweendigital.com/ Frame 3683
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true
  • https://ads.betweendigital.com/match?bidder_id=114&external_user_id=ccf92b5941375174c26fa655
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=ccf92b5941375174c26fa655
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Date
Sat, 25 Sep 2021 13:12:47 GMT
Server
nginx
Location
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=ccf92b5941375174c26fa655
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
bidder_18.html
cache.betweendigital.com/code/ Frame 6A96 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cache.betweendigital.com/code/bidder_18.html?USER_ID=1c5515e0-a932-510c-8278-6f2ce3374f60&CACHEBUSTER=341115
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.236.71.82 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software
nginx /
Resource Hash
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad

Request headers

:method
GET
:authority
cache.betweendigital.com
:scheme
https
:path
/code/bidder_18.html?USER_ID=1c5515e0-a932-510c-8278-6f2ce3374f60&CACHEBUSTER=341115
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.betweendigital.com/
accept-encoding
gzip, deflate, br
cookie
dc=mow1; tuuid=1c5515e0-a932-510c-8278-6f2ce3374f60; ut=YU8gTAAEuvBROWnsy5AqYuimXQIxO3jvcrXFng==; ss=1; unm=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/

Response headers

server
nginx
date
Sat, 25 Sep 2021 13:12:47 GMT
content-type
text/html
last-modified
Tue, 08 Jun 2021 15:45:03 GMT
etag
W/"60bf907f-ee9"
content-encoding
gzip
1
sync-eu.connectad.io/syncer/ Frame 31E7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/syncer/1
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
sync-eu.connectad.io
:scheme
https
:path
/syncer/1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cdn.connectad.io/
accept-encoding
gzip, deflate, br
cookie
cadsync
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.connectad.io/

Response headers

date
Sat, 25 Sep 2021 13:12:47 GMT
set-cookie
id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None uid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
cache-control
no-cache, private
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
69448191cb100601-FRA
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame ADA4 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4aece76c8b53523abc6c7642fe7c2d2cd075cad799c92eea09356ceeae2d12b4

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Cookie
CMID=YU8gT.8YpUffu51V2cqPtAAA; CMPS=5227
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|241|45|39|221|130|41|206
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1665
Expires
Sat, 25 Sep 2021 13:12:47 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:47 GMT
Connection
keep-alive
Set-Cookie
CMID=YU8gT.8YpUffu51V2cqPtAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 25 Sep 2022 13:12:47 GMT CMPS=5227;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 24 Dec 2021 13:12:47 GMT CMPRO=1137;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 24 Dec 2021 13:12:47 GMT CMRUM3=dd614f204f2760&29614f204f05a0&2d614f204f05a0&27614f204f0b40&ce614f204f05a0&e6614f204f2760&f1614f204f05a0&82614f204fa8c0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 25 Sep 2022 13:12:47 GMT CMST=YU8gT2FPIE8A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 26 Sep 2021 13:12:47 GMT
Cookie set altopeanut514
ask.fm/ 		13 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ask.fm/altopeanut514
Requested by
Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/optad360.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.138.77.146 , Latvia, ASN395754 (ASK-FM, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
0c5fc75c7cc27f9fce0ab8932a7603dfd821a401816c869eb3c3f3c7df375ec6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://ask.fm/altopeanut514
Cookie
locale=de; uuid=7212ab51-33a2-454e-ab85-3fd71008cf91; country=DE; _ym_uid=1632575563880604643; _ym_d=1632575563; _ym_isad=2; _ym_visorc=w; _awl=2.1632575563.0.4-f8f33467-be4e44a596c124b41b0db1ca0ab80ce3-6763652d6575726f70652d7765737431-614f204b-0; _ga=GA1.2.439242087.1632575564; _gid=GA1.2.933855381.1632575564; _gat_UA-12308109-15=1; _pbjs_userid_consent_data=6683316680106290; cto_bidid=FtsN3F9SR0R0QUhWR0NFZG51aW5nS0gyYWxTbkF3TnI2Q2ZLcGFoQ2g4N25PdE0lMkZYTHI1Uzc4eDhrOWUyUHE3cWd5WGk4U0FOOWdLSWNtRHQ3U1FOcDlhQmt3JTNEJTNE; cto_bundle=5iQipV8lMkJDQTlxejJybm9NJTJGdG55d0hJNUMxemw4QjhzYmlPaWQ1SHdkOGZMZEJtJTJGVXBTbVhwSDVlTlhBcHZyZ1hnZThISkFyTDk5MlVSZUZ0NTcwVTVxQ0NlejhQTTY4QWMySDklMkY2UzJnVnJJc3hrJTNE; _m_ask_fm_session=UUFkbDRsQmJCVllRU0s3SWY1ek5UdmtqNy9IY1Q2Y1h3Q0szNHB3Q3BxQXVMZDJCM1NFRkpub3k0aHVaL1d0aHVYZVNSRjdkejhyK2N4MG5JZ1B2UVZHWmhLRFRaQWdEQW96R2dTeitVeUp2anJ6cW9XT2NYT2ExRG9oT3F5ek5MVnhSOXVxbmVWZlgwbkNtQXBlMkRhQlRITVhYdUxYNUo2ZjhzTzIybmJicHZIUDBFMEhXUllHeDdicC9oU2ZNT1ZYMnVyOG80dmxvakJSQXJLd3BGNjZOVWN6Q2ZIampvS28wS0xRTmxjOEtPWWQ1OTJ0a2pLcWtNSFpFaExEcy0tNXBoaUJRRldwMEpBZG9YczVxbFZPQT09--734fea42426ef9b84438b84ac907c06e3aa2d9a9
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/altopeanut514
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 13:12:47 GMT
X-Content-Type-Options
nosniff
Server
Ask.FM Web Service
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=63072000
Content-Type
text/html; charset=utf-8
Status
410 Gone
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Security-Policy
frame-ancestors 'self' https://askfm.adspirit.de
Set-Cookie
locale=de; path=/; expires=Sun, 25 Sep 2022 19:12:47 GMT _m_ask_fm_session=RnZWVUdoMFcvQ0J5UUliMjM1cEkvRTBwSFhsRXpjbkNiK2VTSitseStRN0VzcDIxeUhiMWJ4VzhYcEM0c0tIRXYyemhZc3RkSWFXWGk5dUg4SWp1eUZudENVZm5CYkNXSGFEQkp5a0dxWVdqUkJYcnJjTGhGTjV5eWhaL05NVEZFRVBDZHM0blFMVGdEUEE2MStGOHpIQVkraGFCZ3RkME81S0RHVDFpYkRYRHFZMzEvUTlYUXZKNTczeitGVkl1YmFPREh2R25JN01JMjR5REswRlg1aEpYZFNtVkNtZWlFaHBRbDExWlN2VDZDWkt3Y1d4Z3RCQnFNaGZ4djB6cy0tNWN1VGhsd05VZFZ6MmFMQS9HODltUT09--b27617edb5cb8fad85b096b13b5d7fe32554e362; path=/; expires=Tue, 28 Sep 2021 13:12:47 GMT; secure; HttpOnly
X-XSS-Protection
1; mode=block
1
serving.stat-rock.com/v1/log/js/ 		35 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?d=1&id=1632575567433.3223&type=REQUEST&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Faltopeanut514&t=419&v=96&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.16923193552988303
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.217.114.174 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap10.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 25 Sep 2021 13:12:47 GMT
srvf
95.217.114.174
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
usermatchredir
ssum-sec.casalemedia.com/ Frame ADA4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YU8gT-8YpUffu51V2cqPtAAABHEAAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENINJpqBZL7wKxdMX6i6mXc&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENINJpqBZL7wKxdMX6i6mXc&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 25 Sep 2021 13:12:47 GMT

Redirect headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENINJpqBZL7wKxdMX6i6mXc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame ADA4
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YU8gT-8YpUffu51V2cqPtAAABHEAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YU8gT-8YpUffu51V2cqPtAAABHEAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YU8gT-8YpUffu51V2cqPtAAABHEAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
VZAWBSS5BNY4SKMFW2G1
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
0Q96EKJ2T00X0ASPJB5P
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YU8gT-8YpUffu51V2cqPtAAABHEAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame ADA4
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YU8gT.8YpUffu51V2cqPtAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENv6bS-zEYs8_ronTLUPGYA&google_cver=1&gdpr=1&google_hm=2
43 B
999 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENv6bS-zEYs8_ronTLUPGYA&google_cver=1&gdpr=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 25 Sep 2021 13:12:47 GMT

Redirect headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENv6bS-zEYs8_ronTLUPGYA&google_cver=1&gdpr=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame ADA4 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:47 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tpid=YU8gT.8YpUffu51V2cqPtAAA%261137
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame ADA4
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YU8gT.8YpUffu51V2cqPtAAA%261137?gdpr_consent=&us_privacy=&gdpr=1
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YU8gT.8YpUffu51V2cqPtAAA%261137?gdpr_consent=&us_privacy=&gdpr=1
49 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YU8gT.8YpUffu51V2cqPtAAA%261137?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.109.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-109-165.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:47 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.6.126
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:47 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YU8gT.8YpUffu51V2cqPtAAA%261137?gdpr_consent=&us_privacy=&gdpr=1
cache-control
no-cache
x-server
10.45.24.128
content-length
0
expires
0
ie
match.prod.bidr.io/cookie-sync/ Frame ADA4 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.6.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-6-213.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:47 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge
cm.adgrx.com/ Frame ADA4 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.180.197 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:47 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-1
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
sync
ups.analytics.yahoo.com/ups/55940/ Frame ADA4 		0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YU8gT-8YpUffu51V2cqPtAAABHEAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 13:12:47 GMT
Server
ATS/7.1.2.138
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
htw-pixel.gif
js-sec.indexww.com/ht/ Frame ADA4 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YU8gT.8YpUffu51V2cqPtAAA%261137
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 13:12:47 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2480
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sat, 25 Sep 2021 13:54:07 GMT
1.gif
id5-sync.com/c/495/0/0/ Frame A29B
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.95.3.40 , France, ASN16276 (OVH, FR),
Reverse DNS
p30.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 13:12:43 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

Location
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Date
Sat, 25 Sep 2021 13:12:43 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
us
sync.go.sonobi.com/ Frame A29B 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:47 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame A29B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8927850195643254724
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8927850195643254724
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
69448192feba4e56-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:47 GMT
X-Proxy-Origin
91.199.118.76; 91.199.118.76; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
9585fdeb-e3d0-4c58-9418-33377b0b4f1c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8927850195643254724
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame A29B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-x2MY60RE2uF6egs3D3sD2pYwtpBLAwjRpjwNDdE-~A
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-x2MY60RE2uF6egs3D3sD2pYwtpBLAwjRpjwNDdE-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
694481930ee74e56-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Sat, 25 Sep 2021 13:12:47 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-x2MY60RE2uF6egs3D3sD2pYwtpBLAwjRpjwNDdE-~A
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame A29B
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-c91a1d0f-81a0-4258-a831-9ecf1e8e2183-003&rndcb=4264948998
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=6cb7c9dc-c4fa-434e-886d-1c7105398e76&google_hm=NmNiN2M5ZGMtYzRmYS00MzRlLTg4NmQtMWM3MTA1Mzk4...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEK8HgWwVrf_7WHOTJmBHD14&google_cver=1&ssp=adconductor&bsw_param=6cb7c9dc-c4fa-434e-886d-1c7105398e76
  • https://sync.1rx.io/usersync/bidswitch/6cb7c9dc-c4fa-434e-886d-1c7105398e76?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-c91a1d0f-81a0-4258-a831-9ecf1e8e2183-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-c91a1d0f-81a0-4258-a831-9ecf1e8...
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-c91a1d0f-81a0-4258-a831-9ecf1e8e2183-003
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-c91a1d0f-81a0-4258-a831-9ecf1e8e2183-003
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
69448193d8654e56-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-c91a1d0f-81a0-4258-a831-9ecf1e8e2183-003
date
Sat, 25 Sep 2021 13:12:47 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXc91a1d0f81a04258a8319ecf1e8e2183003
content-type
text/html
setuid
sync.quantumdex.io/ Frame A29B
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP47467410-1e02-11ec-9e09-026026bb297a
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP47467410-1e02-11ec-9e09-026026bb297a
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP47467410-1e02-11ec-9e09-026026bb297a
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
694481933f324e56-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Sat, 25 Sep 2021 13:12:47 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP47467410-1e02-11ec-9e09-026026bb297a
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame A29B
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=cbdca909-bc2e-4a8f-ba01-f245dc58bf85
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=cbdca909-bc2e-4a8f-ba01-f245dc58bf85
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
694481930ef44e56-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=cbdca909-bc2e-4a8f-ba01-f245dc58bf85
date
Sat, 25 Sep 2021 13:12:47 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame A29B
Redirect Chain
  • https://ms.quantumdex.io/user/sync/quantumdex
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=61a46153-8193-4dcb-a444-6f5fc56358de
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=61a46153-8193-4dcb-a444-6f5fc56358de
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
694481934f684e56-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=61a46153-8193-4dcb-a444-6f5fc56358de
date
Sat, 25 Sep 2021 13:12:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
694481929e184e56-FRA
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
setuid
sync.quantumdex.io/ Frame A29B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8927850195643254724
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8927850195643254724
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
694481930eeb4e56-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:47 GMT
X-Proxy-Origin
91.199.118.76; 91.199.118.76; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
5fc844d8-bbc7-4107-9a27-09ba76da1164
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8927850195643254724
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame A29B
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=ccf92b5941375174c26fa655
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=ccf92b5941375174c26fa655
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
69448192ee924e56-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Sat, 25 Sep 2021 13:12:47 GMT
Server
nginx
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=ccf92b5941375174c26fa655
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
Cookie set uc.html
sync.go.sonobi.com/ Frame 6C89 		43 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Date
Sat, 25 Sep 2021 13:12:47 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s57129|YU8gU; path=/; domain=.go.sonobi.com
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 89E4 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
18a1792b88ac5d490a1f628c3f1aca8f9914e93d27b92473430cb895f5d950f9

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Cookie
CMID=YU8gT.8YpUffu51V2cqPtAAA; CMPS=5227; CMPRO=1137; CMST=YU8gT2FPIE8A; CMRUM3=dd614f204f2760&29614f204f05a0&2d614f204f05a0&27614f204f0b40&ce614f204f05a0&e6614f204f2760&f1614f204f05a0&82614f204fa8c0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
46|73|4|3|45|230|13|241
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1858
Expires
Sat, 25 Sep 2021 13:12:47 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:47 GMT
Connection
keep-alive
Set-Cookie
CMID=YU8gT.8YpUffu51V2cqPtAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 25 Sep 2022 13:12:47 GMT CMPS=5227;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 24 Dec 2021 13:12:47 GMT CMPRO=1137;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 24 Dec 2021 13:12:47 GMT CMRUM3=03614f204f05a0&f1614f204f05a0&82614f204fa8c0&e6614f204f2760&04614f204f05a0&ce614f204f05a0&49614f204f05a0&27614f204f0b40&0d614f204f05a0&2d614f204f05a0&29614f204f05a0&2e614f204f05a0&dd614f204f2760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 25 Sep 2022 13:12:47 GMT
/
onetag-sys.com/usync/ Frame ACD9 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 31BF 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A; chkChromeAb67Sec=1; DPSync3=1633737600%3A201_197_219%7C1632614400%3A174; SyncRTB3=1633737600%3A13_7_8_220_21_56_3_54_161%7C1633824000%3A35; KRTBCOOKIE_377=6810-2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9&KRTB&22918-2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9&KRTB&23031-2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9; PugT=1632575566; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7&KRTB&16736-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7&KRTB&23019-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7&KRTB&23114-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7; KRTBCOOKIE_391=22924-3196635862961852579&KRTB&23263-3196635862961852579; KRTBCOOKIE_57=22776-4052348112198880942; KRTBCOOKIE_80=22987-CAESEAMN9GLynvTCPFX3wlg9Stk&KRTB&16514-CAESEAMN9GLynvTCPFX3wlg9Stk&KRTB&23025-CAESEAMN9GLynvTCPFX3wlg9Stk; KRTBCOOKIE_153=19420-3TmqINk4qiLGbq0k0jizd95up3bGP6t12Twy2EZh&KRTB&22979-3TmqINk4qiLGbq0k0jizd95up3bGP6t12Twy2EZh; KRTBCOOKIE_336=5844-987620221106058175; SPugT=1632575565; pp=156498; PMDTSHR=cat:
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=19640
expires
Sat, 25 Sep 2021 18:40:07 GMT
date
Sat, 25 Sep 2021 13:12:47 GMT
vary
Accept-Encoding
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 5AC6 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1632575567762
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 13:12:47 GMT
Last-Modified
Thu, 23 Sep 2021 12:45:27 GMT
ETag
"1632401127"
X-HW
1632575567.dop148.fr8.t,1632575567.cds276.fr8.shn,1632575567.cds276.fr8.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
/
c1.adform.net/serving/cookie/match/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=1f2f4917044a5f2f28572734ffc1875&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l1a40_7011858672808634824
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=MWYyZjQ5MTcwNDRhNWYyZjI4NTcyNzM0ZmZjMTg3NQ==&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEB5NnQSPhuMzLf0g_qCab0w&google_cver=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=8927850195643254724
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/1f2f4917044a5f2f28572734ffc1875&gdpr=0&gdpr_consent=?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-Ekj8DkVE2oOcvoZH.504NGvWLKYZe4svXuunwIy8~A
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=ba1c614f-204d-4600-9bd5-42180ca7e8a4&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AADQPk7CnkEAADGw8FYMKw&gdpr=0
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YU8gUAAEQinUIAA6&gdpr=0
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=pLHl0XgY1Mu7u05&gdpr=0
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0
0
0
/
ads.stickyadstv.com/additional-scripts/ Frame 5AC6 		301 B
846 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fask.fm%2Faltopeanut514
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:47 GMT
Server
nginx
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1632575567769042-577
Expires
Sat, 25 Sep 2021 13:12:47 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 5AC6 		67 B
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&schain=1.0%2C1!vidoomy.com%2C54345%2C1%2C9060699902225618525224100008%2C%2C&vav=8b241d9cb9a9c9caaf4d5cbf14cb097f&vaviv=bc55bc64e229744fcaf4d6575e6a1682&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.0.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fask.fm%2Faltopeanut514&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:47 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1632575567705055-379
Expires
Sat, 25 Sep 2021 13:12:47 GMT
48953915
mc.yandex.com/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=2&wv-hit=795551383&page-url=https%3A%2F%2Fask.fm%2Faltopeanut514&rn=432608552&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1632575568%3Aw%3A1600x1200%3Av%3A660%3Az%3A0%3Ai%3A20210925131247%3Au%3A1632575563880604643%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1632575568
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:47 GMT
last-modified
Sat, 25-Sep-2021 13:12:47 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 25-Sep-2021 13:12:47 GMT
1
serving.stat-rock.com/v1/log/js/ 		35 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1632575567433.3223&type=OPPORTUNITY&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Faltopeanut514&t=571&v=96&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.522355531254431
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.217.114.174 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap10.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 25 Sep 2021 13:12:47 GMT
srvf
95.217.114.174
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
1
serving.stat-rock.com/v1/log/js/ 		35 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?d=1&id=1632575567433.3223&type=OPPORTUNITY&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Faltopeanut514&t=571&v=96&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.9601793397803422
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.217.114.174 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap10.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 25 Sep 2021 13:12:47 GMT
srvf
95.217.114.174
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MWYyZjQ5MTcwNDRhNWYyZjI4NTcyNzM0ZmZjMTg3NQ==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MWYyZjQ5MTcwNDRhNWYyZjI4NTcyNzM0ZmZjMTg3NQ==&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:47 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MWYyZjQ5MTcwNDRhNWYyZjI4NTcyNzM0ZmZjMTg3NQ==&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1632575567769068-577
Expires
Sat, 25 Sep 2021 13:12:47 GMT
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=1f2f4917044a5f2f28572734ffc1875&ex=freewheel.tv&gdpr=0&gdpr_consent=
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=1f2f4917044a5f2f28572734ffc1875&ex=freewheel.tv&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
RBHJRRBH14CNN5NJV1S7
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:47 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=1f2f4917044a5f2f28572734ffc1875&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1632575567728077-575
Expires
Sat, 25 Sep 2021 13:12:47 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 31BF 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=92754349&p=156498&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
7eaac54d73762c2abae7d0bc38738444aa75b28aa57bfb923882a9fba7f73f4c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:46 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
getuid
secure.adnxs.com/ Frame 89E4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
YU8gT-8YpUffu51V2cqPtAAABHEAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 89E4 		43 B
923 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YU8gT-8YpUffu51V2cqPtAAABHEAAAIB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:48 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 89E4
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7252582830213713426
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7252582830213713426
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 25 Sep 2021 13:12:47 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7252582830213713426
pragma
no-cache
date
Sat, 25 Sep 2021 13:12:47 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 89E4
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=ba1c614f-204d-4600-9bd5-42180ca7e8a4&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=ba1c614f-204d-4600-9bd5-42180ca7e8a4&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 25 Sep 2021 13:12:47 GMT

Redirect headers

Date
Sat, 25 Sep 2021 13:12:47 GMT
Server
MT3 3984 0e3af3b master cdg-pixel-x24 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=ba1c614f-204d-4600-9bd5-42180ca7e8a4&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 25 Sep 2021 13:12:46 GMT
crum
dsum-sec.casalemedia.com/ Frame 89E4
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YU8gT.8YpUffu51V2cqPtAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENv6bS-zEYs8_ronTLUPGYA&google_cver=1&gdpr=1&google_hm=2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENv6bS-zEYs8_ronTLUPGYA&google_cver=1&gdpr=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 25 Sep 2021 13:12:47 GMT

Redirect headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENv6bS-zEYs8_ronTLUPGYA&google_cver=1&gdpr=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 89E4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YU8gT-8YpUffu51V2cqPtAAABHEAAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENINJpqBZL7wKxdMX6i6mXc&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENINJpqBZL7wKxdMX6i6mXc&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 25 Sep 2021 13:12:47 GMT

Redirect headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENINJpqBZL7wKxdMX6i6mXc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 89E4
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06c0220402c21fe50e1f718a&expiration=[EXPIRATION]&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06c0220402c21fe50e1f718a&expiration=[EXPIRATION]&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 25 Sep 2021 13:12:48 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06c0220402c21fe50e1f718a&expiration=[EXPIRATION]&gdpr=1
Date
Sat, 25 Sep 2021 13:12:47 GMT
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Content-Length
0
Vary
Origin
dcm
s.amazon-adsystem.com/ Frame 89E4
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YU8gT-8YpUffu51V2cqPtAAABHEAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YU8gT-8YpUffu51V2cqPtAAABHEAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YU8gT-8YpUffu51V2cqPtAAABHEAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
X97HK8EVTQ1M8VJW5R09
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
1E06ZE508DGDY6HEEB8H
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YU8gT-8YpUffu51V2cqPtAAABHEAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
setuid
sync.quantumdex.io/ Frame 89E4 		43 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YU8gT-8YpUffu51V2cqPtAAABHEAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
694481935f9f4e56-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
match
ads.betweendigital.com/ Frame 6A96
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=6cb7c9dc-c4fa-434e-886d-1c7105398e76
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=6cb7c9dc-c4fa-434e-886d-1c7105398e76
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=09d26556-4df1-4bd8-aaa3-da49efd83a80&ssp=between&expires=30&user_group=5&bsw_param=6cb7c9dc-c4fa-434e-886d-1c7105398e76
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=6cb7c9dc-c4fa-434e-886d-1c7105398e76
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=6cb7c9dc-c4fa-434e-886d-1c7105398e76
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=6cb7c9dc-c4fa-434e-886d-1c7105398e76
date
Sat, 25 Sep 2021 13:12:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame E60C
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7011858668534036631
42 B
211 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7011858668534036631
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7011858668534036631
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A; KRTBCOOKIE_377=6810-2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9&KRTB&22918-2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9&KRTB&23031-2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7&KRTB&16736-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7&KRTB&23019-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7&KRTB&23114-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7; KRTBCOOKIE_391=22924-3196635862961852579&KRTB&23263-3196635862961852579; KRTBCOOKIE_57=22776-4052348112198880942; KRTBCOOKIE_80=22987-CAESEAMN9GLynvTCPFX3wlg9Stk&KRTB&16514-CAESEAMN9GLynvTCPFX3wlg9Stk&KRTB&23025-CAESEAMN9GLynvTCPFX3wlg9Stk; KRTBCOOKIE_153=19420-3TmqINk4qiLGbq0k0jizd95up3bGP6t12Twy2EZh&KRTB&22979-3TmqINk4qiLGbq0k0jizd95up3bGP6t12Twy2EZh; KRTBCOOKIE_336=5844-987620221106058175; pp=156498; PMDTSHR=cat:; chkChromeAb67Sec=2; DPSync3=1632614400%3A174%7C1633737600%3A201_197_219_221_226_227_235; SyncRTB3=1633132800%3A15_223_2%7C1633824000%3A35%7C1633392000%3A63%7C1633737600%3A13_8_220_55_21_54_7_3_81_56_161_71_22_166%7C1635120000%3A203; SPugT=1632575567; KRTBCOOKIE_22=14911-7252582830213713426; PugT=1632575567
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 25 Sep 2021 13:12:47 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_1101=23040-7011858668534036631; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 25-Oct-2021 13:12:47 GMT; path=/ PugT=1632575567; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 25-Oct-2021 13:12:47 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 24-Dec-2021 13:12:47 GMT; path=/
x-lat
lhrpug014:0:476
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Sat, 25 Sep 2021 13:12:47 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=7011858668534036631; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7011858668534036631
adx
match.prod.bidr.io/cookie-sync/ Frame 18E7
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEUVBrN0Nua0VBQURHdzhGWU1Ldw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
43 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.6.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-6-213.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Host
match.prod.bidr.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Cookie
bito=AADQPk7CnkEAADGw8FYMKw; bitoIsSecure=ok
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache, must-revalidate
content-type
image/gif
Date
Sat, 25 Sep 2021 13:12:48 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
43
Connection
keep-alive

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date
Sat, 25 Sep 2021 13:12:47 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
355
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
setuid
sync.quantumdex.io/ Frame E45F 		43 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/setuid?bidder=pubmatic&uid=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
uid=c990a07e-7621-452b-bf46-088b1ee35109
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Sat, 25 Sep 2021 13:12:48 GMT
content-type
image/gif
content-length
43
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
694481939fec4e56-FRA
Artemis
aud.pubmatic.com/AdServer/ Frame 31BF
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A&addseg=19,36,42
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A&addseg=19,36,42
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.229 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:48 GMT
content-length
43
content-type
text/plain; charset=utf-8

Redirect headers

date
Sat, 25 Sep 2021 13:12:48 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A&addseg=19,36,42
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame 31BF
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:46 GMT
frontend-id
8
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:46 GMT
frontend-id
6
location
/pubmatic/1/info2?sType=sync&sExtCookieId=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 31BF 		95 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:47 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
69448193ceea5c9e-FRA
access-control-allow-headers
*
content-length
95
p
a.audrte.com/ Frame 31BF
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A
  • https://a.audrte.com/p
68 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.192.53 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 13:12:48 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sat, 25 Sep 2021 13:12:48 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
SPug
image4.pubmatic.com/AdServer/ Frame 31BF
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-lKcw_PdE2uWmuUvONxP23y_0l057m0k-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-lKcw_PdE2uWmuUvONxP23y_0l057m0k-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:47 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 25 Sep 2021 13:12:47 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-lKcw_PdE2uWmuUvONxP23y_0l057m0k-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 31BF 		43 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:48 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 31BF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=a3b0047c-0d58-4994-b664-453f6a94e715&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=6cb7c9dc-c4fa-434e-886d-1c7105398e76&gdpr=&gdpr_consent=&gdpr_pd=
1 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=6cb7c9dc-c4fa-434e-886d-1c7105398e76&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:48 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug019:0:421
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=6cb7c9dc-c4fa-434e-886d-1c7105398e76&gdpr=&gdpr_consent=&gdpr_pd=
date
Sat, 25 Sep 2021 13:12:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 31BF 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:47 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 31BF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YU8gUAAEQinUIAA6&gdpr=0&gdpr_consent=&_test=YU8gUAAEQinUIAA6
1 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YU8gUAAEQinUIAA6&gdpr=0&gdpr_consent=&_test=YU8gUAAEQinUIAA6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:48 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug006:0:410
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:48 GMT
via
1.1 varnish
server
Varnish
x-timer
S1632575568.107404,VS0,VE0
x-served-by
cache-fra19123-FRA
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YU8gUAAEQinUIAA6&gdpr=0&gdpr_consent=&_test=YU8gUAAEQinUIAA6
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame 31BF
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7252582830213713426&gdpr=0&gdpr_consent=&us_privacy=
1 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7252582830213713426&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:47 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug009:0:581
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7252582830213713426&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 25 Sep 2021 13:12:47 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
image2.pubmatic.com/AdServer/ Frame 31BF
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:47 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug002:0:448
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:47 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 31BF
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:aba65aae-bf6c-4a1d-9971-58e18dbcffc4&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:aba65aae-bf6c-4a1d-9971-58e18dbcffc4&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:48 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug004:0:423
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:aba65aae-bf6c-4a1d-9971-58e18dbcffc4&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sat, 25 Sep 2021 13:12:48 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame A42D 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C16697977432225618525224100008%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:47 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
showad.js
ads.pubmatic.com/AdServer/js/ Frame DF5E 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C16697977432225618525224100008%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A; KRTBCOOKIE_377=6810-2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9&KRTB&22918-2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9&KRTB&23031-2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7&KRTB&16736-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7&KRTB&23019-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7&KRTB&23114-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7; KRTBCOOKIE_391=22924-3196635862961852579&KRTB&23263-3196635862961852579; KRTBCOOKIE_57=22776-4052348112198880942; KRTBCOOKIE_80=22987-CAESEAMN9GLynvTCPFX3wlg9Stk&KRTB&16514-CAESEAMN9GLynvTCPFX3wlg9Stk&KRTB&23025-CAESEAMN9GLynvTCPFX3wlg9Stk; KRTBCOOKIE_153=19420-3TmqINk4qiLGbq0k0jizd95up3bGP6t12Twy2EZh&KRTB&22979-3TmqINk4qiLGbq0k0jizd95up3bGP6t12Twy2EZh; KRTBCOOKIE_336=5844-987620221106058175; pp=156498; PMDTSHR=cat:; KCCH=YES; chkChromeAb67Sec=2; DPSync3=1632614400%3A174%7C1633737600%3A201_197_219_221_226_227_235; SyncRTB3=1633132800%3A15_223_2%7C1633824000%3A35%7C1633392000%3A63%7C1633737600%3A13_8_220_55_21_54_7_3_81_56_161_71_22_166%7C1635120000%3A203; SPugT=1632575567; KRTBCOOKIE_22=14911-7252582830213713426; PugT=1632575567; KRTBCOOKIE_188=3189-no-consent
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=97440
expires
Sun, 26 Sep 2021 16:16:47 GMT
date
Sat, 25 Sep 2021 13:12:47 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame A42D 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C16697977432225618525224100008%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:47 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:07:52 GMT
server
Apache/2.2.15 (CentOS)
etag
"13006b6-974e-5c4c7cb53d8cb"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=97440
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13946
expires
Sun, 26 Sep 2021 16:16:47 GMT
t
t.lkqd.net/ Frame 9CFD 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 25 Sep 2021 13:12:48 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
42d751cbed1f82cd
an.yandex.ru/setud/adsniper/ Frame 6A96
Redirect Chain
  • https://sync.bumlam.com/?src=aid0
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=47575062-1e02-11ec-86e0-002590c0647c
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=47575062-1e02-11ec-86e0-002590c0647c&bounce=1
  • https://sync.bumlam.com/?src=aid1&uid=y2C%2F4NxE66jf%2FOS0ZjvYpQ&
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=y2C/4NxE66jf/OS0ZjvYpQ&extra2=aidata
  • https://sync3.sniperlog.ru/?src=ggl&extra1=y2C/4NxE66jf/OS0ZjvYpQ&extra2=aidata&google_gid=CAESEJGrXzE6KeSmH57mgudfTPI&google_cver=1
  • https://sync.bumlam.com/?src=ggl&extra1=y2C/4NxE66jf/OS0ZjvYpQ&extra2=aidata&google_gid=CAESEJGrXzE6KeSmH57mgudfTPI&google_cver=1
  • https://an.yandex.ru/setud/adsniper/42d751cbed1f82cd?sign=3661354027
  • https://an.yandex.ru/setud/adsniper/42d751cbed1f82cd?redir-setuniq=1&sign=3661354027
43 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/setud/adsniper/42d751cbed1f82cd?redir-setuniq=1&sign=3661354027
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:48 GMT
content-encoding
gzip
last-modified
Sat, 25 Sep 2021 13:12:48 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=windows-1251
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 25 Sep 2021 13:12:48 GMT

Redirect headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:48 GMT
content-encoding
gzip
last-modified
Sat, 25 Sep 2021 13:12:48 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://an.yandex.ru/setud/adsniper/42d751cbed1f82cd?redir-setuniq=1&sign=3661354027
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 25 Sep 2021 13:12:48 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 25 Sep 2021 13:12:48 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
AdServerServlet
vid.pubmatic.com/AdServer/ Frame A42D 		27 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C16697977432225618525224100008%2C%2C&us_privacy=&cb=1632575567971&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fask.fm%252Faltopeanut514&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fask.fm%252Faltopeanut514&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-9-25%2013:12:48&ranreq=0.8579185851281435&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C16697977432225618525224100008%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:48 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://ask.fm
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 25 Sep 2021 13:12:48 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame 9CFD 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 25 Sep 2021 13:12:48 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
track
aktrack.pubmatic.com/ Frame A42D 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1632575569&wa=0&e=95&vc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:48 GMT
content-length
0
content-type
text/html
async_usersync
ib.adnxs.com/ Frame A991 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:48 GMT
X-Proxy-Origin
91.199.118.76; 91.199.118.76; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
636e21ee-2a8a-482d-9eb0-1233e66c3d3f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 06BF 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:48 GMT
X-Proxy-Origin
91.199.118.76; 91.199.118.76; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
00bc08e4-aabf-4571-8109-d7f58b932872
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 5880
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=1c5515e0-a932-510c-8278-6f2ce3374f60&CACHEBUSTER=341115
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://cache.betweendigital.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 25 Sep 2021 13:12:48 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Date
Sat, 25 Sep 2021 13:12:48 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
usync.js
eus.rubiconproject.com/ Frame 5880 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0d6e6632c1c470267effb425ec149b9354d6d6a7da858f8be7d927045eb02605

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 13:12:48 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Sep 2021 16:02:32 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=58318
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9354
Expires
Sun, 26 Sep 2021 05:24:46 GMT
khaos.jpg
token.rubiconproject.com/ Frame 5880 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/jpg
341115
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 6A96
Redirect Chain
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/341115
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/341115
43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/341115
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:6d0:4001::226 -, , ASN (),
Reverse DNS
Software
ms-counter-3.2.12/1.20.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:49 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
ms-counter-3.2.12/1.20.1
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:49 GMT
server
ms-counter-3.2.12/1.20.1
strict-transport-security
max-age=2678400
content-type
image/gif
location
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/341115
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
ad
v.lkqd.net/ Frame 7F61 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=83760937&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.143 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
13f351236eb5f443736b5b6fa5ce23460e0a12d82722840fea865c90fb0ca947

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:49 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1356
1011
jadserve.postrelease.com/suid/ Frame 6A96
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=1c5515e0-a932-510c-8278-6f2ce3374f60&expires=60
  • https://jadserve.postrelease.com/suid/1011?vk=6cb7c9dc-c4fa-434e-886d-1c7105398e76
43 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/1011?vk=6cb7c9dc-c4fa-434e-886d-1c7105398e76
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.216.1 -, , ASN (),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:49 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT

Redirect headers

location
//jadserve.postrelease.com/suid/1011?vk=6cb7c9dc-c4fa-434e-886d-1c7105398e76
date
Sat, 25 Sep 2021 13:12:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vpaid.js
ad.lkqd.net/vpaid/ Frame 9E4E 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:49 GMT
content-encoding
gzip
last-modified
Mon, 10 May 2021 16:09:54 GMT
etag
"18431b5d583ab7507824ab63424fc76a"
x-hw
1632575569.cds167.fr8.hn,1632575569.cds107.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62012
usync.html
ad.lkqd.net/cookie-sync/ Frame E057 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 25 Sep 2021 13:12:49 GMT
content-encoding
gzip
content-length
1868
content-type
text/html
last-modified
Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges
bytes
etag
"81f08e6987a7c8675462207e3514d72e"
cache-control
public, max-age=1209600
x-hw
1632575569.cds167.fr8.hn,1632575569.cds226.fr8.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=83760937&m=&rtv=1&thost=ask.fm
Protocol
H2
Server
146.20.132.143 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 25 Sep 2021 13:12:49 GMT
content-length
0
access-control-allow-origin
https://ask.fm
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
ad
v.lkqd.net/ Frame 9E4E 		78 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=83760937&m=&rtv=1&thost=ask.fm
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.143 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
c49180dd4513722816e22e64008fa55999b34dce5eea9c0f6ec1a68544fb240e

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 25 Sep 2021 13:12:50 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
4976
cs
cs.lkqd.net/ Frame E057 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:49 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame E057 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:49 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame E057 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:49 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame E057 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:49 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame E057
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7252582830213713426
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7252582830213713426
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:49 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7252582830213713426
pragma
no-cache
date
Sat, 25 Sep 2021 13:12:49 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
t
t.lkqd.net/ Frame 1D70 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 25 Sep 2021 13:12:49 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 25 Sep 2021 13:12:49 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
/
onetag-sys.com/usync/ Frame 3AD4 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5d1628750185ace
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=1c5515e0-a932-510c-8278-6f2ce3374f60&CACHEBUSTER=341115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=5d1628750185ace
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cache.betweendigital.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
1c5515e0-a932-510c-8278-6f2ce3374f60
an.yandex.ru/mapuid/betweendigitalis/ Frame 6A96
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F1c5515e0-a932-510c-8278-6f2ce3374f60
  • https://an.yandex.ru/mapuid/betweendigitalis/1c5515e0-a932-510c-8278-6f2ce3374f60
43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/betweendigitalis/1c5515e0-a932-510c-8278-6f2ce3374f60
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:49 GMT
content-encoding
gzip
last-modified
Sat, 25 Sep 2021 13:12:49 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 25 Sep 2021 13:12:49 GMT

Redirect headers

location
https://an.yandex.ru/mapuid/betweendigitalis/1c5515e0-a932-510c-8278-6f2ce3374f60
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
sync
t.adx.opera.com/ Frame 6A96 		0
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60079&uid=1c5515e0-a932-510c-8278-6f2ce3374f60
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 -, , ASN (),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:49 GMT
server
Tengine
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
48953915
mc.yandex.com/webvisor/ 		43 B
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=3&wv-hit=795551383&page-url=https%3A%2F%2Fask.fm%2Faltopeanut514&rn=262059303&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1632575570%3Aw%3A1600x1200%3Av%3A660%3Az%3A0%3Ai%3A20210925131249%3Au%3A1632575563880604643%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1632575570
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:49 GMT
last-modified
Sat, 25-Sep-2021 13:12:49 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 25-Sep-2021 13:12:49 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 31BF 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156498&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:49 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
adx.adform.net/adx/ 		65 B
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fask.fm%2Faltopeanut514
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:50 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1871060359&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&...
  • https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1871060359&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&pi.h...
249 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1871060359&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=dc36caca-38e7-4351-a00b-62688eb854f9&a.is_yahoo=3&redirect_y=dHM9MTYzMjU3NTU3MDIwMS4yMDcyNzU6YXBpZD1VUDQ3NDY3NDEwLTFlMDItMTFlYy05ZTA5LTAyNjAyNmJiMjk3YTpyZXF1ZXN0X2lkPWRjMzZjYWNhLTM4ZTctNDM1MS1hMDBiLTYyNjg4ZWI4NTRmOQ==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.33.143 -, , ASN (),
Reverse DNS
Software
ATS/7.1.2.138 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:50 GMT
content-encoding
gzip
server
ATS/7.1.2.138
Age
0
content-type
text/xml
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0

Redirect headers

strict-transport-security
max-age=31536000
server
adaptv/1.0
access-control-allow-origin
https://ask.fm
content-type
text/plain
location
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1871060359&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=dc36caca-38e7-4351-a00b-62688eb854f9&a.is_yahoo=3&redirect_y=dHM9MTYzMjU3NTU3MDIwMS4yMDcyNzU6YXBpZD1VUDQ3NDY3NDEwLTFlMDItMTFlYy05ZTA5LTAyNjAyNmJiMjk3YTpyZXF1ZXN0X2lkPWRjMzZjYWNhLTM4ZTctNDM1MS1hMDBiLTYyNjg4ZWI4NTRmOQ==
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
0
/
adx.adform.net/adx/ 		65 B
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&url=https%3A%2F%2Fask.fm%2Faltopeanut514&t=2
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:50 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=1370586794&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&...
  • https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=1370586794&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&pi.h...
249 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=1370586794&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=f6a6ea35-56bc-4ceb-bf5a-566801b9e682&a.is_yahoo=3&redirect_y=dHM9MTYzMjU3NTU3MDIxMi40ODM4ODc6YXBpZD1VUDQ3NDY3NDEwLTFlMDItMTFlYy05ZTA5LTAyNjAyNmJiMjk3YTpyZXF1ZXN0X2lkPWY2YTZlYTM1LTU2YmMtNGNlYi1iZjVhLTU2NjgwMWI5ZTY4Mg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.33.143 -, , ASN (),
Reverse DNS
Software
ATS/7.1.2.138 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:50 GMT
content-encoding
gzip
server
ATS/7.1.2.138
Age
0
content-type
text/xml
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0

Redirect headers

strict-transport-security
max-age=31536000
server
adaptv/1.0
access-control-allow-origin
https://ask.fm
content-type
text/plain
location
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=1370586794&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=f6a6ea35-56bc-4ceb-bf5a-566801b9e682&a.is_yahoo=3&redirect_y=dHM9MTYzMjU3NTU3MDIxMi40ODM4ODc6YXBpZD1VUDQ3NDY3NDEwLTFlMDItMTFlYy05ZTA5LTAyNjAyNmJiMjk3YTpyZXF1ZXN0X2lkPWY2YTZlYTM1LTU2YmMtNGNlYi1iZjVhLTU2NjgwMWI5ZTY4Mg==
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
0
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C4518440872599379733114913390,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
fb1a05bfb600c2fdb8e9c607fceac93b27cb4bad0bc9fdce329c85015ea63771

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:50 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1156
x-sticky-vk
1632575570044098-353
Expires
Sat, 25 Sep 2021 13:12:50 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=0&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C2599379733114913390805587397%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
95e7cdf926f95f951c9a69cddc9580b4f04d2723c1d4955b6feb60171d1d3f9f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:50 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1190
x-sticky-vk
1632575570143038-408
Expires
Sat, 25 Sep 2021 13:12:50 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=0&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C2599379733114913390508740458%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a4e2bf2da0da000436ea0e355dfd3a4c2e8da9195db519512fe8c6dc312033e2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:50 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1190
x-sticky-vk
1632575570085065-545
Expires
Sat, 25 Sep 2021 13:12:50 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C11281232542599379733114913390,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
cb5f6cd5f76e896701dee7fafda790aba483b7f9807c6b1fadadf6fee2429357

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:50 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1158
x-sticky-vk
1632575570156045-581
Expires
Sat, 25 Sep 2021 13:12:50 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		993 B
862 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C15324362492599379733114913390%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
6ebbbdec0dd6bbb6788f0c94a09553e234b389bb97ac8814c40b3c5bb1a7499b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:50 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
611
expires
Sat, 25 Sep 2021 13:12:50 GMT
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=651651275&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&p...
  • https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=651651275&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&pi.he...
249 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=651651275&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=756177a2-be92-499e-b1dd-3f01e09a14d9&a.is_yahoo=3&redirect_y=dHM9MTYzMjU3NTU3MDIwOS41ODkzNTU6YXBpZD1VUDQ3NDY3NDEwLTFlMDItMTFlYy05ZTA5LTAyNjAyNmJiMjk3YTpyZXF1ZXN0X2lkPTc1NjE3N2EyLWJlOTItNDk5ZS1iMWRkLTNmMDFlMDlhMTRkOQ==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.33.143 -, , ASN (),
Reverse DNS
Software
ATS/7.1.2.138 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:50 GMT
content-encoding
gzip
server
ATS/7.1.2.138
Age
0
content-type
text/xml
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0

Redirect headers

strict-transport-security
max-age=31536000
server
adaptv/1.0
access-control-allow-origin
https://ask.fm
content-type
text/plain
location
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=651651275&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=756177a2-be92-499e-b1dd-3f01e09a14d9&a.is_yahoo=3&redirect_y=dHM9MTYzMjU3NTU3MDIwOS41ODkzNTU6YXBpZD1VUDQ3NDY3NDEwLTFlMDItMTFlYy05ZTA5LTAyNjAyNmJiMjk3YTpyZXF1ZXN0X2lkPTc1NjE3N2EyLWJlOTItNDk5ZS1iMWRkLTNmMDFlMDlhMTRkOQ==
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
0
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 25 Sep 2021 13:12:50 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 25 Sep 2021 13:12:50 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame 1D70 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 25 Sep 2021 13:12:50 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 1D70 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 25 Sep 2021 13:12:50 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
ad
v.lkqd.net/ Frame 7F61 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=4489855&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.143 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a2a99b63ce445487b07d30f5aafc926e52180947cd156027c3e98cd9bad97427

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:51 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1354
vpaid.js
ad.lkqd.net/vpaid/ Frame CC57 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:51 GMT
content-encoding
gzip
last-modified
Mon, 10 May 2021 16:09:54 GMT
etag
"18431b5d583ab7507824ab63424fc76a"
x-hw
1632575571.cds167.fr8.hn,1632575571.cds107.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62012
usync.html
ad.lkqd.net/cookie-sync/ Frame B7B2 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 25 Sep 2021 13:12:51 GMT
content-encoding
gzip
content-length
1868
content-type
text/html
last-modified
Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges
bytes
etag
"81f08e6987a7c8675462207e3514d72e"
cache-control
public, max-age=1209600
x-hw
1632575571.cds167.fr8.hn,1632575571.cds226.fr8.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=4489855&m=&rtv=1&thost=ask.fm
Protocol
H2
Server
146.20.132.143 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 25 Sep 2021 13:12:51 GMT
content-length
0
access-control-allow-origin
https://ask.fm
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
ad
v.lkqd.net/ Frame CC57 		80 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=4489855&m=&rtv=1&thost=ask.fm
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.143 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
7fef164b42aecb550a407034cf9da06181795d563ec381c01153dc743bbb35a6

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 25 Sep 2021 13:12:52 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
6002
cs
cs.lkqd.net/ Frame B7B2 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:51 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame B7B2 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:51 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame B7B2 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:51 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame B7B2 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:51 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame B7B2
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7252582830213713426
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7252582830213713426
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:51 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7252582830213713426
pragma
no-cache
date
Sat, 25 Sep 2021 13:12:51 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
t
t.lkqd.net/ Frame 0D10 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 25 Sep 2021 13:12:51 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 25 Sep 2021 13:12:51 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
48953915
mc.yandex.com/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=4&wv-hit=795551383&page-url=https%3A%2F%2Fask.fm%2Faltopeanut514&rn=476613341&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1632575572%3Aw%3A1600x1200%3Av%3A660%3Az%3A0%3Ai%3A20210925131251%3Au%3A1632575563880604643%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1632575572
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:51 GMT
last-modified
Sat, 25-Sep-2021 13:12:51 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 25-Sep-2021 13:12:51 GMT
/
adx.adform.net/adx/ 		65 B
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fask.fm%2Faltopeanut514
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:52 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
adx.adform.net/adx/ 		65 B
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&url=https%3A%2F%2Fask.fm%2Faltopeanut514&t=2
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:52 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=1444411495&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&...
  • https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=1444411495&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&pi.h...
249 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=1444411495&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=1c575732-a48e-426c-b02c-98eb7f2424f6&a.is_yahoo=3&redirect_y=dHM9MTYzMjU3NTU3MjIzMi4zMDQxOTk6YXBpZD1VUDQ3NDY3NDEwLTFlMDItMTFlYy05ZTA5LTAyNjAyNmJiMjk3YTptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPTFjNTc1NzMyLWE0OGUtNDI2Yy1iMDJjLTk4ZWI3ZjI0MjRmNg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.33.143 -, , ASN (),
Reverse DNS
Software
ATS/7.1.2.138 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:52 GMT
content-encoding
gzip
server
ATS/7.1.2.138
Age
0
content-type
text/xml
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0

Redirect headers

strict-transport-security
max-age=31536000
server
adaptv/1.0
access-control-allow-origin
https://ask.fm
content-type
text/plain
location
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=1444411495&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=1c575732-a48e-426c-b02c-98eb7f2424f6&a.is_yahoo=3&redirect_y=dHM9MTYzMjU3NTU3MjIzMi4zMDQxOTk6YXBpZD1VUDQ3NDY3NDEwLTFlMDItMTFlYy05ZTA5LTAyNjAyNmJiMjk3YTptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPTFjNTc1NzMyLWE0OGUtNDI2Yy1iMDJjLTk4ZWI3ZjI0MjRmNg==
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
0
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C2146352887242497849004195953,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d94086f66bff1b88f20ab11646cc44d6c85e20d701c44ebb1da3f340227ac694

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:52 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1156
x-sticky-vk
1632575572152041-530
Expires
Sat, 25 Sep 2021 13:12:52 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		992 B
861 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C9966824327242497849004195953%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
b6bdf5541c4de4f4aebb17419bc7fc9bd406b1785729f912bd4b5138f0ef9803

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:52 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
610
expires
Sat, 25 Sep 2021 13:12:52 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C11393421547242497849004195953,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c0c98b6e944165a7d7541eb7a6aee5e3ccfa60afd9a20ccccd63b00832c9ee33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:52 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1158
x-sticky-vk
1632575572212029-375
Expires
Sat, 25 Sep 2021 13:12:52 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=0&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C72424978490041959531689721365%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
49cd4f02b93e35a05cd40e73e37f9a9b48e35b67c983f4b2fc737eaa46f18617

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:52 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1192
x-sticky-vk
1632575572045090-542
Expires
Sat, 25 Sep 2021 13:12:52 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=0&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C7242497849004195953588164706%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
32e9e6a1294468cc9af289c7c429fe80926e23c3074012d07bb424cf135aa11b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:52 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1190
x-sticky-vk
1632575572159044-356
Expires
Sat, 25 Sep 2021 13:12:52 GMT
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1894255927&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&...
  • https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1894255927&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&pi.h...
249 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1894255927&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=4ca06f7c-ffe0-4866-abf0-5ebfad532a2f&a.is_yahoo=3&redirect_y=dHM9MTYzMjU3NTU3MjI0NS45Nzg1MTY6YXBpZD1VUDQ3NDY3NDEwLTFlMDItMTFlYy05ZTA5LTAyNjAyNmJiMjk3YTptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPTRjYTA2ZjdjLWZmZTAtNDg2Ni1hYmYwLTVlYmZhZDUzMmEyZg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.33.143 -, , ASN (),
Reverse DNS
Software
ATS/7.1.2.138 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:52 GMT
content-encoding
gzip
server
ATS/7.1.2.138
Age
0
content-type
text/xml
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0

Redirect headers

strict-transport-security
max-age=31536000
server
adaptv/1.0
access-control-allow-origin
https://ask.fm
content-type
text/plain
location
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1894255927&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=4ca06f7c-ffe0-4866-abf0-5ebfad532a2f&a.is_yahoo=3&redirect_y=dHM9MTYzMjU3NTU3MjI0NS45Nzg1MTY6YXBpZD1VUDQ3NDY3NDEwLTFlMDItMTFlYy05ZTA5LTAyNjAyNmJiMjk3YTptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPTRjYTA2ZjdjLWZmZTAtNDg2Ni1hYmYwLTVlYmZhZDUzMmEyZg==
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
0
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 25 Sep 2021 13:12:52 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame 0D10 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 25 Sep 2021 13:12:52 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
truncated
/ Frame CC57 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
vpaid_68c68ea6.js
vpaid.springserve.com/production/ Frame 0414 		491 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:c200:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a54b6501010a2a11a342b7f1459a10336ce2b96a98c523c015de676203f1e282

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:36:21 GMT
content-encoding
br
last-modified
Wed, 22 Sep 2021 17:34:44 GMT
server
AmazonS3
age
243392
etag
W/"c41b3f31e617ac05abbd6b79785bd64a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
5EfR1scjMDm_jNZHGyQkpidAjSKqBwy2ky48qWsvXK0xsbPKc1firQ==
openrtb
ads.adaptv.advertising.com/rtb/ Frame 0414 		0
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.211.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-211-246.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ask.fm
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ Frame 0414 		19 B
843 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:52 GMT
X-Proxy-Origin
91.199.118.76; 91.199.118.76; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
aee3a01b-338d-4e25-a5a5-d2afd42ac3c6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
t
t.lkqd.net/ Frame 0D10 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 25 Sep 2021 13:12:52 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 25 Sep 2021 13:12:52 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 0414 		963 B
843 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&schain=1.0,1!vidoomy.com,54345,1,1632575571728,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
a1e61e25a8d3c73dc3a12335b46289e342350862e3bd84102ae4634fe36b6809

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:52 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
591
expires
Sat, 25 Sep 2021 13:12:52 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 671A 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&schain=1.0,1!vidoomy.com,54345,1,1632575571728,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:52 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
showad.js
ads.pubmatic.com/AdServer/js/ Frame D463 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&schain=1.0,1!vidoomy.com,54345,1,1632575571728,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A; KRTBCOOKIE_377=6810-2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9&KRTB&22918-2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9&KRTB&23031-2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7&KRTB&16736-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7&KRTB&23019-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7&KRTB&23114-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7; KRTBCOOKIE_391=22924-3196635862961852579&KRTB&23263-3196635862961852579; KRTBCOOKIE_57=22776-4052348112198880942; KRTBCOOKIE_80=22987-CAESEAMN9GLynvTCPFX3wlg9Stk&KRTB&16514-CAESEAMN9GLynvTCPFX3wlg9Stk&KRTB&23025-CAESEAMN9GLynvTCPFX3wlg9Stk; KRTBCOOKIE_153=19420-3TmqINk4qiLGbq0k0jizd95up3bGP6t12Twy2EZh&KRTB&22979-3TmqINk4qiLGbq0k0jizd95up3bGP6t12Twy2EZh; KRTBCOOKIE_336=5844-987620221106058175; pp=156498; PMDTSHR=cat:; chkChromeAb67Sec=2; DPSync3=1632614400%3A174%7C1633737600%3A201_197_219_221_226_227_235; SyncRTB3=1633132800%3A15_223_2%7C1633824000%3A35%7C1633392000%3A63%7C1633737600%3A13_8_220_55_21_54_7_3_81_56_161_71_22_166%7C1635120000%3A203; KRTBCOOKIE_22=14911-7252582830213713426; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_1101=23040-7011858668534036631; KRTBCOOKIE_218=22978-YU8gUAAEQinUIAA6&KRTB&23194-YU8gUAAEQinUIAA6&KRTB&23209-YU8gUAAEQinUIAA6&KRTB&23244-YU8gUAAEQinUIAA6; PugT=1632575568; KRTBCOOKIE_466=16530-6cb7c9dc-c4fa-434e-886d-1c7105398e76; SPugT=1632575569
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=97434
expires
Sun, 26 Sep 2021 16:16:47 GMT
date
Sat, 25 Sep 2021 13:12:53 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 671A 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&schain=1.0,1!vidoomy.com,54345,1,1632575571728,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:53 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:07:52 GMT
server
Apache/2.2.15 (CentOS)
etag
"13006b6-974e-5c4c7cb53d8cb"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=97434
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13946
expires
Sun, 26 Sep 2021 16:16:47 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame D463 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=42871489&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
3e7b9152d32734b5c103b914373802fb284954be73b0669814be4999a7d52dc0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1646
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame BE6E
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
88 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A; KRTBCOOKIE_377=6810-2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9&KRTB&22918-2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9&KRTB&23031-2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7&KRTB&16736-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7&KRTB&23019-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7&KRTB&23114-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7; KRTBCOOKIE_391=22924-3196635862961852579&KRTB&23263-3196635862961852579; KRTBCOOKIE_57=22776-4052348112198880942; KRTBCOOKIE_80=22987-CAESEAMN9GLynvTCPFX3wlg9Stk&KRTB&16514-CAESEAMN9GLynvTCPFX3wlg9Stk&KRTB&23025-CAESEAMN9GLynvTCPFX3wlg9Stk; KRTBCOOKIE_153=19420-3TmqINk4qiLGbq0k0jizd95up3bGP6t12Twy2EZh&KRTB&22979-3TmqINk4qiLGbq0k0jizd95up3bGP6t12Twy2EZh; KRTBCOOKIE_336=5844-987620221106058175; pp=156498; PMDTSHR=cat:; DPSync3=1632614400%3A174%7C1633737600%3A201_197_219_221_226_227_235; KRTBCOOKIE_22=14911-7252582830213713426; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_1101=23040-7011858668534036631; KRTBCOOKIE_218=22978-YU8gUAAEQinUIAA6&KRTB&23194-YU8gUAAEQinUIAA6&KRTB&23209-YU8gUAAEQinUIAA6&KRTB&23244-YU8gUAAEQinUIAA6; PugT=1632575568; KRTBCOOKIE_466=16530-6cb7c9dc-c4fa-434e-886d-1c7105398e76; SPugT=1632575569; chkChromeAb67Sec=3; SyncRTB3=1633737600%3A220_55_3_22_88_81_99_7_161_8_231_230_222_13_166_189_56_165_71_204_234_176_21_54%7C1633132800%3A15_223_2%7C1633824000%3A35%7C1633392000%3A63%7C1635120000%3A203
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 25 Sep 2021 13:12:53 GMT
content-type
text/html; charset=utf-8
x-lat
lhrpug015:2:273
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

set-cookie
viewer_token=bcff7396-6dfb-45db-8595-bf021e4ecbac; path=/; domain=csync.loopme.me; Expires=Mon, 25-Oct-2021 13:12:53 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length
0
date
Sat, 25 Sep 2021 13:12:53 GMT
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame F2EA
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F1508%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=7975788851
  • https://sync.1rx.io/usersync3/centro/1508/no-consent?zcc=0&sspret=1&rndcb=7975788851
  • https://sync.targeting.unrulymedia.com/csync/RX-c91a1d0f-81a0-4258-a831-9ecf1e8e2183-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-c91a1d0f-81a0-4258-a831-9ecf1e8e2183-003
42 B
346 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-c91a1d0f-81a0-4258-a831-9ecf1e8e2183-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-c91a1d0f-81a0-4258-a831-9ecf1e8e2183-003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A; KRTBCOOKIE_377=6810-2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9&KRTB&22918-2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9&KRTB&23031-2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7&KRTB&16736-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7&KRTB&23019-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7&KRTB&23114-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7; KRTBCOOKIE_391=22924-3196635862961852579&KRTB&23263-3196635862961852579; KRTBCOOKIE_57=22776-4052348112198880942; KRTBCOOKIE_80=22987-CAESEAMN9GLynvTCPFX3wlg9Stk&KRTB&16514-CAESEAMN9GLynvTCPFX3wlg9Stk&KRTB&23025-CAESEAMN9GLynvTCPFX3wlg9Stk; KRTBCOOKIE_153=19420-3TmqINk4qiLGbq0k0jizd95up3bGP6t12Twy2EZh&KRTB&22979-3TmqINk4qiLGbq0k0jizd95up3bGP6t12Twy2EZh; KRTBCOOKIE_336=5844-987620221106058175; pp=156498; PMDTSHR=cat:; DPSync3=1632614400%3A174%7C1633737600%3A201_197_219_221_226_227_235; KRTBCOOKIE_22=14911-7252582830213713426; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_1101=23040-7011858668534036631; KRTBCOOKIE_218=22978-YU8gUAAEQinUIAA6&KRTB&23194-YU8gUAAEQinUIAA6&KRTB&23209-YU8gUAAEQinUIAA6&KRTB&23244-YU8gUAAEQinUIAA6; KRTBCOOKIE_466=16530-6cb7c9dc-c4fa-434e-886d-1c7105398e76; SPugT=1632575569; chkChromeAb67Sec=3; SyncRTB3=1633737600%3A220_55_3_22_88_81_99_7_161_8_231_230_222_13_166_189_56_165_71_204_234_176_21_54%7C1633132800%3A15_223_2%7C1633824000%3A35%7C1633392000%3A63%7C1635120000%3A203; KRTBCOOKIE_409=22966-TLYMbhNX8FSGhFoCoYtuXio4; PugT=1632575573
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 25 Sep 2021 13:12:53 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_594=17105-RX-c91a1d0f-81a0-4258-a831-9ecf1e8e2183-003&KRTB&17107-RX-c91a1d0f-81a0-4258-a831-9ecf1e8e2183-003; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 24-Dec-2021 13:12:53 GMT; path=/ PugT=1632575573; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 25-Oct-2021 13:12:53 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 24-Dec-2021 13:12:53 GMT; path=/
x-lat
lhrpug018:0:289
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Sat, 25 Sep 2021 13:12:53 GMT
content-type
text/html
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-c91a1d0f-81a0-4258-a831-9ecf1e8e2183-003%22%7D; path=/; expires=Sun, 25 Sep 2022 13:12:53 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-c91a1d0f-81a0-4258-a831-9ecf1e8e2183-003
etag
RXc91a1d0f81a04258a8319ecf1e8e2183003
dpe
ad4m.at/ad/ Frame 9749 		42 B
974 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Sat, 25 Sep 2021 13:12:53 GMT
content-type
image/gif
content-length
42
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-7b12
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
694481b3eb326937-FRA
bridge
cm.adgrx.com/ Frame BA2A 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.180.197 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Date
Sat, 25 Sep 2021 13:12:53 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-1
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Pug
image2.pubmatic.com/AdServer/ Frame 6E8F
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=TLYMbhNX8FSGhFoCoYtuXio4
42 B
372 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=TLYMbhNX8FSGhFoCoYtuXio4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=TLYMbhNX8FSGhFoCoYtuXio4
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A; KRTBCOOKIE_377=6810-2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9&KRTB&22918-2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9&KRTB&23031-2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7&KRTB&16736-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7&KRTB&23019-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7&KRTB&23114-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7; KRTBCOOKIE_391=22924-3196635862961852579&KRTB&23263-3196635862961852579; KRTBCOOKIE_57=22776-4052348112198880942; KRTBCOOKIE_80=22987-CAESEAMN9GLynvTCPFX3wlg9Stk&KRTB&16514-CAESEAMN9GLynvTCPFX3wlg9Stk&KRTB&23025-CAESEAMN9GLynvTCPFX3wlg9Stk; KRTBCOOKIE_153=19420-3TmqINk4qiLGbq0k0jizd95up3bGP6t12Twy2EZh&KRTB&22979-3TmqINk4qiLGbq0k0jizd95up3bGP6t12Twy2EZh; KRTBCOOKIE_336=5844-987620221106058175; pp=156498; PMDTSHR=cat:; DPSync3=1632614400%3A174%7C1633737600%3A201_197_219_221_226_227_235; KRTBCOOKIE_22=14911-7252582830213713426; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_1101=23040-7011858668534036631; KRTBCOOKIE_218=22978-YU8gUAAEQinUIAA6&KRTB&23194-YU8gUAAEQinUIAA6&KRTB&23209-YU8gUAAEQinUIAA6&KRTB&23244-YU8gUAAEQinUIAA6; PugT=1632575568; KRTBCOOKIE_466=16530-6cb7c9dc-c4fa-434e-886d-1c7105398e76; SPugT=1632575569; chkChromeAb67Sec=3; SyncRTB3=1633737600%3A220_55_3_22_88_81_99_7_161_8_231_230_222_13_166_189_56_165_71_204_234_176_21_54%7C1633132800%3A15_223_2%7C1633824000%3A35%7C1633392000%3A63%7C1635120000%3A203
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 25 Sep 2021 13:12:53 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_409=22966-TLYMbhNX8FSGhFoCoYtuXio4; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 25-Oct-2021 13:12:53 GMT; path=/ PugT=1632575573; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 25-Oct-2021 13:12:53 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 24-Dec-2021 13:12:53 GMT; path=/
x-lat
lhrpug004:0:647
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Sat, 25 Sep 2021 13:12:53 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=TLYMbhNX8FSGhFoCoYtuXio4; Max-Age=31536000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=TLYMbhNX8FSGhFoCoYtuXio4
strict-transport-security
max-age=0; includeSubDomains;
i.match
s.tribalfusion.com/z/ Frame 9CA0
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
421 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
ANON_ID=aanoeUx2eNNSE0UdcqrcNXxsFW1pMYKtMsNRsnWy
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Sat, 25 Sep 2021 13:12:53 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=aOnseFSyZaRGRT8vnQXfQiAiHFxqZawbxAWnFU3Zc0rlxbWtcQNfgR8eBZcjHuRUTGhqcqfffZbWAAh1dFIuF9XOZd; path=/; domain=.tribalfusion.com; expires=Fri, 24-Dec-2021 13:12:53 GMT; SameSite=None; Secure; ANON_ID_old=aOnseFSyZaRGRT8vnQXfQiAiHFxqZawbxAWnFU3Zc0rlxbWtcQNfgR8eBZcjHuRUTGhqcqfffZbWAAh1dFIuF9XOZd; path=/; domain=.tribalfusion.com; expires=Fri, 24-Dec-2021 13:12:53 GMT;
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
694481b52c954a9d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Sat, 25 Sep 2021 13:12:53 GMT
content-type
text/html
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
5467
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=aanoeUx2eNNSE0UdcqrcNXxsFW1pMYKtMsNRsnWy; path=/; domain=.tribalfusion.com; expires=Fri, 24-Dec-2021 13:12:53 GMT; SameSite=None; Secure; ANON_ID_old=aanoeUx2eNNSE0UdcqrcNXxsFW1pMYKtMsNRsnWy; path=/; domain=.tribalfusion.com; expires=Fri, 24-Dec-2021 13:12:53 GMT;
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
694481b3ea4f4a9d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame ADBC
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=5e3bb289-0f6c-4e5b-b35e-a2e97a086cc4-tuct848a5d5&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
147 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=5e3bb289-0f6c-4e5b-b35e-a2e97a086cc4-tuct848a5d5&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=5e3bb289-0f6c-4e5b-b35e-a2e97a086cc4-tuct848a5d5&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
t_gid=5e3bb289-0f6c-4e5b-b35e-a2e97a086cc4-tuct848a5d5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Sat, 25 Sep 2021 13:12:53 GMT
via
1.1 varnish
x-served-by
cache-fra19127-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1632575573.148139,VS0,VE9
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=5e3bb289-0f6c-4e5b-b35e-a2e97a086cc4-tuct848a5d5;Version=1;Path=/;Domain=.taboola.com;Expires=Sun, 25-Sep-2022 13:12:53 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=5e3bb289-0f6c-4e5b-b35e-a2e97a086cc4-tuct848a5d5&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Sat, 25 Sep 2021 13:12:53 GMT
via
1.1 varnish
x-served-by
cache-fra19164-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1632575573.097013,VS0,VE9
x-vcl-time-ms
9
content-length
0
141
match.deepintent.com/usersync/ Frame 4AED 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 -, , ASN (),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.deepintent.com
:scheme
https
:path
/usersync/141?gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Sat, 25 Sep 2021 13:12:53 GMT
server
a
Pug
simage2.pubmatic.com/AdServer/ Frame D463
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8927850195643254724
42 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8927850195643254724
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:53 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug007:0:362
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:53 GMT
X-Proxy-Origin
91.199.118.76; 91.199.118.76; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
c62bee67-e145-48a5-9d27-fbea1852c821
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8927850195643254724
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
d1ba4609
rtb.gumgum.com/getuid/ Frame D463 		35 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.41.69 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:53 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 671A 		27 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&schain=1.0,1!vidoomy.com,54345,1,1632575571728,,&us_privacy=&cb=1632575573008&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fask.fm%252Faltopeanut514&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fask.fm%252Faltopeanut514&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-9-25%2013:12:53&ranreq=0.7103766421694415&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&schain=1.0,1!vidoomy.com,54345,1,1632575571728,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:53 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://ask.fm
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
i
vid-io-cle.springserve.com/vd/ Frame 0414 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=5686b26e&ps_id=487310&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.243.179 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-141-243-179.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 25 Sep 2021 13:12:53 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
track
aktrack.pubmatic.com/ Frame 0414 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1632575572&wa=0&e=96&ier=901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:53 GMT
content-length
0
content-type
text/html
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame AED0 		337 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
473f9af2c2b3673ff53946714c6fa377298cdfd1b440b76f672d54c47653b9ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 13:12:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Sep 2021 12:45:27 GMT
ETag
"1632401127"
X-HW
1632575567.dop109.fr8.t,1632575573.cds041.fr8.shn,1632575573.cds041.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
116229
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame AED0 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1632575573784
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 13:12:53 GMT
Last-Modified
Thu, 23 Sep 2021 12:45:27 GMT
ETag
"1632401127"
X-HW
1632575567.dop148.fr8.t,1632575573.cds276.fr8.shn,1632575573.cds276.fr8.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
sync
x.bidswitch.net/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent=null
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=3196635862961852579
  • https://ad.turn.com/r/cs?pid=34&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=7252582830213713426
  • https://sync.adotmob.com/cookie/stickyads?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=257&userId=06c0220402c21fe50e1f718a&gdpr=0&gdprConsent=
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=6623204&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=4b5c71bf-1e02-11ec-a122-f3fe5a1407a4
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=103&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D721%26userId%3D%7BuserId%7D
  • https://ads.stickyadstv.com/user-registering?dataProviderId=721&userId=no-consent
  • https://7e1d5.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D993%26userId%3d%23%7buser.id%7d
  • https://ads.stickyadstv.com/user-registering?dataProviderId=993&userId=l1a40_7011858672808634824
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D609%26userId%3D%24%7Bssky_uuid%7D
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D609%26userId%3D%24%7Bssky_uuid%7D&_cvt=t
  • https://ads.stickyadstv.com/user-registering?dataProviderId=609&userId=d6.a09d61ea9a2b4445b26cc6ac3bcc1528
  • https://x.bidswitch.net/sync?ssp=stickyads&gdpr=0&gdpr_consent=
  • https://ums.acuityplatform.com/bum?tpid=29&uid=6cb7c9dc-c4fa-434e-886d-1c7105398e76&bidswitch_ssp_id=stickyads
  • https://x.bidswitch.net/sync?dsp_id=236&user_id=609746078224&expires=30&user_group=1&ssp=StickyAds
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=236&user_id=609746078224&expires=30&user_group=1&ssp=StickyAds
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.48.21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-48-21.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

access-control-allow-origin
*
content-length
0
location
https://x.bidswitch.net/sync?dsp_id=236&user_id=609746078224&expires=30&user_group=1&ssp=StickyAds
/
ads.stickyadstv.com/additional-scripts/ Frame AED0 		301 B
846 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fask.fm%2Faltopeanut514
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:53 GMT
Server
nginx
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1632575573727049-511
Expires
Sat, 25 Sep 2021 13:12:53 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame AED0 		67 B
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&schain=1.0%2C1!vidoomy.com%2C54345%2C1%2C2146352887242497849004195953%2C%2C&vav=4726c23753d013efe7f8b873fda8d90d&vaviv=bc55bc64e229744fcaf4d6575e6a1682&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.0.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fask.fm%2Faltopeanut514&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:53 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1632575573752038-349
Expires
Sat, 25 Sep 2021 13:12:53 GMT
t
t.lkqd.net/ Frame 0D10 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 25 Sep 2021 13:12:53 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 25 Sep 2021 13:12:53 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
user-matching
ads.stickyadstv.com/ Frame AED0 		0
0
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=1f2f4917044a5f2f28572734ffc1875&ex=freewheel.tv&gdpr=0&gdpr_consent=
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=1f2f4917044a5f2f28572734ffc1875&ex=freewheel.tv&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:53 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
2Z41W14XNRYAM6FBX71N
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:53 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=1f2f4917044a5f2f28572734ffc1875&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1632575573720065-427
Expires
Sat, 25 Sep 2021 13:12:53 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MWYyZjQ5MTcwNDRhNWYyZjI4NTcyNzM0ZmZjMTg3NQ==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MWYyZjQ5MTcwNDRhNWYyZjI4NTcyNzM0ZmZjMTg3NQ==&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:53 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MWYyZjQ5MTcwNDRhNWYyZjI4NTcyNzM0ZmZjMTg3NQ==&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1632575573687073-531
Expires
Sat, 25 Sep 2021 13:12:53 GMT
48953915
mc.yandex.com/webvisor/ 		43 B
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=5&wv-hit=795551383&page-url=https%3A%2F%2Fask.fm%2Faltopeanut514&rn=438369940&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1632575574%3Aw%3A1600x1200%3Av%3A660%3Az%3A0%3Ai%3A20210925131253%3Au%3A1632575563880604643%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1632575574
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:53 GMT
last-modified
Sat, 25-Sep-2021 13:12:53 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 25-Sep-2021 13:12:53 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame E65C 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C9966824327242497849004195953%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:54 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
t
t.lkqd.net/ Frame 0D10 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 25 Sep 2021 13:12:54 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 25 Sep 2021 13:12:54 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
showad.js
ads.pubmatic.com/AdServer/js/ Frame 73C3 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C9966824327242497849004195953%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A; KRTBCOOKIE_377=6810-2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9&KRTB&22918-2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9&KRTB&23031-2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7&KRTB&16736-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7&KRTB&23019-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7&KRTB&23114-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7; KRTBCOOKIE_391=22924-3196635862961852579&KRTB&23263-3196635862961852579; KRTBCOOKIE_57=22776-4052348112198880942; KRTBCOOKIE_80=22987-CAESEAMN9GLynvTCPFX3wlg9Stk&KRTB&16514-CAESEAMN9GLynvTCPFX3wlg9Stk&KRTB&23025-CAESEAMN9GLynvTCPFX3wlg9Stk; KRTBCOOKIE_153=19420-3TmqINk4qiLGbq0k0jizd95up3bGP6t12Twy2EZh&KRTB&22979-3TmqINk4qiLGbq0k0jizd95up3bGP6t12Twy2EZh; KRTBCOOKIE_336=5844-987620221106058175; pp=156498; PMDTSHR=cat:; DPSync3=1632614400%3A174%7C1633737600%3A201_197_219_221_226_227_235; KRTBCOOKIE_22=14911-7252582830213713426; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_1101=23040-7011858668534036631; KRTBCOOKIE_218=22978-YU8gUAAEQinUIAA6&KRTB&23194-YU8gUAAEQinUIAA6&KRTB&23209-YU8gUAAEQinUIAA6&KRTB&23244-YU8gUAAEQinUIAA6; KRTBCOOKIE_466=16530-6cb7c9dc-c4fa-434e-886d-1c7105398e76; SPugT=1632575569; chkChromeAb67Sec=3; SyncRTB3=1633737600%3A220_55_3_22_88_81_99_7_161_8_231_230_222_13_166_189_56_165_71_204_234_176_21_54%7C1633132800%3A15_223_2%7C1633824000%3A35%7C1633392000%3A63%7C1635120000%3A203; KRTBCOOKIE_409=22966-TLYMbhNX8FSGhFoCoYtuXio4; PugT=1632575573; KRTBCOOKIE_594=17105-RX-c91a1d0f-81a0-4258-a831-9ecf1e8e2183-003&KRTB&17107-RX-c91a1d0f-81a0-4258-a831-9ecf1e8e2183-003
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=97433
expires
Sun, 26 Sep 2021 16:16:47 GMT
date
Sat, 25 Sep 2021 13:12:54 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame E65C 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C9966824327242497849004195953%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:54 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:07:52 GMT
server
Apache/2.2.15 (CentOS)
etag
"13006b6-974e-5c4c7cb53d8cb"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=97433
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13946
expires
Sun, 26 Sep 2021 16:16:47 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 73C3 		980 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=55191790&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
439227d8c9740ccbc415a8d9523451590f46b4c52ad72fecfdfabc40b0b9f774

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
980
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame EC72
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:pLHl0XgY1Mu7u05&gdpr=0&gdpr_consent=
42 B
366 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:pLHl0XgY1Mu7u05&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:pLHl0XgY1Mu7u05&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A; KRTBCOOKIE_377=6810-2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9&KRTB&22918-2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9&KRTB&23031-2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7&KRTB&16736-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7&KRTB&23019-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7&KRTB&23114-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7; KRTBCOOKIE_391=22924-3196635862961852579&KRTB&23263-3196635862961852579; KRTBCOOKIE_57=22776-4052348112198880942; KRTBCOOKIE_80=22987-CAESEAMN9GLynvTCPFX3wlg9Stk&KRTB&16514-CAESEAMN9GLynvTCPFX3wlg9Stk&KRTB&23025-CAESEAMN9GLynvTCPFX3wlg9Stk; KRTBCOOKIE_153=19420-3TmqINk4qiLGbq0k0jizd95up3bGP6t12Twy2EZh&KRTB&22979-3TmqINk4qiLGbq0k0jizd95up3bGP6t12Twy2EZh; KRTBCOOKIE_336=5844-987620221106058175; pp=156498; PMDTSHR=cat:; DPSync3=1632614400%3A174%7C1633737600%3A201_197_219_221_226_227_235; KRTBCOOKIE_22=14911-7252582830213713426; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_1101=23040-7011858668534036631; KRTBCOOKIE_218=22978-YU8gUAAEQinUIAA6&KRTB&23194-YU8gUAAEQinUIAA6&KRTB&23209-YU8gUAAEQinUIAA6&KRTB&23244-YU8gUAAEQinUIAA6; KRTBCOOKIE_466=16530-6cb7c9dc-c4fa-434e-886d-1c7105398e76; SPugT=1632575569; KRTBCOOKIE_409=22966-TLYMbhNX8FSGhFoCoYtuXio4; PugT=1632575573; KRTBCOOKIE_594=17105-RX-c91a1d0f-81a0-4258-a831-9ecf1e8e2183-003&KRTB&17107-RX-c91a1d0f-81a0-4258-a831-9ecf1e8e2183-003; chkChromeAb67Sec=4; SyncRTB3=1633824000%3A35%7C1633392000%3A63%7C1635120000%3A203%7C1633737600%3A88_7_220_222_56_3_81_13_165_99_166_5_57_230_233_55_8_189_104_22_161_204_176_21_54_231_71_234%7C1637712000%3A69%7C1633132800%3A2_15_223
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 25 Sep 2021 13:12:54 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_107=1471-uid:pLHl0XgY1Mu7u05; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 24-Dec-2021 13:12:54 GMT; path=/ PugT=1632575574; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 25-Oct-2021 13:12:54 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 24-Dec-2021 13:12:54 GMT; path=/
x-lat
lhrpug005:0:757
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Sat, 25 Sep 2021 13:12:53 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:pLHl0XgY1Mu7u05&gdpr=0&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/8a430fa#rel-ec2-master i-036989daef33ebbfa@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Set-Cookie
wfivefivec=pLHl0XgY1Mu7u05; Domain=.w55c.net; Expires=Tue, 25-Oct-2022 13:12:54 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Mon, 25-Oct-2021 13:12:54 GMT; Path=/; SameSite=None; Secure
Strict-Transport-Security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
usersync
match.bnmla.com/ Frame B22C 		0
114 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.158 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
match.bnmla.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sat, 25 Sep 2021 13:12:54 GMT
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 0636
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:1E004AB5FABD4A84BCF4E2B19FEF125E
1 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:1E004AB5FABD4A84BCF4E2B19FEF125E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:1E004AB5FABD4A84BCF4E2B19FEF125E
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A; KRTBCOOKIE_377=6810-2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9&KRTB&22918-2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9&KRTB&23031-2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7&KRTB&16736-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7&KRTB&23019-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7&KRTB&23114-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7; KRTBCOOKIE_391=22924-3196635862961852579&KRTB&23263-3196635862961852579; KRTBCOOKIE_57=22776-4052348112198880942; KRTBCOOKIE_80=22987-CAESEAMN9GLynvTCPFX3wlg9Stk&KRTB&16514-CAESEAMN9GLynvTCPFX3wlg9Stk&KRTB&23025-CAESEAMN9GLynvTCPFX3wlg9Stk; KRTBCOOKIE_153=19420-3TmqINk4qiLGbq0k0jizd95up3bGP6t12Twy2EZh&KRTB&22979-3TmqINk4qiLGbq0k0jizd95up3bGP6t12Twy2EZh; KRTBCOOKIE_336=5844-987620221106058175; pp=156498; PMDTSHR=cat:; DPSync3=1632614400%3A174%7C1633737600%3A201_197_219_221_226_227_235; KRTBCOOKIE_22=14911-7252582830213713426; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_1101=23040-7011858668534036631; KRTBCOOKIE_218=22978-YU8gUAAEQinUIAA6&KRTB&23194-YU8gUAAEQinUIAA6&KRTB&23209-YU8gUAAEQinUIAA6&KRTB&23244-YU8gUAAEQinUIAA6; KRTBCOOKIE_466=16530-6cb7c9dc-c4fa-434e-886d-1c7105398e76; SPugT=1632575569; KRTBCOOKIE_409=22966-TLYMbhNX8FSGhFoCoYtuXio4; PugT=1632575573; KRTBCOOKIE_594=17105-RX-c91a1d0f-81a0-4258-a831-9ecf1e8e2183-003&KRTB&17107-RX-c91a1d0f-81a0-4258-a831-9ecf1e8e2183-003; chkChromeAb67Sec=4; SyncRTB3=1633824000%3A35%7C1633392000%3A63%7C1635120000%3A203%7C1633737600%3A88_7_220_222_56_3_81_13_165_99_166_5_57_230_233_55_8_189_104_22_161_204_176_21_54_231_71_234%7C1637712000%3A69%7C1633132800%3A2_15_223
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 25 Sep 2021 13:12:54 GMT
content-type
text/html; charset=utf-8
content-length
1
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 24-Dec-2021 13:12:54 GMT; path=/
x-lat
lhrpug004:0:502
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Sat, 25 Sep 2021 13:12:54 GMT
content-type
text/html
content-length
142
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:1E004AB5FABD4A84BCF4E2B19FEF125E
expires
Fri, 24 Sep 2021 13:12:54 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Pug
simage2.pubmatic.com/AdServer/ Frame 231F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-_HaVIRqTBF4D-21W9jZtFvHdkw
42 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-_HaVIRqTBF4D-21W9jZtFvHdkw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-_HaVIRqTBF4D-21W9jZtFvHdkw
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A; KRTBCOOKIE_377=6810-2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9&KRTB&22918-2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9&KRTB&23031-2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7&KRTB&16736-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7&KRTB&23019-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7&KRTB&23114-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7; KRTBCOOKIE_391=22924-3196635862961852579&KRTB&23263-3196635862961852579; KRTBCOOKIE_57=22776-4052348112198880942; KRTBCOOKIE_80=22987-CAESEAMN9GLynvTCPFX3wlg9Stk&KRTB&16514-CAESEAMN9GLynvTCPFX3wlg9Stk&KRTB&23025-CAESEAMN9GLynvTCPFX3wlg9Stk; KRTBCOOKIE_153=19420-3TmqINk4qiLGbq0k0jizd95up3bGP6t12Twy2EZh&KRTB&22979-3TmqINk4qiLGbq0k0jizd95up3bGP6t12Twy2EZh; KRTBCOOKIE_336=5844-987620221106058175; pp=156498; PMDTSHR=cat:; DPSync3=1632614400%3A174%7C1633737600%3A201_197_219_221_226_227_235; KRTBCOOKIE_22=14911-7252582830213713426; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_1101=23040-7011858668534036631; KRTBCOOKIE_218=22978-YU8gUAAEQinUIAA6&KRTB&23194-YU8gUAAEQinUIAA6&KRTB&23209-YU8gUAAEQinUIAA6&KRTB&23244-YU8gUAAEQinUIAA6; KRTBCOOKIE_466=16530-6cb7c9dc-c4fa-434e-886d-1c7105398e76; SPugT=1632575569; KRTBCOOKIE_409=22966-TLYMbhNX8FSGhFoCoYtuXio4; KRTBCOOKIE_594=17105-RX-c91a1d0f-81a0-4258-a831-9ecf1e8e2183-003&KRTB&17107-RX-c91a1d0f-81a0-4258-a831-9ecf1e8e2183-003; chkChromeAb67Sec=4; SyncRTB3=1633824000%3A35%7C1633392000%3A63%7C1635120000%3A203%7C1633737600%3A88_7_220_222_56_3_81_13_165_99_166_5_57_230_233_55_8_189_104_22_161_204_176_21_54_231_71_234%7C1637712000%3A69%7C1633132800%3A2_15_223; KRTBCOOKIE_107=1471-uid:pLHl0XgY1Mu7u05; PugT=1632575574
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 25 Sep 2021 13:12:54 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_860=16335--_HaVIRqTBF4D-21W9jZtFvHdkw; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 24-Dec-2021 13:12:54 GMT; path=/ PugT=1632575574; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 25-Oct-2021 13:12:54 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 24-Dec-2021 13:12:54 GMT; path=/
x-lat
lhrpug005:0:532
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Sat, 25 Sep 2021 13:12:54 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-_HaVIRqTBF4D-21W9jZtFvHdkw
Set-Cookie
sa-user-id=s%3A0-fbf1da54-846a-4c11-780f-edb55bd8d9b4.bpEzm8eg3rWpGKd2%2F%2BSmnkuH0W9YLoYOUvZ9TL8WHjA; Max-Age=31536000; Secure; SameSite=None sa-user-id-v2=s%3A0-fbf1da54-846a-4c11-780f-edb55bd8d9b4%24ip%2491.199.118.76.iSY5jIZCFGq%2FtvIb0ouS0w3pUb0k16uWUmcAmOaTDVY; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length
159
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 73C3
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=4b5d0d2d-1e02-11ec-9130-efd842e42202&gdpr=0&gdpr_consent=
1 B
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=4b5d0d2d-1e02-11ec-9130-efd842e42202&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:54 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug013:0:724
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=4b5d0d2d-1e02-11ec-9130-efd842e42202&gdpr=0&gdpr_consent=
Date
Sat, 25 Sep 2021 13:12:54 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
4b5d0d2e-1e02-11ec-9130-efd842e42202
AdServerServlet
vid.pubmatic.com/AdServer/ Frame E65C 		27 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C9966824327242497849004195953%2C%2C&us_privacy=&cb=1632575574064&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fask.fm%252Faltopeanut514&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fask.fm%252Faltopeanut514&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-9-25%2013:12:54&ranreq=0.14555651818759174&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C9966824327242497849004195953%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:54 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://ask.fm
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 25 Sep 2021 13:12:54 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame 0D10 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 25 Sep 2021 13:12:54 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
track
aktrack.pubmatic.com/ Frame E65C 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1632575575&wa=0&e=95&vc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:54 GMT
content-length
0
content-type
text/html
ad
v.lkqd.net/ Frame 7F61 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=25805176&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.143 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
b778c62f390b73ce29f7bea74b16c242a5b8c70c2429a6ebf918ee313ab8f8d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:55 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1359
vpaid.js
ad.lkqd.net/vpaid/ Frame 388B 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:55 GMT
content-encoding
gzip
last-modified
Mon, 10 May 2021 16:09:54 GMT
etag
"18431b5d583ab7507824ab63424fc76a"
x-hw
1632575575.cds167.fr8.hn,1632575575.cds107.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62012
usync.html
ad.lkqd.net/cookie-sync/ Frame 6B9E 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 25 Sep 2021 13:12:55 GMT
content-encoding
gzip
content-length
1868
content-type
text/html
last-modified
Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges
bytes
etag
"81f08e6987a7c8675462207e3514d72e"
cache-control
public, max-age=1209600
x-hw
1632575575.cds167.fr8.hn,1632575575.cds226.fr8.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=25805176&m=&rtv=1&thost=ask.fm
Protocol
H2
Server
146.20.132.143 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 25 Sep 2021 13:12:55 GMT
content-length
0
access-control-allow-origin
https://ask.fm
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
ad
v.lkqd.net/ Frame 388B 		78 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=25805176&m=&rtv=1&thost=ask.fm
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.143 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
7bedefffcf02838a79a044b192451f43c6c255a0eab0f1609eeab221e8e12d4d

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 25 Sep 2021 13:12:55 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
5277
cs
cs.lkqd.net/ Frame 6B9E 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:55 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 6B9E 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:55 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 6B9E 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:55 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 6B9E 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:55 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 6B9E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7252582830213713426
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7252582830213713426
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:55 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7252582830213713426
pragma
no-cache
date
Sat, 25 Sep 2021 13:12:55 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
t
t.lkqd.net/ Frame 55D1 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 25 Sep 2021 13:12:55 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 25 Sep 2021 13:12:55 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
/
adx.adform.net/adx/ 		65 B
735 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fask.fm%2Faltopeanut514
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:55 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1994156417&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&...
  • https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1994156417&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&pi.h...
249 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1994156417&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=3ab1f524-8f5e-480d-9d1c-b2514029c1c4&a.is_yahoo=3&redirect_y=dHM9MTYzMjU3NTU3NTYyOC45NTgyNTI6YXBpZD1VUDQ3NDY3NDEwLTFlMDItMTFlYy05ZTA5LTAyNjAyNmJiMjk3YTptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPTNhYjFmNTI0LThmNWUtNDgwZC05ZDFjLWIyNTE0MDI5YzFjNA==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.33.143 -, , ASN (),
Reverse DNS
Software
ATS/7.1.2.138 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:55 GMT
content-encoding
gzip
server
ATS/7.1.2.138
Age
0
content-type
text/xml
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0

Redirect headers

strict-transport-security
max-age=31536000
server
adaptv/1.0
access-control-allow-origin
https://ask.fm
content-type
text/plain
location
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1994156417&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=3ab1f524-8f5e-480d-9d1c-b2514029c1c4&a.is_yahoo=3&redirect_y=dHM9MTYzMjU3NTU3NTYyOC45NTgyNTI6YXBpZD1VUDQ3NDY3NDEwLTFlMDItMTFlYy05ZTA5LTAyNjAyNmJiMjk3YTptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPTNhYjFmNTI0LThmNWUtNDgwZC05ZDFjLWIyNTE0MDI5YzFjNA==
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
0
/
adx.adform.net/adx/ 		65 B
735 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&url=https%3A%2F%2Fask.fm%2Faltopeanut514&t=2
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:55 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=1379518558&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&...
  • https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=1379518558&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&pi.h...
249 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=1379518558&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=ab167191-2baf-4019-a184-07eb82387009&a.is_yahoo=3&redirect_y=dHM9MTYzMjU3NTU3NTYzMy4wNDA3NzE6YXBpZD1VUDQ3NDY3NDEwLTFlMDItMTFlYy05ZTA5LTAyNjAyNmJiMjk3YTptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPWFiMTY3MTkxLTJiYWYtNDAxOS1hMTg0LTA3ZWI4MjM4NzAwOQ==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.33.143 -, , ASN (),
Reverse DNS
Software
ATS/7.1.2.138 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:55 GMT
content-encoding
gzip
server
ATS/7.1.2.138
Age
0
content-type
text/xml
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0

Redirect headers

strict-transport-security
max-age=31536000
server
adaptv/1.0
access-control-allow-origin
https://ask.fm
content-type
text/plain
location
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=1379518558&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=ab167191-2baf-4019-a184-07eb82387009&a.is_yahoo=3&redirect_y=dHM9MTYzMjU3NTU3NTYzMy4wNDA3NzE6YXBpZD1VUDQ3NDY3NDEwLTFlMDItMTFlYy05ZTA5LTAyNjAyNmJiMjk3YTptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPWFiMTY3MTkxLTJiYWYtNDAxOS1hMTg0LTA3ZWI4MjM4NzAwOQ==
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
0
vadtag.html
vpaid.pubmatic.com/ads/video/ 		993 B
860 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C17264174335856554807134739027%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
113f17542ae43f85306f3653ec999bdabbae32a971c1619d4a7582605d4d932f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:55 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
608
expires
Sat, 25 Sep 2021 13:12:55 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C10563811595856554807134739027,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
90878add0232efa0532afebc50d4be90776d9a7b1fde5abe9a67d60a9ee1a66d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:55 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1158
x-sticky-vk
1632575575611018-407
Expires
Sat, 25 Sep 2021 13:12:55 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=0&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C585655480713473902788059254%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2740851a1e6c573874a0cb754f3b92e4ffb10ad970fae81d205a599861ad3137

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:55 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1188
x-sticky-vk
1632575575586035-583
Expires
Sat, 25 Sep 2021 13:12:55 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=0&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C58565548071347390271115261264%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9b7b3d9f9d512f4864f68406b7e59f1029052becc44de0d456f8c65345f9e258

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:55 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1192
x-sticky-vk
1632575575506059-501
Expires
Sat, 25 Sep 2021 13:12:55 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C6210451055856554807134739027,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
50e7a60f0aa95603153f4e8ec767944faab373fb81ddc545b3f2f971b0b559df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:55 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1156
x-sticky-vk
1632575575545046-527
Expires
Sat, 25 Sep 2021 13:12:55 GMT
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=235387362&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&p...
  • https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=235387362&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&pi.he...
249 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=235387362&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=03c27843-e12f-40f4-8754-95a8a43db99c&a.is_yahoo=3&redirect_y=dHM9MTYzMjU3NTU3NTY0My4zNTc0MjI6YXBpZD1VUDQ3NDY3NDEwLTFlMDItMTFlYy05ZTA5LTAyNjAyNmJiMjk3YTptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPTAzYzI3ODQzLWUxMmYtNDBmNC04NzU0LTk1YThhNDNkYjk5Yw==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.33.143 -, , ASN (),
Reverse DNS
Software
ATS/7.1.2.138 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 25 Sep 2021 13:12:56 GMT
content-encoding
gzip
server
ATS/7.1.2.138
Age
1
content-type
text/xml
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0

Redirect headers

strict-transport-security
max-age=31536000
server
adaptv/1.0
access-control-allow-origin
https://ask.fm
content-type
text/plain
location
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=235387362&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Faltopeanut514&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=03c27843-e12f-40f4-8754-95a8a43db99c&a.is_yahoo=3&redirect_y=dHM9MTYzMjU3NTU3NTY0My4zNTc0MjI6YXBpZD1VUDQ3NDY3NDEwLTFlMDItMTFlYy05ZTA5LTAyNjAyNmJiMjk3YTptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPTAzYzI3ODQzLWUxMmYtNDBmNC04NzU0LTk1YThhNDNkYjk5Yw==
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
0
48953915
mc.yandex.com/webvisor/ 		43 B
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=6&wv-hit=795551383&page-url=https%3A%2F%2Fask.fm%2Faltopeanut514&rn=291655345&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1632575576%3Aw%3A1600x1200%3Av%3A660%3Az%3A0%3Ai%3A20210925131256%3Au%3A1632575563880604643%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1632575576
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 13:12:56 GMT
last-modified
Sat, 25-Sep-2021 13:12:56 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 25-Sep-2021 13:12:56 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 25 Sep 2021 13:12:56 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame 55D1 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 25 Sep 2021 13:12:56 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
truncated
/ Frame 388B 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 8EE0 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C17264174335856554807134739027%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:56 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
showad.js
ads.pubmatic.com/AdServer/js/ Frame F9CC 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C17264174335856554807134739027%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A; KRTBCOOKIE_377=6810-2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9&KRTB&22918-2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9&KRTB&23031-2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7&KRTB&16736-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7&KRTB&23019-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7&KRTB&23114-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7; KRTBCOOKIE_391=22924-3196635862961852579&KRTB&23263-3196635862961852579; KRTBCOOKIE_57=22776-4052348112198880942; KRTBCOOKIE_80=22987-CAESEAMN9GLynvTCPFX3wlg9Stk&KRTB&16514-CAESEAMN9GLynvTCPFX3wlg9Stk&KRTB&23025-CAESEAMN9GLynvTCPFX3wlg9Stk; KRTBCOOKIE_153=19420-3TmqINk4qiLGbq0k0jizd95up3bGP6t12Twy2EZh&KRTB&22979-3TmqINk4qiLGbq0k0jizd95up3bGP6t12Twy2EZh; KRTBCOOKIE_336=5844-987620221106058175; pp=156498; PMDTSHR=cat:; DPSync3=1632614400%3A174%7C1633737600%3A201_197_219_221_226_227_235; KRTBCOOKIE_22=14911-7252582830213713426; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_1101=23040-7011858668534036631; KRTBCOOKIE_218=22978-YU8gUAAEQinUIAA6&KRTB&23194-YU8gUAAEQinUIAA6&KRTB&23209-YU8gUAAEQinUIAA6&KRTB&23244-YU8gUAAEQinUIAA6; KRTBCOOKIE_466=16530-6cb7c9dc-c4fa-434e-886d-1c7105398e76; SPugT=1632575569; KRTBCOOKIE_409=22966-TLYMbhNX8FSGhFoCoYtuXio4; KRTBCOOKIE_594=17105-RX-c91a1d0f-81a0-4258-a831-9ecf1e8e2183-003&KRTB&17107-RX-c91a1d0f-81a0-4258-a831-9ecf1e8e2183-003; chkChromeAb67Sec=4; SyncRTB3=1633824000%3A35%7C1633392000%3A63%7C1635120000%3A203%7C1633737600%3A88_7_220_222_56_3_81_13_165_99_166_5_57_230_233_55_8_189_104_22_161_204_176_21_54_231_71_234%7C1637712000%3A69%7C1633132800%3A2_15_223; KRTBCOOKIE_107=1471-uid:pLHl0XgY1Mu7u05; PugT=1632575574; KRTBCOOKIE_279=22890-4b5d0d2d-1e02-11ec-9130-efd842e42202&KRTB&23011-4b5d0d2d-1e02-11ec-9130-efd842e42202; KRTBCOOKIE_860=16335--_HaVIRqTBF4D-21W9jZtFvHdkw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=97431
expires
Sun, 26 Sep 2021 16:16:47 GMT
date
Sat, 25 Sep 2021 13:12:56 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 8EE0 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C17264174335856554807134739027%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:56 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:07:52 GMT
server
Apache/2.2.15 (CentOS)
etag
"13006b6-974e-5c4c7cb53d8cb"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=97431
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13946
expires
Sun, 26 Sep 2021 16:16:47 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame F9CC 		47 B
166 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=24671783&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
47
content-type
text/html; charset=UTF-8
t
t.lkqd.net/ Frame 55D1 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 25 Sep 2021 13:12:56 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 25 Sep 2021 13:12:56 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 8EE0 		27 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C17264174335856554807134739027%2C%2C&us_privacy=&cb=1632575576134&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fask.fm%252Faltopeanut514&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fask.fm%252Faltopeanut514&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-9-25%2013:12:56&ranreq=0.12471040382040299&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C17264174335856554807134739027%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:56 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://ask.fm
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 25 Sep 2021 13:12:56 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame 55D1 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 25 Sep 2021 13:12:56 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
track
aktrack.pubmatic.com/ Frame 8EE0 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1632575577&wa=0&e=95&vc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:56 GMT
content-length
0
content-type
text/html
ad
v.lkqd.net/ Frame 7F61 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=93116173&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.143 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
2e2728871d2db7221ba4cd4da8276a18585d040267ecff505fe470b5dc86dd68

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:57 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1359
vpaid.js
ad.lkqd.net/vpaid/ Frame DD9B 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:57 GMT
content-encoding
gzip
last-modified
Mon, 10 May 2021 16:09:54 GMT
etag
"18431b5d583ab7507824ab63424fc76a"
x-hw
1632575577.cds167.fr8.hn,1632575577.cds107.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62012
usync.html
ad.lkqd.net/cookie-sync/ Frame 286D 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 25 Sep 2021 13:12:57 GMT
content-encoding
gzip
content-length
1868
content-type
text/html
last-modified
Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges
bytes
etag
"81f08e6987a7c8675462207e3514d72e"
cache-control
public, max-age=1209600
x-hw
1632575577.cds167.fr8.hn,1632575577.cds226.fr8.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=93116173&m=&rtv=1&thost=ask.fm
Protocol
H2
Server
146.20.132.143 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 25 Sep 2021 13:12:57 GMT
content-length
0
access-control-allow-origin
https://ask.fm
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
ad
v.lkqd.net/ Frame DD9B 		0
0
cs
cs.lkqd.net/ Frame 286D 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:57 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 286D 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:57 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 286D 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:57 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 286D 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:57 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 286D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7252582830213713426
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7252582830213713426
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 13:12:57 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7252582830213713426
pragma
no-cache
date
Sat, 25 Sep 2021 13:12:57 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
Domain
v.lkqd.net
URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Faltopeanut514&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=93116173&m=&rtv=1&thost=ask.fm

Verdicts & Comments Add Verdict or Comment

139 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| onbeforexrselect boolean| originAgentCluster function| logError function| $ function| jQuery function| PerfectScrollbar object| Turbolinks function| Cursores object| Utils object| Events object| Browser object| Turbolinkz function| Actions object| Ajax object| Mutex function| Pages object| AjaxUI object| ScrollBar object| AnswerCard object| ProfileTabCounters object| ThreadCounters object| Pager object| Config object| Answers undefined| AskfmAd undefined| Atcomplete undefined| Autofocus object| Flash object| Uploads object| Avatar object| Background object| Form object| Button object| Captcha function| Recaptcha2onLoad object| Checkbox object| ConfirmDialog function| Log object| PositionFixedFocus object| FacebookSharing object| Lightbox object| Yandex object| TrackingGoals object| FormXHR object| Gdpr object| GoogleAnalytics undefined| HoverToActive object| LoginCheck object| MassAsk object| Media object| Notifications object| Offers undefined| Optad360 object| PhotoAnswer object| Photopoll object| PopupCallback object| Pymk object| Pyml object| Questions object| SecretAnswers undefined| ServiceWorkerRemoval object| Stream undefined| Tagcomplete object| Toggle object| Tracking undefined| Viads object| Viewport function| admiral object| googletag string| esSdk function| es function| ym function| 4dm1r11545242527 object| __es_sdk string| f object| Ya object| yaCounter48953915 function| eHost string| va string| vb string| vc string| vd string| ve string| vf string| vg string| vh string| vi string| vj string| vk string| vl string| vm string| vn string| url function| loadVidPlayers function| __tcfapi_8928924878912 object| lkqdSettings object| vpaidLoader function| fbAsyncInit object| dataLayer object| lkqd object| mobile_blocked_mfs function| lkqd_http_response object| FB object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| AdSlotCollection object| regeneratorRuntime object| pbjs325474 object| gaplugins object| gaGlobal object| gaData object| __oa360ScriptsState boolean| __isGoogleAllowed function| pbjs325474Chunk object| _pbjsGlobals function| JSEncrypt object| ADAGIO object| sas object| apntag object| _ADAGIO function| AdPlayerPro object| DMVAST function| playerPro

126 Cookies

Domain/Path Name / Value
ask.fm/ Name: locale
Value: de
ask.fm/ Name: uuid
Value: 7212ab51-33a2-454e-ab85-3fd71008cf91
ask.fm/ Name: country
Value: DE
.ask.fm/ Name: _ym_uid
Value: 1632575563880604643
.ask.fm/ Name: _ym_d
Value: 1632575563
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 2335438399fake
.ask.fm/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 2904487300fake
.yandex.com/ Name: yandexuid
Value: 2718655471632575563
.yandex.com/ Name: yuidss
Value: 2718655471632575563
mc.yandex.com/ Name: yabs-sid
Value: 1946015881632575563
.yandex.com/ Name: i
Value: u1FKksPOhi1oNBaqEHmciOPP/DkXHctPUQflUhHoWu/CUJQGrP/jXVTfmEoYPo9uNBXtTPPIQHtpxdzmicwSCvwrpHU=
.yandex.com/ Name: ymex
Value: 1664111563.yrts.1632575563#1664111563.yrtsi.1632575563
.ask.fm/ Name: _ym_visorc
Value: w
.bidswitch.net/ Name: tuuid
Value: 6cb7c9dc-c4fa-434e-886d-1c7105398e76
.bidswitch.net/ Name: c
Value: 1632575563
.bidswitch.net/ Name: tuuid_lu
Value: 1632575563
ads.stickyadstv.com/ Name: UID
Value: 1f2f4917044a5f2f28572734ffc1875
ads.stickyadstv.com/ Name: sessionId
Value: 6b7cea60b4d1b0a2e83ec67a2bb3843
.adsrvr.org/ Name: TDID
Value: 2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9
.turn.com/ Name: uid
Value: 7252582830213713426
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-c91a1d0f-81a0-4258-a831-9ecf1e8e2183-003%22%7D
.vidoomy.com/ Name: vidoomy-uids
Value: eyJ1aWRzIjp7IkNFTiI6eyJ1aWQiOiJuby1jb25zZW50IiwiZXhwaXJlcyI6MTYzNTE2NzU2M30sIlVOIjp7InVpZCI6IlJYLWM5MWExZDBmLTgxYTAtNDI1OC1hODMxLTllY2YxZThlMjE4My0wMDMiLCJleHBpcmVzIjoxNjM1MTY3NTYzfX19
.ask.fm/ Name: _awl
Value: 2.1632575563.0.4-f8f33467-be4e44a596c124b41b0db1ca0ab80ce3-6763652d6575726f70652d7765737431-614f204b-0
.ask.fm/ Name: _ga
Value: GA1.2.439242087.1632575564
.ask.fm/ Name: _gid
Value: GA1.2.933855381.1632575564
.ask.fm/ Name: _gat_UA-12308109-15
Value: 1
ask.fm/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.betweendigital.com/ Name: dc
Value: mow1
.betweendigital.com/ Name: tuuid
Value: 1c5515e0-a932-510c-8278-6f2ce3374f60
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: unm
Value: 1
.smartadserver.com/ Name: pbw
Value: %24b%3d16890%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 259837=4592952
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1313506140%3B%24ql%3DUnknown%3B%24qpc%3D76726%3B%24qt%3D25_1767_24818t%3B%24dma%3D0&c=1&l=926403020&lo=960306011&lt=637681795642986102&o=1
.smartadserver.com/ Name: sasd
Value: %24qc%3D1313506140%3B%24ql%3DUnknown%3B%24qpc%3D76726%3B%24qt%3D25_1767_24818t%3B%24dma%3D0
ask.fm/ Name: cto_bidid
Value: FtsN3F9SR0R0QUhWR0NFZG51aW5nS0gyYWxTbkF3TnI2Q2ZLcGFoQ2g4N25PdE0lMkZYTHI1Uzc4eDhrOWUyUHE3cWd5WGk4U0FOOWdLSWNtRHQ3U1FOcDlhQmt3JTNEJTNE
ask.fm/ Name: cto_bundle
Value: 5iQipV8lMkJDQTlxejJybm9NJTJGdG55d0hJNUMxemw4QjhzYmlPaWQ1SHdkOGZMZEJtJTJGVXBTbVhwSDVlTlhBcHZyZ1hnZThISkFyTDk5MlVSZUZ0NTcwVTVxQ0NlejhQTTY4QWMySDklMkY2UzJnVnJJc3hrJTNE
.quantumdex.io/ Name: uid
Value: c990a07e-7621-452b-bf46-088b1ee35109
prebid.a-mo.net/ Name: __amc
Value: 1_1632575564_1632575564
.a-mo.net/ Name: amuid2
Value: 32e092a3-32a2-43ee-b676-ef022766cbbf
.openx.net/ Name: i
Value: 4725cff0-1703-0238-225d-6cd269a80b3c|1632575565
.openx.net/ Name: v
Value: 1
.openx.net/ Name: pd
Value: v2|1632575565|gu
.spotxchange.com/ Name: audience
Value: 45d862b7-1e02-11ec-9486-1ef5e1e50006
.pubmatic.com/ Name: KADUSERCOOKIE
Value: FEBD6FAA-B157-4EBD-83CA-1F7509D65B1A
.doubleclick.net/ Name: IDE
Value: AHWqTUl6fKpSycRwJpavRHUKuNiZSCX3uu1Eb7yoYaDbspoR-0YFu2qwR9CWrcGmfXM
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwim7LushoyAOhAFGAEgASgCMgsIpuS-2ZyMgDoQBTgBWghwdWJtYXRpY2AC
.simpli.fi/ Name: suid
Value: 1E004AB5FABD4A84BCF4E2B19FEF125E
.quantserve.com/ Name: d
Value: EM4BCwGqJPijAA
.quantserve.com/ Name: mc
Value: 614f204d-f3b90-15f90-75324
.onaudience.com/ Name: cookie
Value: ef3ad7e78df28ba1
.onaudience.com/ Name: done_redirects161
Value: 1
.mathtag.com/ Name: uuid
Value: ba1c614f-204d-4600-9bd5-42180ca7e8a4
.adform.net/ Name: C
Value: 1
.de17a.com/ Name: guid2
Value: 1.987620221106058175
.adform.net/ Name: uid
Value: 3196635862961852579
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9&KRTB&22918-2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9&KRTB&23031-2c1d5523-a2bd-4cb4-b550-670b7c6cbfb9
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7&KRTB&16736-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7&KRTB&23019-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7&KRTB&23114-uid:a41c614f-204d-4e00-82b5-82420cc0a8a7
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-3196635862961852579&KRTB&23263-3196635862961852579
.adnxs.com/ Name: uuid2
Value: 8927850195643254724
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-4052348112198880942
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEAMN9GLynvTCPFX3wlg9Stk&KRTB&16514-CAESEAMN9GLynvTCPFX3wlg9Stk&KRTB&23025-CAESEAMN9GLynvTCPFX3wlg9Stk
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 19420-3TmqINk4qiLGbq0k0jizd95up3bGP6t12Twy2EZh&KRTB&22979-3TmqINk4qiLGbq0k0jizd95up3bGP6t12Twy2EZh
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-987620221106058175
.exelator.com/ Name: EE
Value: "318d9fe07b519d1d04ab4ef3667bdd31"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHY0CLFMi3VwDzJ1NAyxTDFwCQxySQ1zdjMzDwpJcXYcHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yMJySX5RZvoiF9fFRSlpDItKik8F7%252BPrBgCK4Snz"
.pubmatic.com/ Name: pp
Value: 156498
.pubmatic.com/ Name: PMDTSHR
Value: cat:
ads.stickyadstv.com/ Name: pxId
Value: 7169
.connectad.io/ Name:
Value: cadsync
.advertising.com/ Name: APID
Value: UP47467410-1e02-11ec-9e09-026026bb297a
.casalemedia.com/ Name: CMID
Value: YU8gT.8YpUffu51V2cqPtAAA
.casalemedia.com/ Name: CMPS
Value: 5227
.casalemedia.com/ Name: CMPRO
Value: 1137
.casalemedia.com/ Name: CMST
Value: YU8gT2FPIE8A
.prebid.a-mo.net/ Name: plur_sv2_pubmatic
Value: 1632575567
.prebid.a-mo.net/ Name: plur_sv2_0
Value: 1632575567
.lijit.com/ Name: ljt_reader
Value: ccf92b5941375174c26fa655
.yahoo.com/ Name: A3
Value: d=AQABBE8gT2ECECbGJBsDxW9bxS79FV3VxdQFEgEBAQFxUGFZYQAAAAAA_eMAAA&S=AQAAAniZrJIfmgEAScHr0Gsnaog
.adsniper.ru/ Name: uuid3
Value: IiQ0NzU3NTA2Mi0xZTAyLTExZWMtODZlMC0wMDI1OTBjMDY0N2M*
.yahoo.com/ Name: APID
Value: UP47467410-1e02-11ec-9e09-026026bb297a
.yahoo.com/ Name: APIDTS
Value: 1632575567
.prebid.a-mo.net/ Name: plur_sv2_2
Value: 1632575567
.bumlam.com/ Name: suuid3
Value: IiQ0NzU3NTA2Mi0xZTAyLTExZWMtODZlMC0wMDI1OTBjMDY0N2M*
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.sharethrough.com/ Name: stx_user_id
Value: cbdca909-bc2e-4a8f-ba01-f245dc58bf85
.adhigh.net/ Name: gi_u
Value: jsds7aivMM.AikABlF8HRY3uw
.prebid.a-mo.net/ Name: plur_sv2_3
Value: 1632575567
.id5-sync.com/ Name: id5
Value: a5466f81-4c86-4cc6-8f67-648349285b80#1632575564431#2
.id5-sync.com/ Name: 3pi
Value:
.id5-sync.com/ Name: callback
Value:
.prebid.a-mo.net/ Name: plur_sv2_verizon_video
Value: 1632575567
ask.fm/ Name: _m_ask_fm_session
Value: RnZWVUdoMFcvQ0J5UUliMjM1cEkvRTBwSFhsRXpjbkNiK2VTSitseStRN0VzcDIxeUhiMWJ4VzhYcEM0c0tIRXYyemhZc3RkSWFXWGk5dUg4SWp1eUZudENVZm5CYkNXSGFEQkp5a0dxWVdqUkJYcnJjTGhGTjV5eWhaL05NVEZFRVBDZHM0blFMVGdEUEE2MStGOHpIQVkraGFCZ3RkME81S0RHVDFpYkRYRHFZMzEvUTlYUXZKNTczeitGVkl1YmFPREh2R25JN01JMjR5REswRlg1aEpYZFNtVkNtZWlFaHBRbDExWlN2VDZDWkt3Y1d4Z3RCQnFNaGZ4djB6cy0tNWN1VGhsd05VZFZ6MmFMQS9HODltUT09--b27617edb5cb8fad85b096b13b5d7fe32554e362
ms.quantumdex.io/ Name: qdsp_uid
Value: 61a46153-8193-4dcb-a444-6f5fc56358de
.ads.pubmatic.com/ Name: KCCH
Value: YES
ads.stickyadstv.com/ Name: uid-bp-30833
Value: 1
ads.stickyadstv.com/ Name: uid-bp-159
Value: 1
.adhigh.net/ Name: btw_sync
Value: IcE
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: DPSync3
Value: 1632614400%3A174%7C1633737600%3A201_197_219_221_226_227_235
.pubmatic.com/ Name: SyncRTB3
Value: 1633132800%3A15_223_2%7C1633824000%3A35%7C1633392000%3A63%7C1633737600%3A13_8_220_55_21_54_7_3_81_56_161_71_22_166%7C1635120000%3A203
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-c91a1d0f-81a0-4258-a831-9ecf1e8e2183-003%22%7D
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 6c2f404e19a88095d798a5f2c0e1aa2c
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMEs2SjMxMEk1tEy0sDCwNE0xt7RINE0zSjZINUxMNEpmAIJEfwV%2FEA0FAEe9CgE%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBI9FfwB1JQAAAOSAEg"
.analytics.yahoo.com/ Name: IDSYNC
Value: "192w~20lp:192x~20lp:18z8~20lp"
pool.admedo.com/ Name: tuuid
Value: 5777dea3-8fa8-490c-bd66-41eb7e460022
pool.admedo.com/ Name: c
Value: 1632575567
pool.admedo.com/ Name: tuuid_lu
Value: 1632575567
.bidr.io/ Name: checkForPermission
Value: ok
.betweendigital.com/ Name: ut
Value: YU8gTwAOPIjCgdND-lzwWJO90On3dOCBfioxzQ==
.casalemedia.com/ Name: CMRUM3
Value: 27614f204f0b40&2d614f204f2760CAESENv6bS-zEYs8_ronTLUPGYA&29614f204f05a0&dd614f204f2760&e6614f204f2760&82614f204fa8c0&f1614f204f05a0&04614f204f27607252582830213713426&ce614f204f05a0
.pubmatic.com/ Name: SPugT
Value: 1632575567
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7252582830213713426
.pubmatic.com/ Name: PugT
Value: 1632575567
.adfarm1.adition.com/ Name: UserID1
Value: 7011858668534036631
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-no-consent

9 Console Messages

Source Level URL
Text
network error URL: https://ask.fm/altopeanut514
Message:
Failed to load resource: the server responded with a status of 410 (Gone)
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9407.d8J2rl4FBnTh7UFITl6Hy1RnKFf1dwPFqXrhB_4fcLWuRtxveJR0wLq6iv-KNtEbfZqfLdbHkXuJbSj2O1W68Q%2C%2C.wuZvn-hM2858jslVTn06-NrkBJs%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript error URL: https://ask.fm/altopeanut514
Message:
Access to XMLHttpRequest at 'https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc' (redirected from 'https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fask.fm%2Faltopeanut514&cb=1325996002&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C2225618525224100008109147015,,') from origin 'https://ask.fm' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://ask.fm/altopeanut514
Message:
Failed to load resource: the server responded with a status of 410 (Gone)
network error URL: https://ask.fm/altopeanut514
Message:
Failed to load resource: the server responded with a status of 410 (Gone)
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://an.yandex.ru/setud/adsniper/42d751cbed1f82cd?redir-setuniq=1&sign=3661354027
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7e1d5.v.fwmrm.net
a.audrte.com
a.tribalfusion.com
a.vidoomy.com
acdn.adnxs.com
ad.lkqd.net
ad.turn.com
ad4m.at
ads-eu.v.ssp.yahoo.com
ads.adaptv.advertising.com
ads.betweendigital.com
ads.creative-serving.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.vidoomy.com
adx.adform.net
aktrack.pubmatic.com
an.yandex.ru
ap.lijit.com
ask.fm
aud.pubmatic.com
bcp.crwdcntrl.net
c1.adform.net
cache.betweendigital.com
cdn.connectad.io
cdn.jsdelivr.net
cdn.stickyadstv.com
cm.adgrx.com
cm.g.doubleclick.net
cmp.optad360.io
colossalcoat.com
connect.facebook.net
cs.lkqd.net
csync.loopme.me
d16vsmxl4d5tw1.cloudfront.net
d3r6ceqp4shltl.cloudfront.net
d5p.de17a.com
dbq8hrmshvuto.cloudfront.net
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
esputnik.com
eus.rubiconproject.com
get.optad360.io
green.erne.co
gum.criteo.com
htlb.casalemedia.com
i.connectad.io
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
jadserve.postrelease.com
js-sec.indexww.com
loada.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
match.taboola.com
mc.yandex.com
mc.yandex.ru
ms.quantumdex.io
mug.criteo.com
mwzeom.zeotap.com
odr.mookie1.com
onetag-sys.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prg.smartadserver.com
pubmatic-match.dotomi.com
px.adhigh.net
r.scoota.co
rtb.gumgum.com
s.amazon-adsystem.com
s.tribalfusion.com
script.4dex.io
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
serving.stat-rock.com
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.adsafeprotected.com
stats.g.doubleclick.net
sync-eu.connectad.io
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.bumlam.com
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.quantumdex.io
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync3.adsniper.ru
sync3.sniperlog.ru
t.adx.opera.com
t.lkqd.net
token.rubiconproject.com
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
useast.quantumdex.io
v.lkqd.net
vid-io-cle.springserve.com
vid.pubmatic.com
vidoomy-d.openx.net
visitor.fiftyt.com
vop.sundaysky.com
vpaid.pubmatic.com
vpaid.springserve.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.tns-counter.ru
x.bidswitch.net
x01.aidata.io
ads.stickyadstv.com
c1.adform.net
cm.g.doubleclick.net
v.lkqd.net
104.109.78.125
141.95.3.40
142.250.186.130
146.20.132.143
146.20.132.148
146.20.132.52
146.59.148.16
147.75.38.124
151.101.130.49
151.101.65.108
151.101.65.44
151.139.128.11
151.236.71.82
154.59.122.79
159.253.128.188
159.65.196.12
162.55.6.211
173.231.180.197
178.162.133.149
178.250.2.146
178.250.2.151
18.156.0.31
18.159.118.206
18.185.243.227
184.31.84.150
185.183.112.148
185.29.134.248
185.33.220.242
185.33.221.89
185.64.189.114
185.64.189.229
185.64.190.75
185.64.190.78
185.64.190.80
185.86.138.121
185.94.180.124
188.165.4.142
193.138.77.146
193.232.148.149
2.18.233.180
2.18.234.21
2.18.234.233
2.19.35.65
2001:4de0:ac19::1:b:2a
2001:678:cb4:bbbb::11
2001:6d0:4001::226
209.54.177.54
213.155.156.185
213.19.147.45
216.52.2.39
23.111.200.118
2600:9000:223c:800:6:b871:4f00:93a1
2600:9000:223d:3a00:11:3771:2e40:21
2600:9000:223e:d400:13:811c:e440:21
2600:9000:2240:c200:15:6f6c:b180:93a1
2600:9000:2251:4800:c:d85b:b300:21
2600:9000:225e:c200:11:a4de:2580:93a1
2606:4700:10::6816:1857
2606:4700:10::ac43:2ac6
2606:4700:10::ac43:8ae
2606:4700:20::681a:ad1
2606:4700::6812:d05
2606:4700::6812:ea1
2607:ae80:5::49
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1288:110:c305::8000
2a00:1450:4001:827::200e
2a00:1450:4001:82b::2008
2a00:1450:400c:c08::9a
2a02:2638::1c
2a02:6b8::1:119
2a02:6b8::90
2a02:fa8:8806:16::1370
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:200::300
2a04:4e42::485
2a05:d018:ac8:b900:f121:163b:7bd1:59c
3.120.211.246
3.125.99.7
3.126.175.244
3.129.250.65
3.141.243.179
3.217.216.1
3.68.1.119
31.172.81.158
31.172.81.160
31.172.81.172
34.206.192.53
34.239.198.206
34.253.109.165
34.98.107.212
34.98.64.218
34.98.67.61
35.201.96.126
35.201.96.133
35.210.53.219
37.157.4.28
37.157.6.251
38.27.122.158
38.91.45.7
44.194.177.202
51.89.9.254
52.208.41.69
52.209.141.213
52.28.33.143
52.44.53.247
52.57.48.21
54.77.6.213
54.78.254.47
66.155.71.149
69.173.144.165
76.223.111.131
77.243.60.138
82.145.213.8
85.114.159.118
89.108.119.28
95.217.114.174
99.80.151.46
01f5caba89975bb90734854ce526fdcefe9133146131e4399bd6990bc403c856
04a5c3929b45f8cfac7fb2fb1da040c0025cc14c915d06998341df2478a0d3b8
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540
07d140e4095dbf0e94f48de1afe2802a5ca80294391021e5eb3d179008e3c154
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
0a76103406e7e58113441df8f2771a0f85544abb8f4abbf2ada5639b7326b659
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c5fc75c7cc27f9fce0ab8932a7603dfd821a401816c869eb3c3f3c7df375ec6
0d6e6632c1c470267effb425ec149b9354d6d6a7da858f8be7d927045eb02605
0df33bbf056c61ab7c3c2d0bbfe612a27d73899ff4e9379a65592d3894209531
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad
105c64b2f4e05e10b46c300fe20b3f437ef3d5001aba724b0afce53df1aa49ea
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
113f17542ae43f85306f3653ec999bdabbae32a971c1619d4a7582605d4d932f
13f351236eb5f443736b5b6fa5ce23460e0a12d82722840fea865c90fb0ca947
142613c9f77bca8b28ce502b83a412e3b65e3f7cf39779d2574a0c84beea34d6
1749a7be158b3b2b580581409bfb965170d3d6bda8300e4e72798ffd0c520c98
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18a1792b88ac5d490a1f628c3f1aca8f9914e93d27b92473430cb895f5d950f9
1afc2b50436db59bfc667a608d21b51d7865628c8e20dfb816648ea2bb702a93
1bc00bb1c55ec57faf9147bc31e205478a39ff0f5c4077ea8e61cbddbb1b7c99
2159cce3f11b76a8e92d490b1dfa6c5e7acd330eb75d44ff3dfbe9107229d81a
229114c7da680c5754f79632cbcc36bdf0832ee6ff95a957eb59591f7bb03500
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
2740851a1e6c573874a0cb754f3b92e4ffb10ad970fae81d205a599861ad3137
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ae66a14d2719ef431b2a12c42371178f9106a06e2d77ca73aaf94c42708aba7
2bbe871c732e3d6a80d1c16d299bb5359048c2455d6afb8c53df852be0ca7fa4
2de6a5c68add58b2ecece8047495cca72871b4155e9d701d45e9620d44160ead
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e2728871d2db7221ba4cd4da8276a18585d040267ecff505fe470b5dc86dd68
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30a39ee37659a4d38954b8fb0ed164bf5ee9114aa32cf5c64f7e790fb08b844a
30b0f5ab04d24ee07e8852dfd155fe964e0c8ee1d2efdc2c06fa88450cbc48db
314f77ceb6eeb867506034066927d975a3619c9decd8a952150949f822e1d6ff
32d509af247e77213914f337d5aca5a56c0b7fcb3888821d4c2cfd68a7d2e851
32e9e6a1294468cc9af289c7c429fe80926e23c3074012d07bb424cf135aa11b
33ad61b981423855627cbdbb04d5af871f33b2ab236b4a83677af032f3ab4988
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e7b9152d32734b5c103b914373802fb284954be73b0669814be4999a7d52dc0
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
439227d8c9740ccbc415a8d9523451590f46b4c52ad72fecfdfabc40b0b9f774
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
473f9af2c2b3673ff53946714c6fa377298cdfd1b440b76f672d54c47653b9ef
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49cd4f02b93e35a05cd40e73e37f9a9b48e35b67c983f4b2fc737eaa46f18617
4aece76c8b53523abc6c7642fe7c2d2cd075cad799c92eea09356ceeae2d12b4
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316
4e7319f8ff0f923e2ce6a2f45f74e44bbf0dfadea838622f297f2af25d9999e9
4f3552801b441666b9d584a2f7170a21117877d1b8127e4aed9ebb10e14be1ca
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50e7a60f0aa95603153f4e8ec767944faab373fb81ddc545b3f2f971b0b559df
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55f985c3d95828387a6f6b849967cca181390bee6da483faa8ee301b871c5e0e
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
5e478cfc8a02406a1d4faa9ef917ed50aeda52efa3baa501357cf56c382e5db9
5f92887259fd8c11e568ccffd8e8027bc11621beb41f858b3a5a604974d83c9b
624e3a8a4fccdc7226542878c9e3332b48be58c42e4c7215494d24ea9d6555d7
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27
64c7407a3b9548eec5138fc967b065c1df48b277bf8436496c2bf871f8a4cef3
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
68bbd771eecb76f98639a65674facba6df78abad6550a712aff0d30fefe11c71
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bb357f0dfb332bb81d3cbd3854e2dd6173964ebd57892914a506f89db45176d
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
6ddb1c007f4d1d0158b68c9c17475e0e10e92ed653e2a802aaed0d9738b18476
6ebbbdec0dd6bbb6788f0c94a09553e234b389bb97ac8814c40b3c5bb1a7499b
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
7a2b9a9375f9ea27cb98d1bcd8181da509b505992571d8d58833cc9e0abba4ce
7bedefffcf02838a79a044b192451f43c6c255a0eab0f1609eeab221e8e12d4d
7cb4560c15852d4f239dbe2b2fb095b3e1dcd15086b7a4307d42ae1e6c20c139
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5
7e05d93a1d37f503d61a6549642faf2b4d8088ce93651e6ce3f26e3a931db647
7eaac54d73762c2abae7d0bc38738444aa75b28aa57bfb923882a9fba7f73f4c
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7fef164b42aecb550a407034cf9da06181795d563ec381c01153dc743bbb35a6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
86a90b183aecfa70018125329bdc860971b2f20123c0f40e68bac0a1dcb58645
8ce174fc34969d02274382ec6da5a274b254802c3814de6971de6ec349c7dd6c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d766a9a8cba29e030ed823e1cb7797fe855542c31cfa6e8786738cc4ee9172c
8dce90c8d06a68d557afc87d1783527292438bda3950121393107dcb663dae07
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
903bc9d65c961b9bd151aacfdc026226b0888b0c3bab67dfff1e103f6628defd
90878add0232efa0532afebc50d4be90776d9a7b1fde5abe9a67d60a9ee1a66d
93ac3ea7b416e629030cc10f62f72533869a5679a1e2b4c20106ab6ff90d1e89
93cff6995d60ec3d36611f197cbf8bdcde74aa2e62d6091fe877d0e5055346c8
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
95e7cdf926f95f951c9a69cddc9580b4f04d2723c1d4955b6feb60171d1d3f9f
98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99de1d50a2476ef2e1ccd8f8ea6102fbb9bccfba323d5cf6e2e8e2b49382b0c5
9b7b3d9f9d512f4864f68406b7e59f1029052becc44de0d456f8c65345f9e258
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a08aba11eb61d250c65f1ce34b25789f47e322460a0ba713c42b6ba2748610e4
a1e61e25a8d3c73dc3a12335b46289e342350862e3bd84102ae4634fe36b6809
a2a99b63ce445487b07d30f5aafc926e52180947cd156027c3e98cd9bad97427
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a4e2bf2da0da000436ea0e355dfd3a4c2e8da9195db519512fe8c6dc312033e2
a54b6501010a2a11a342b7f1459a10336ce2b96a98c523c015de676203f1e282
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ad197b69029f51b0fda3a18915d39d375430b314eb82551e5388120efa1e108f
adbc9685db0316498266b865741db1abdf081c46302e93cd65c92dd641cff408
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b570d38ee9fb9d3c62cdd3395021b23cf0c1b8d6e55aa0f4c31496723a30c202
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2
b6bdf5541c4de4f4aebb17419bc7fc9bd406b1785729f912bd4b5138f0ef9803
b778c62f390b73ce29f7bea74b16c242a5b8c70c2429a6ebf918ee313ab8f8d7
b7e6cef2761bf01e8659ae76d9783100e16d3b893510ab94a6e2ac7eb40377fc
b81f4c7a44abb261a20210f925bf126d839d0e730d34976f5deae7e13bb6f295
b83d2ea80784c796b721c442b1a443b6c4a44a483bec7d9559c52e9e295a260c
b8918cf58614d09642498594f4a082de9eb9b07df0419fd70acd1207b79da8de
ba6ea4d92a71a77082b60c3541215068fe83a64339a48725f91b5f7a44ca0650
bc48ed93567fdd17b88530b500a6e8f04fc3060039be1f962c399e15c75c990c
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
c0c98b6e944165a7d7541eb7a6aee5e3ccfa60afd9a20ccccd63b00832c9ee33
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c325f1778c0ee3e96d486ec7f8a42be00abcbc8021ab2f3895cb9e3e32b3baa1
c49180dd4513722816e22e64008fa55999b34dce5eea9c0f6ec1a68544fb240e
c554bac50b53c2727fba8263520eefa48b3cd84500878309dd5d24f7ada47bb1
c6dc5ae6970d1eb42628f77cddb9fbec3bbe5f5d68f7d5bd4de57d7090e00159
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb5f6cd5f76e896701dee7fafda790aba483b7f9807c6b1fadadf6fee2429357
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d82c4f6cf5fc74227860fbeafbd157a5e5205f761cc1285b3d427a48ce6658a3
d9223317540e41ae188075f793640d1251a6c92d22dca8195b231a14e1203d29
d94086f66bff1b88f20ab11646cc44d6c85e20d701c44ebb1da3f340227ac694
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dec9b1658814521902f86d8ba736b2e32de4fc3642069815e0a7d852f0ca9383
df1a70cfdd7e2672bc7cce12b5bece1e6bbc6339d2b6a96c9b7d262c880f4b51
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8
f35eb63af5172e2882f9880d0668b3517869ae1dcf15cec3b5b4ebd506ffb544
f5daebcd751b921440ab5818108ea8c2cbc3e54e7591be583271e54c2725cf5f
fb1a05bfb600c2fdb8e9c607fceac93b27cb4bad0bc9fdce329c85015ea63771
fc33f6ee19c23a5e87c5e5a4d03942bc814f36792b9a87b5bb7329db74edac8c
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62