urlscan.io logo urlscan.io
SecurityTrails logo

ask.fm Open in urlscan Pro
193.138.77.144  Public Scan

Go To Rescan Add Verdict Report
URL: https://ask.fm/dimpleleaf174
Submission: On September 25 via manual from GB — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 83 IPs in 14 countries across 90 domains to perform 289 HTTP transactions. The main IP is 193.138.77.144, located in Latvia and belongs to ASK-FM, US. The main domain is ask.fm.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on September 15th 2021. Valid for: a year.
This is the only time ask.fm was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 193.138.77.144 395754 (ASK-FM)
6 143.204.101.57 16509 (AMAZON-02)
1 3.129.250.65 16509 (AMAZON-02)
3 35.201.96.133 15169 (GOOGLE)
1 63.33.134.133 16509 (AMAZON-02)
3 10 77.88.21.119 13238 (YANDEX)
19 143.204.101.224 16509 (AMAZON-02)
6 143.204.101.165 16509 (AMAZON-02)
1 52.19.174.220 16509 (AMAZON-02)
8 151.139.128.11 20446 (HIGHWINDS3)
3 3 66.155.71.25 13768 (COGECO-PEER1)
1 1 34.254.143.3 16509 (AMAZON-02)
2 2 35.227.248.159 15169 (GOOGLE)
3 3.123.90.134 16509 (AMAZON-02)
1 3 143.204.98.125 16509 (AMAZON-02)
11 11 18.194.4.47 16509 (AMAZON-02)
2 2 35.210.53.219 15169 (GOOGLE)
4 4 213.19.147.44 3356 (LEVEL3)
3 4 13.248.242.197 16509 (AMAZON-02)
4 18 2.18.234.233 16625 (AKAMAI-AS)
7 146.20.132.69 27357 (RACKSPACE)
10 19 146.20.128.78 27357 (RACKSPACE)
7 14 142.250.184.226 15169 (GOOGLE)
1 3 47.252.78.131 45102 (CNNIC-ALI...)
2 2 8.2.110.134 46636 (NATCOWEB)
2 34.246.212.58 16509 (AMAZON-02)
4 4 46.228.164.11 56396 (AMOBEE)
22 146.20.132.94 27357 (RACKSPACE)
1 1 54.209.16.83 14618 (AMAZON-AES)
1 1 34.107.184.81 15169 (GOOGLE)
2 193.0.160.128 54312 (ROCKETFUEL)
2 2 104.18.12.5 13335 (CLOUDFLAR...)
4 4 52.17.150.98 16509 (AMAZON-02)
6 37.157.6.252 198622 (ADFORM)
2 185.94.180.124 35220 (SPOTX-AMS)
4 5 35.159.45.88 16509 (AMAZON-02)
2 4 212.82.100.176 34010 (YAHOO-IRD)
4 4 54.93.133.131 16509 (AMAZON-02)
4 7 3.126.56.137 16509 (AMAZON-02)
1 3 34.98.64.218 15169 (GOOGLE)
2 31.13.92.14 32934 (FACEBOOK)
1 142.250.184.200 15169 (GOOGLE)
1 143.204.98.119 16509 (AMAZON-02)
2 143.204.98.6 16509 (AMAZON-02)
1 31.13.92.36 32934 (FACEBOOK)
2 142.250.184.238 15169 (GOOGLE)
1 172.253.120.154 15169 (GOOGLE)
2 178.250.0.157 44788 (ASN-CRITE...)
1 104.16.86.20 13335 (CLOUDFLAR...)
2 104.18.15.161 13335 (CLOUDFLAR...)
1 184.31.84.150 16625 (AKAMAI-AS)
1 185.86.138.32 201081 (SMARTADSE...)
4 15 37.252.173.27 29990 (ASN-APPNEX)
1 8 96.46.186.57 7979 (SERVERS-COM)
1 12 104.22.57.126 13335 (CLOUDFLAR...)
3 104.22.55.206 13335 (CLOUDFLAR...)
6 147.75.38.124 54825 (PACKET)
5 51.89.9.254 16276 (OVH)
1 143.204.98.82 16509 (AMAZON-02)
7 2.18.233.180 16625 (AKAMAI-AS)
2 185.64.190.78 62713 (AS-PUBMATIC)
3 5 37.157.2.239 198622 (ADFORM)
2 2 213.155.156.182 1299 (TWELVE99 ...)
1 15 185.64.190.80 62713 (AS-PUBMATIC)
1 178.250.0.163 44788 (ASN-CRITE...)
3 3 185.29.134.248 30419 (MEDIAMATH...)
2 185.64.189.114 62713 (AS-PUBMATIC)
1 169.50.137.190 36351 (SOFTLAYER)
1 2 91.228.74.133 16509 (AMAZON-02)
1 185.64.190.75 62713 (AS-PUBMATIC)
1 3.128.15.210 16509 (AMAZON-02)
4 205.185.216.10 20446 (HIGHWINDS3)
1 4 52.46.154.242 16509 (AMAZON-02)
6 95.217.114.174 24940 (HETZNER-AS)
2 2.18.232.130 16625 (AKAMAI-AS)
3 12 2.18.234.21 16625 (AKAMAI-AS)
4 4 72.251.249.13 29791 (VOXEL-DOT...)
2 2 193.232.148.141 48061 (UMA-TECH-AS)
7 8 31.172.81.160 44066 (DE-FIRSTC...)
1 151.236.71.82 204720 (CDNETWORKS)
1 35.171.36.131 ()
1 35.244.174.68 15169 (GOOGLE)
1 1 198.148.27.140 19189 (PULSEPOINT)
1 1 185.183.112.148 60350 (VP)
2 2 135.125.160.160 16276 (OVH)
2 178.162.133.149 60781 (LEASEWEB-...)
1 2 51.89.42.88 16276 (OVH)
1 1 35.158.223.21 16509 (AMAZON-02)
1 37.252.173.215 29990 (ASN-APPNEX)
1 52.18.12.237 16509 (AMAZON-02)
1 1 52.205.151.180 ()
1 52.30.200.197 ()
1 192.132.33.46 ()
1 1 85.114.159.93 24961 (MYLOC-AS ...)
1 185.86.137.133 ()
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.229 ()
1 2 77.243.60.138 42697 (NETIC-AS)
1 104.22.25.87 13335 (CLOUDFLAR...)
1 2 3.213.248.174 ()
1 63.215.202.137 41041 (VCLK-EU-SE)
2 2 151.101.2.49 54113 (FASTLY)
1 1 159.65.197.210 14061 (DIGITALOC...)
1 1 49.12.13.182 ()
2 18.158.198.224 ()
2 2 89.108.119.43 ()
1 1 31.172.81.172 ()
1 1 2.19.35.65 ()
2 104.109.78.125 ()
1 69.173.144.165 ()
1 2 194.226.130.227 ()
1 172.67.8.174 ()
289 83
3    193.138.77.144 (Latvia)

ASN395754 (ASK-FM, US)
ask.fm
6    143.204.101.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-57.fra50.r.cloudfront.net
d3r6ceqp4shltl.cloudfront.net
1    3.129.250.65 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-129-250-65.us-east-2.compute.amazonaws.com
ads.vidoomy.com
3    35.201.96.133 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 133.96.201.35.bc.googleusercontent.com
colossalcoat.com
1    63.33.134.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-134-133.eu-west-1.compute.amazonaws.com
esputnik.com
10    77.88.21.119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru
mc.yandex.ru
mc.yandex.com
19    143.204.101.224 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-224.fra50.r.cloudfront.net
d16vsmxl4d5tw1.cloudfront.net
6    143.204.101.165 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-165.fra50.r.cloudfront.net
dbq8hrmshvuto.cloudfront.net
1    52.19.174.220 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-174-220.eu-west-1.compute.amazonaws.com
static.adsafeprotected.com
8    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
ad.lkqd.net
3    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
loadm.exelator.com
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
3    3.123.90.134 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-90-134.eu-central-1.compute.amazonaws.com
a.vidoomy.com
3    143.204.98.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-125.fra50.r.cloudfront.net
sb.scorecardresearch.com
11    18.194.4.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-4-47.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    35.210.53.219 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
4    213.19.147.44 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
4    13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
18    2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
7    146.20.132.69 (United States)

ASN27357 (RACKSPACE, US)
v.lkqd.net
19    146.20.128.78 (United States)

ASN27357 (RACKSPACE, US)
cs.lkqd.net
14    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
cm.g.doubleclick.net
3    47.252.78.131 (United States)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)
event.clientgear.com
2    8.2.110.134 (United States)

ASN46636 (NATCOWEB, US)
cs.krushmedia.com
2    34.246.212.58 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-212-58.eu-west-1.compute.amazonaws.com
c.deployads.com
4    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
22    146.20.132.94 (United States)

ASN27357 (RACKSPACE, US)
t.lkqd.net
1    54.209.16.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-16-83.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    34.107.184.81 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 81.184.107.34.bc.googleusercontent.com
nxd.adhaven.com
2    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    104.18.12.5 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
4    52.17.150.98 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-150-98.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
6    37.157.6.252 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
adx.adform.net
2    185.94.180.124 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
5    35.159.45.88 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-159-45-88.eu-central-1.compute.amazonaws.com
ads.adaptv.advertising.com
4    212.82.100.176 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: pr-bh-ing.pbp.vip.ir2.yahoo.com
pr-bh.ybp.yahoo.com
4    54.93.133.131 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-133-131.eu-central-1.compute.amazonaws.com
pixel.advertising.com
7    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
vidoomy-d.openx.net
2    31.13.92.14 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frt3.fbcdn.net
connect.facebook.net
1    142.250.184.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net
www.googletagmanager.com
1    143.204.98.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-119.fra50.r.cloudfront.net
cmp.optad360.io
2    143.204.98.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-6.fra50.r.cloudfront.net
get.optad360.io
1    31.13.92.36 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-frt3.facebook.com
www.facebook.com
2    142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net
www.google-analytics.com
1    172.253.120.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wd-in-f154.1e100.net
stats.g.doubleclick.net
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    104.16.86.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    104.18.15.161 (None, )

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
1    185.86.138.32 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
15    37.252.173.27 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
8    96.46.186.57 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
12    104.22.57.126 (None, )

ASN13335 (CLOUDFLARENET, US)
useast.quantumdex.io
sync.quantumdex.io
ms.quantumdex.io
3    104.22.55.206 (None, )

ASN13335 (CLOUDFLARENET, US)
i.connectad.io
cdn.connectad.io
sync-eu.connectad.io
6    147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
5    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
1    143.204.98.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-82.fra50.r.cloudfront.net
vpaid.springserve.com
7    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
vpaid.pubmatic.com
ads.pubmatic.com
aktrack.pubmatic.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
5    37.157.2.239 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    213.155.156.182 (Uppsala, Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-182.teliacarrier-cust.com
d5p.de17a.com
15    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
3    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
1    169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
2    91.228.74.133 (United Kingdom)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
cms.quantserve.com
1    185.64.190.75 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
vid.pubmatic.com
1    3.128.15.210 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-128-15-210.us-east-2.compute.amazonaws.com
vid-io-cle.springserve.com
4    205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net
cdn.stickyadstv.com
4    52.46.154.242 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
6    95.217.114.174 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: ap10.adplayer.pro
serving.stat-rock.com
2    2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com
acdn.adnxs.com
12    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
4    72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
2    193.232.148.141 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp2.sender.ltmse.com
px.adhigh.net
8    31.172.81.160 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
sync3.adsniper.ru
1    151.236.71.82 (Moscow, Russian Federation)

ASN204720 (CDNETWORKS, RU)
cache.betweendigital.com
1    35.171.36.131 (None, )

ASN- ()
rtb.adentifi.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    185.183.112.148 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
2    135.125.160.160 (France)

ASN16276 (OVH, FR)
PTR: ns3198892.ip-135-125-160.eu
gu.dyntrk.com
2    178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
2    51.89.42.88 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p27.id5-sync.com
id5-sync.com
1    35.158.223.21 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-223-21.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    52.18.12.237 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-12-237.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    52.205.151.180 (None, )

ASN- ()
nep.advangelists.com
1    52.30.200.197 (None, )

ASN- ()
dpm.demdex.net
1    192.132.33.46 (None, )

ASN- ()
bttrack.com
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    185.86.137.133 (None, )

ASN- ()
rtb-csync.smartadserver.com
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    185.64.189.229 (None, )

ASN- ()
aud.pubmatic.com
2    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    104.22.25.87 (None, )

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    3.213.248.174 (None, )

ASN- ()
a.audrte.com
1    63.215.202.137 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams01-usadmm.dotomi.com
pubmatic-match.dotomi.com
2    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    49.12.13.182 (None, )

ASN- ()
bidswitch-eu.splicky.com
2    18.158.198.224 (None, )

ASN- ()
ads-eu.v.ssp.yahoo.com
2    89.108.119.43 (None, )

ASN- ()
x01.aidata.io
1    31.172.81.172 (None, )

ASN- ()
sync3.sniperlog.ru
1    2.19.35.65 (None, )

ASN- ()
secure-assets.rubiconproject.com
2    104.109.78.125 (None, )

ASN- ()
eus.rubiconproject.com
1    69.173.144.165 (None, )

ASN- ()
token.rubiconproject.com
2    194.226.130.227 (None, )

ASN- ()
www.tns-counter.ru
1    172.67.8.174 (None, )

ASN- ()
sync-eu.connectad.io
Apex Domain
Subdomains		 Transfer
56 lkqd.net
ad.lkqd.net
v.lkqd.net
cs.lkqd.net
t.lkqd.net
224 KB
31 cloudfront.net
d3r6ceqp4shltl.cloudfront.net
d16vsmxl4d5tw1.cloudfront.net
dbq8hrmshvuto.cloudfront.net
693 KB
28 pubmatic.com
vpaid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
simage2.pubmatic.com
vid.pubmatic.com
aktrack.pubmatic.com
aud.pubmatic.com
94 KB
22 stickyadstv.com
ads.stickyadstv.com
cdn.stickyadstv.com
300 KB
18 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
48 KB
15 doubleclick.net
cm.g.doubleclick.net
stats.g.doubleclick.net
3 KB
13 yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
ads-eu.v.ssp.yahoo.com
11 KB
12 quantumdex.io
useast.quantumdex.io
sync.quantumdex.io
ms.quantumdex.io
2 KB
11 casalemedia.com
htlb.casalemedia.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
13 KB
11 adform.net
adx.adform.net
c1.adform.net
6 KB
11 bidswitch.net
x.bidswitch.net
5 KB
9 betweendigital.com
ads.betweendigital.com
cache.betweendigital.com
7 KB
9 advertising.com
ads.adaptv.advertising.com
pixel.advertising.com
5 KB
8 yandex.com
mc.yandex.com
2 KB
6 bumlam.com
sync.bumlam.com
3 KB
6 stat-rock.com
serving.stat-rock.com
97 KB
6 a-mo.net
prebid.a-mo.net
1 KB
5 onetag-sys.com
onetag-sys.com
3 KB
4 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
11 KB
4 lijit.com
ap.lijit.com
2 KB
4 amazon-adsystem.com
s.amazon-adsystem.com
2 KB
4 connectad.io
i.connectad.io
cdn.connectad.io
sync-eu.connectad.io
2 KB
4 bidr.io
match.prod.bidr.io
2 KB
4 turn.com
ad.turn.com
2 KB
4 adsrvr.org
match.adsrvr.org
2 KB
4 vidoomy.com
ads.vidoomy.com
a.vidoomy.com
7 KB
3 mathtag.com
sync.mathtag.com
2 KB
3 criteo.com
gum.criteo.com
dis.criteo.com
924 B
3 optad360.io
cmp.optad360.io
get.optad360.io
565 KB
3 openx.net
vidoomy-d.openx.net
1010 B
3 clientgear.com
event.clientgear.com
430 B
3 1rx.io
sync.1rx.io
2 KB
3 scorecardresearch.com
sb.scorecardresearch.com
1 KB
3 sitescout.com
pixel-sync.sitescout.com
2 KB
3 colossalcoat.com
colossalcoat.com
30 KB
3 ask.fm
ask.fm
43 KB
2 tns-counter.ru
www.tns-counter.ru
706 B
2 aidata.io
x01.aidata.io
1 KB
2 audrte.com
a.audrte.com
2 KB
2 semasio.net
uipglob.semasio.net
1 KB
2 fiftyt.com
visitor.fiftyt.com
1 KB
2 id5-sync.com
id5-sync.com
3 KB
2 sonobi.com
sync.go.sonobi.com
1 KB
2 dyntrk.com
gu.dyntrk.com
850 B
2 adsniper.ru
sync3.adsniper.ru
1 KB
2 adhigh.net
px.adhigh.net
823 B
2 indexww.com
js-sec.indexww.com
2 KB
2 everesttech.net
sync-tm.everesttech.net Failed
742 B
2 quantserve.com
pixel.quantserve.com
cms.quantserve.com
752 B
2 de17a.com
d5p.de17a.com
637 B
2 springserve.com
vpaid.springserve.com
vid-io-cle.springserve.com
87 KB
2 smartadserver.com
prg.smartadserver.com
rtb-csync.smartadserver.com
2 KB
2 4dex.io
script.4dex.io
22 KB
2 google-analytics.com
www.google-analytics.com
20 KB
2 facebook.net
connect.facebook.net
77 KB
2 spotxchange.com
search.spotxchange.com
2 KB
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 rfihub.com
p.rfihub.com
1 KB
2 deployads.com
c.deployads.com
569 B
2 krushmedia.com
cs.krushmedia.com
1 KB
2 admedo.com
pool.admedo.com
718 B
2 tapad.com
pixel.tapad.com
951 B
2 yandex.ru
mc.yandex.ru
65 KB
1 sniperlog.ru
sync3.sniperlog.ru
260 B
1 splicky.com
bidswitch-eu.splicky.com
221 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 zeotap.com
mwzeom.zeotap.com
454 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 bttrack.com
bttrack.com
380 B
1 demdex.net
dpm.demdex.net
1 advangelists.com
nep.advangelists.com
232 B
1 crwdcntrl.net
bcp.crwdcntrl.net
264 B
1 sharethrough.com
match.sharethrough.com
240 B
1 adotmob.com
sync.adotmob.com
689 B
1 contextweb.com
bh.contextweb.com
393 B
1 rlcdn.com
idsync.rlcdn.com
66 B
1 adentifi.com
rtb.adentifi.com
88 B
1 simpli.fi
um.simpli.fi
611 B
1 jsdelivr.net
cdn.jsdelivr.net
1 KB
1 facebook.com
www.facebook.com
313 B
1 googletagmanager.com
www.googletagmanager.com
40 KB
1 adhaven.com
nxd.adhaven.com
244 B
1 stackadapt.com
sync.srv.stackadapt.com
595 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
481 B
1 exelator.com
loadm.exelator.com
605 B
1 adsafeprotected.com
static.adsafeprotected.com
259 B
1 esputnik.com
esputnik.com
11 KB
0 ipredictive.com Failed
sync.ipredictive.com Failed
0 onaudience.com Failed
pixel.onaudience.com Failed
289 90
Domain Requested by
22 t.lkqd.net ad.lkqd.net
19 cs.lkqd.net 10 redirects ad.lkqd.net
19 d16vsmxl4d5tw1.cloudfront.net ask.fm
18 ads.stickyadstv.com 4 redirects ask.fm
ad.lkqd.net
vpaid.springserve.com
cdn.stickyadstv.com
15 ib.adnxs.com 4 redirects get.optad360.io
vpaid.springserve.com
acdn.adnxs.com
14 cm.g.doubleclick.net 7 redirects ad.lkqd.net
ask.fm
ssum-sec.casalemedia.com
sync.quantumdex.io
11 x.bidswitch.net 11 redirects
10 sync.quantumdex.io get.optad360.io
sync.quantumdex.io
ssum-sec.casalemedia.com
ads.pubmatic.com
8 simage2.pubmatic.com ads.pubmatic.com
8 ads.betweendigital.com 1 redirects get.optad360.io
ads.betweendigital.com
8 ad.lkqd.net ask.fm
ad.lkqd.net
8 mc.yandex.com 2 redirects ask.fm
mc.yandex.ru
7 image2.pubmatic.com 1 redirects ads.pubmatic.com
7 ups.analytics.yahoo.com 4 redirects ssum-sec.casalemedia.com
7 v.lkqd.net ad.lkqd.net
6 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
6 sync.bumlam.com 5 redirects
6 serving.stat-rock.com get.optad360.io
6 prebid.a-mo.net get.optad360.io
6 adx.adform.net ad.lkqd.net
get.optad360.io
6 dbq8hrmshvuto.cloudfront.net ask.fm
6 d3r6ceqp4shltl.cloudfront.net ask.fm
d3r6ceqp4shltl.cloudfront.net
5 c1.adform.net 3 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
5 onetag-sys.com get.optad360.io
sync.quantumdex.io
cache.betweendigital.com
5 ads.adaptv.advertising.com 4 redirects vpaid.springserve.com
4 ap.lijit.com 4 redirects
4 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
4 cdn.stickyadstv.com ad.lkqd.net
cdn.stickyadstv.com
4 ads.pubmatic.com vpaid.pubmatic.com
ads.pubmatic.com
sync.quantumdex.io
4 pixel.advertising.com 4 redirects
4 pr-bh.ybp.yahoo.com 2 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
4 match.prod.bidr.io 4 redirects
4 ad.turn.com 4 redirects
4 match.adsrvr.org 3 redirects ssum-sec.casalemedia.com
3 sync.mathtag.com 3 redirects
3 vidoomy-d.openx.net 1 redirects ad.lkqd.net
3 event.clientgear.com 1 redirects ad.lkqd.net
3 sync.1rx.io 3 redirects
3 sb.scorecardresearch.com 1 redirects ask.fm
3 a.vidoomy.com ask.fm
3 pixel-sync.sitescout.com 3 redirects
3 colossalcoat.com ask.fm
colossalcoat.com
3 ask.fm serving.stat-rock.com
2 www.tns-counter.ru 1 redirects
2 eus.rubiconproject.com cache.betweendigital.com
eus.rubiconproject.com
2 x01.aidata.io 2 redirects
2 ads-eu.v.ssp.yahoo.com
2 a.audrte.com 1 redirects ads.pubmatic.com
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 visitor.fiftyt.com 2 redirects
2 id5-sync.com 1 redirects sync.quantumdex.io
2 sync.go.sonobi.com sync.quantumdex.io
2 gu.dyntrk.com 2 redirects
2 sync3.adsniper.ru 2 redirects
2 px.adhigh.net 2 redirects
2 sync-eu.connectad.io cdn.connectad.io
2 ssum-sec.casalemedia.com js-sec.indexww.com
sync.quantumdex.io
2 ssum.casalemedia.com 2 redirects
2 js-sec.indexww.com get.optad360.io
ssum-sec.casalemedia.com
2 acdn.adnxs.com get.optad360.io
2 sync-tm.everesttech.net
2 image4.pubmatic.com ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 image6.pubmatic.com ads.pubmatic.com
2 vpaid.pubmatic.com vpaid.springserve.com
blank
2 script.4dex.io get.optad360.io
script.4dex.io
2 gum.criteo.com get.optad360.io
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 get.optad360.io d3r6ceqp4shltl.cloudfront.net
get.optad360.io
2 connect.facebook.net d3r6ceqp4shltl.cloudfront.net
connect.facebook.net
2 search.spotxchange.com ad.lkqd.net
2 p.rfihub.com ad.lkqd.net
2 c.deployads.com ad.lkqd.net
2 cs.krushmedia.com 2 redirects
2 pool.admedo.com 2 redirects
2 pixel.tapad.com 2 redirects
2 mc.yandex.ru 1 redirects d3r6ceqp4shltl.cloudfront.net
1 token.rubiconproject.com eus.rubiconproject.com
1 secure-assets.rubiconproject.com 1 redirects
1 sync3.sniperlog.ru 1 redirects
1 bidswitch-eu.splicky.com 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 aud.pubmatic.com ads.pubmatic.com
1 rtb-csync.smartadserver.com ads.pubmatic.com
1 dsp.adfarm1.adition.com 1 redirects
1 bttrack.com ssum-sec.casalemedia.com
1 dpm.demdex.net ssum-sec.casalemedia.com
1 nep.advangelists.com 1 redirects
1 bcp.crwdcntrl.net ssum-sec.casalemedia.com
1 secure.adnxs.com ssum-sec.casalemedia.com
1 ms.quantumdex.io 1 redirects
1 match.sharethrough.com 1 redirects
1 sync.adotmob.com 1 redirects
1 bh.contextweb.com 1 redirects
1 idsync.rlcdn.com ad.lkqd.net
1 rtb.adentifi.com ad.lkqd.net
1 cms.quantserve.com ad.lkqd.net
1 cache.betweendigital.com ads.betweendigital.com
1 cdn.connectad.io get.optad360.io
1 vid-io-cle.springserve.com vpaid.springserve.com
1 aktrack.pubmatic.com
1 vid.pubmatic.com vpaid.pubmatic.com
1 pixel.quantserve.com 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 dis.criteo.com ads.pubmatic.com
1 vpaid.springserve.com ad.lkqd.net
1 i.connectad.io get.optad360.io
1 useast.quantumdex.io get.optad360.io
1 prg.smartadserver.com get.optad360.io
1 htlb.casalemedia.com get.optad360.io
1 cdn.jsdelivr.net get.optad360.io
1 stats.g.doubleclick.net www.google-analytics.com
1 www.facebook.com
1 cmp.optad360.io d3r6ceqp4shltl.cloudfront.net
1 www.googletagmanager.com d3r6ceqp4shltl.cloudfront.net
1 s.tribalfusion.com 1 redirects
1 a.tribalfusion.com 1 redirects
1 nxd.adhaven.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 loadm.exelator.com 1 redirects
1 static.adsafeprotected.com ask.fm
1 esputnik.com ask.fm
1 ads.vidoomy.com ask.fm
0 sync.ipredictive.com Failed
0 pixel.onaudience.com Failed ads.pubmatic.com
289 128

This site contains links to these domains. Also see Links.

Domain
about.ask.fm
safety.ask.fm
support.ask.fm
www.facebook.com
instagram.com
twitter.com
vk.com
Subject Issuer Validity Valid
*.ask.fm
AlphaSSL CA - SHA256 - G2		 2021-09-15 -
2022-10-17		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2021-08-06 -
2022-09-05		 a year crt.sh
colossalcoat.com
R3		 2021-09-11 -
2021-12-10		 3 months crt.sh
*.esputnik.com
Sectigo RSA Domain Validation Secure Server CA		 2019-11-28 -
2021-11-27		 2 years crt.sh
mc.yandex.ru
Yandex CA		 2021-07-28 -
2022-01-07		 5 months crt.sh
static.adsafeprotected.com
Amazon		 2021-01-06 -
2022-02-04		 a year crt.sh
ad.lkqd.net
R3		 2021-07-25 -
2021-10-23		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
ads.stickyadstv.com
DigiCert SHA2 Secure Server CA		 2021-09-19 -
2022-09-20		 a year crt.sh
*.lkqd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-09 -
2022-07-14		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.clientgear.com
Go Daddy Secure Certificate Authority - G2		 2020-12-24 -
2022-01-25		 a year crt.sh
*.deployads.com
Amazon		 2021-06-04 -
2022-07-03		 a year crt.sh
*.rfihub.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-18 -
2022-06-18		 2 years crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2021-03-10 -
2022-03-29		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-17 -
2022-02-09		 6 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-09 -
2021-12-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.optad360.io
Amazon		 2020-12-17 -
2022-01-15		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-03 -
2022-07-02		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-19 -
2021-12-20		 a year crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2021-05-16 -
2022-05-15		 a year crt.sh
*.a-mo.net
R3		 2021-07-16 -
2021-10-14		 3 months crt.sh
onetag-sys.com
R3		 2021-07-26 -
2021-10-24		 3 months crt.sh
*.springserve.com
Amazon		 2021-04-30 -
2022-05-29		 a year crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-05-24 -
2021-11-17		 6 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.stickyadstv.com
DigiCert SHA2 High Assurance Server CA		 2019-11-25 -
2022-02-18		 2 years crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
serving.stat-rock.com
R3		 2021-08-22 -
2021-11-20		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh
cache.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2019-11-08 -
2022-02-05		 2 years crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
*.id5-sync.com
R3		 2021-07-13 -
2021-10-11		 3 months crt.sh
*.pbp.bf2.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-18 -
2021-11-17		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-29 -
2022-03-29		 a year crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-09 -
2022-04-10		 a year crt.sh
*.audrte.com
Amazon		 2021-01-26 -
2022-02-24		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.bumlam.com
R3		 2021-09-13 -
2021-12-12		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.tns-counter.ru
GlobalSign ECC OV SSL CA 2018		 2020-11-10 -
2021-12-12		 a year crt.sh

This page contains 42 frames:

Primary Page: https://ask.fm/dimpleleaf174
Frame ID: 597BD658C07E816A0669C56F3C68F4D5
Requests: 121 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: BD69CE3830069EC460344671EEA10D53
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 0F9E3C6F144B7E9D5386544FF62FFEF1
Requests: 2 HTTP requests in this frame

Frame: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=f21d3a9e-a4a1-4873-84f6-b16245ceb721-614f589f-5553
Frame ID: DF080C0DC9F2EAB8A1598DA36FABCD91
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: D313A027A24383B2A016AFF0BD5AA4A2
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: D03503445BB10EE25C6BC0D9FC0C6EFA
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 23ABC38C2B775073ECEAACF1601689FD
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 52AE128B43071DBD0AAD235D151B29E1
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: EDB236581EF288FD7A93BB88B865A40A
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 91A581D7D9D1AD1339CB2E618E92E12A
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 2B0852BE8820106A98EEF8DFC0BE7AFA
Requests: 5 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Frame ID: 9B7D15F7DF8200546AB6E79AB6AADB83
Requests: 9 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fdimpleleaf174&schain=1.0,1!vidoomy.com,54345,1,1632589984275,,
Frame ID: D206D0959D79F56D8D9881AF7DBF34A1
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 98DFECF8B46E909BEF0F261BDF506E27
Requests: 13 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=D99664AA-4F47-4114-BAAE-E70B620016F6
Frame ID: C38DBB471183F28EDB7899303CB51282
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1518085779537032752
Frame ID: E43E7A93AAC5568F710A99637273A4FF
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 134712A41739CFCBE2AB8F6EDB5F34BE
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: D127FC90A0C262A5C0CD5ED552E5DB85
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1632589987743
Frame ID: A3DAC51ADCF0D03FB0F65A40CD0D8BAE
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5C8139237A1A83F060C4754EB7C46FD5
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1632589984841
Frame ID: DF2C2B6F55D9E19B326D6B4F233B80A6
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: CE202298718E74C5898FA2C6D7386A6D
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: BDBEC794A1F74C8FACF19185BE1A4E77
Requests: 5 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: E0C042772C9E537F720D368816FFDD8D
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1038483BEA9BD89666B0A9B87E1DE751
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 86BCBE1AF99CEE5C786E40B816AD9D8F
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 98B5C498D1DAB93917D7BB077E04A16A
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 729806C5167D31632FD51F6E8D5C566A
Requests: 10 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: F75CE94357E6BCF94EE24557596655D7
Requests: 6 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1
Frame ID: 7813BCBD3E8E0409050BBF55F617A916
Requests: 1 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=c37676ff-beca-530c-89de-a8a6e891f007&CACHEBUSTER=182228
Frame ID: 2C3E294AB41DF60A15853F872CB9780F
Requests: 5 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 37008B7A52E2ACE76844D4180BEB2026
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 6E919486508CC4F6CCF67EE7BA284C4A
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 3763D99C88917F7A18802E03407B2EB1
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 22C58784772E5180F542ED3349461EB9
Requests: 14 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 7C7BD078DCB9410D03CDC14BF023AE64
Requests: 4 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7011920606247319691
Frame ID: D7E70D12D9323328FA4BE23428DA003F
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAJTgk7CnrEAADbPlSHbHg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Frame ID: C4BF8CF8AD0CA30A29DB46689BF20240
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=D99664AA-4F47-4114-BAAE-E70B620016F6
Frame ID: 728B4BD689A9B2F79BA5F38D402CE8CA
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: E9A322286BB3E6A2028C07FFBEB07EDC
Requests: 3 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: F5FB1B9C6925688154F88A9C63611592
Requests: 5 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: FFF2A18FA770268714E872FDB4386E7C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Account Suspended - Ask.fm

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

289
Requests

98 %
HTTPS

0 %
IPv6

90
Domains

128
Subdomains

83
IPs

14
Countries

2481 kB
Transfer

5465 kB
Size

182
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9407.Y7ToBPdneKX19SzBQYGqzLhRqzAuOtAvojXkK2oTN3YVK9rgjnF8wnYP-SRDrMaN.j2E7nDCX2aQKoKHCqblsBQQm5Jk%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9407.1ej8TCR1I7ow3r-cB_U6dcPdadM5l7Ec1ipKSpeb7T6Te9IP53tbZ0Ds7RuMW6CR-q2LkeOJ6UdesJfjxHBoqQ%2C%2C.zsZIzaQCWTy1ipMUUoTlWUJgM90%2C
Request Chain 38
  • https://mc.yandex.com/watch/48953915?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fdimpleleaf174&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A592%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A1362935389004%3Ahid%3A690348642%3Az%3A0%3Ai%3A20210925171303%3Aet%3A1632589983%3Ac%3A1%3Arn%3A694969706%3Arqn%3A1%3Au%3A1632589983784394973%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1632589982578%3Ads%3A0%2C303%2C147%2C100%2C0%2C0%2C%2C148%2C5%2C%2C%2C%2C602%3Adsn%3A1%2C302%2C147%2C100%2C0%2C0%2C%2C51%2C6%2C%2C%2C%2C602%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1632589983%3At%3AAccount%20Suspended%20-%20Ask.fm HTTP 302
  • https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fdimpleleaf174&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A592%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A1362935389004%3Ahid%3A690348642%3Az%3A0%3Ai%3A20210925171303%3Aet%3A1632589983%3Ac%3A1%3Arn%3A694969706%3Arqn%3A1%3Au%3A1632589983784394973%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1632589982578%3Ads%3A0%2C303%2C147%2C100%2C0%2C0%2C%2C148%2C5%2C%2C%2C%2C602%3Adsn%3A1%2C302%2C147%2C100%2C0%2C0%2C%2C51%2C6%2C%2C%2C%2C602%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1632589983%3At%3AAccount%20Suspended%20-%20Ask.fm
Request Chain 41
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=f21d3a9e-a4a1-4873-84f6-b16245ceb721-614f589f-5553&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Df21d3a9e-a4a1-4873-84f6-b16245ceb721-614f589f-5553%26partner_url%3Dhttps%253A%252F%252Fa.vidoomy.com%252Fapi%252Frtbserver%252Fcookie%253Fi%253DCEN%2526uid%253Df21d3a9e-a4a1-4873-84f6-b16245ceb721-614f589f-5553 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=f21d3a9e-a4a1-4873-84f6-b16245ceb721-614f589f-5553&partner_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3Df21d3a9e-a4a1-4873-84f6-b16245ceb721-614f589f-5553 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=f21d3a9e-a4a1-4873-84f6-b16245ceb721-614f589f-5553&partner_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3Df21d3a9e-a4a1-4873-84f6-b16245ceb721-614f589f-5553 HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=f21d3a9e-a4a1-4873-84f6-b16245ceb721-614f589f-5553
Request Chain 42
  • https://sb.scorecardresearch.com/p?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=897688&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va&ns_st_cl=0&ns_st_pt=0&c3=vidoomynet&c4=&c6=&ns_ts=1632589983 HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=897688&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va&ns_st_cl=0&ns_st_pt=0&c3=vidoomynet&c4=&c6=&ns_ts=1632589983
Request Chain 43
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=477388954.516702061776682537.5950449 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=477388954.516702061776682537.5950449 HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=vidoomy&bsw_custom_parameter=89dc79c7-90a1-4ae7-969f-c85fa43b5b52 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=vidoomy&bsw_custom_parameter=89dc79c7-90a1-4ae7-969f-c85fa43b5b52 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=6344ec75-1c56-4788-8567-344c623af1d1&user_group=1&ssp=vidoomy&bsw_param=89dc79c7-90a1-4ae7-969f-c85fa43b5b52 HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=89dc79c7-90a1-4ae7-969f-c85fa43b5b52
Request Chain 44
  • https://sync.1rx.io/usersync2/vidoomy?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2132261504 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2132261504 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/55b3b496-f579-440a-904c-cb231f86d3bc HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-0eea9e51-22c6-41b2-bbbe-0e1def4616e0-003?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3DRX-0eea9e51-22c6-41b2-bbbe-0e1def4616e0-003 HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=RX-0eea9e51-22c6-41b2-bbbe-0e1def4616e0-003
Request Chain 50
  • https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&google_hm=QjhuMHBUT3hXcm8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm=&google_hm=QjhuMHBUT3hXcm8&google_tc=
Request Chain 51
  • https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
  • https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=iEPG6ZyxYDg
Request Chain 52
  • https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if HTTP 302
  • https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=xd4LHD43_vo&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D HTTP 302
  • https://cs.lkqd.net/cs?partnerId=102&partnerUserId=8128ae9c-5111-408d-9026-95df7974a732
Request Chain 53
  • https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
  • https://c.deployads.com/cs/NXST?b=9_DRYUd2rAc
Request Chain 54
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4478057778296896944
Request Chain 55
  • https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&google_hm=OHJkby0tNW1HbkE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm=&google_hm=OHJkby0tNW1HbkE&google_tc=
Request Chain 56
  • https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
  • https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=tD7yckwaGac
Request Chain 57
  • https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if HTTP 302
  • https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=OfEVR28IWIM&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D HTTP 302
  • https://cs.lkqd.net/cs?partnerId=102&partnerUserId=7568e9fe-38c9-4143-8cc1-df8bd7ca4206
Request Chain 58
  • https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
  • https://c.deployads.com/cs/NXST?b=FdfmZyOpPOE
Request Chain 59
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4550115372334824880
Request Chain 67
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=AjWmp0epTDRp_YgNDP0agdiDckk
Request Chain 68
  • https://nxd.adhaven.com/bid-engine/cs/2e288610711ad6050acd86a3fc72a6c3/v1?rd=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D90%26partnerUserId%3D%24UID HTTP 302
  • https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_083d9508-1a0d-46dd-b5b7-6e402c26ca75
Request Chain 70
  • https://cs.lkqd.net/cs?partnerId=85&redirect=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db30%26u%3D%24%24rawlkqduserid%24%24%26redirect%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D85%2526partnerUserId%253D%2524TF_USER_ID_ENC%2524&r=if HTTP 302
  • https://a.tribalfusion.com/i.match?p=b30&u=_M04G1iHkbc&redirect=https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D$TF_USER_ID_ENC$ HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b30&u=_M04G1iHkbc&redirect=https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D$TF_USER_ID_ENC$ HTTP 302
  • https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662308853187965
Request Chain 71
  • https://match.prod.bidr.io/cookie-sync/lkq HTTP 303
  • https://match.prod.bidr.io/cookie-sync/lkq?_bee_ppp=1 HTTP 303
  • https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AAJTgk7CnrEAADbPlSHbHg
Request Chain 77
  • https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fask.fm%2Fdimpleleaf174&cb=52711983&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C63087268440557889392067577428,, HTTP 302
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fask.fm%2Fdimpleleaf174&cb=52711983&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C63087268440557889392067577428,, HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Request Chain 80
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=163799699&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fdimpleleaf174&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/adtech/VAd81eb05f-1e23-11ec-a14e-02b90c27b1e5?gdpr=0&gdpr_consent=&nsync=1 HTTP 302
  • https://pixel.advertising.com/ups/56465/sync?uid=y-F10BoFpE2p6aclac0QVvHUPAscXsS_7oHekg~A&_origin=0&nsync=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-F10BoFpE2p6aclac0QVvHUPAscXsS_7oHekg~A&_origin=0&nsync=1&apid=VAd81eb05f-1e23-11ec-a14e-02b90c27b1e5
Request Chain 85
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=732147395&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fdimpleleaf174&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/adtech/VAd81f3d6e-1e23-11ec-b296-068489b665ff?gdpr=0&gdpr_consent=&nsync=1 HTTP 302
  • https://pixel.advertising.com/ups/56465/sync?uid=y-6qVUILZE2p6H6DeFh_vhbJsDZI_..Sd3EvbK~A&_origin=0&nsync=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-6qVUILZE2p6H6DeFh_vhbJsDZI_..Sd3EvbK~A&_origin=0&nsync=1&apid=VAd81eb05f-1e23-11ec-a14e-02b90c27b1e5
Request Chain 86
  • https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fask.fm%2Fdimpleleaf174&cb=52711983&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C63087268440557889392067577428,, HTTP 302
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fask.fm%2Fdimpleleaf174&cb=52711983&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C63087268440557889392067577428,,
Request Chain 129
  • https://c1.adform.net/serving/cookie/match?party=14&cid=D99664AA-4F47-4114-BAAE-E70B620016F6 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=D99664AA-4F47-4114-BAAE-E70B620016F6
Request Chain 130
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1518085779537032752
Request Chain 132
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2ZZkqk9HQRS6rucLYgAW9g%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 133
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=f9f1614f-58a1-4400-b875-4972f5d298e1
Request Chain 134
  • https://pixel.onaudience.com/?partner=214&mapped=D99664AA-4F47-4114-BAAE-E70B620016F6 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=f3f0d732b0050e1fe8041a07f4420091
Request Chain 135
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDk5NjY0QUEtNEY0Ny00MTE0LUJBQUUtRTcwQjYyMDAxNkY2&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 136
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&google_error=15
Request Chain 138
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=55b3b496-f579-440a-904c-cb231f86d3bc
Request Chain 139
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=368486660504022358
Request Chain 140
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:21cd614f-58a1-4d00-a8ef-28ac81915f69&gdpr=0&gdpr_consent=
Request Chain 141
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1866752352706313644&gdpr=0&gdpr_consent=
Request Chain 142
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=AsyL5AHF3rMZxIfkUs-SslbPh-AZyoy1VZzZ-V_w
Request Chain 154
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=74bfb593c4a7cc6fb688565758ed73b&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g015_7011920601942695000 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NzRiZmI1OTNjNGE3Y2M2ZmI2ODg1NjU3NThlZDczYg==&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=&google_error=15&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=55b3b496-f579-440a-904c-cb231f86d3bc HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/74bfb593c4a7cc6fb688565758ed73b&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-olKPHKpE2oP_ql61nxOhdoVwxzJFMeIG4BPlcIji~A HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=1866752352706313644 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=21cd614f-58a1-4d00-a8ef-28ac81915f69&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 303
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAJTgk7CnrEAADbPlSHbHg&gdpr=0 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=8284600391802137550 HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_ HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=UXhVP50d1MubeA5 HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D
Request Chain 157
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRiZmI1OTNjNGE3Y2M2ZmI2ODg1NjU3NThlZDczYg==&gdpr=0&gdpr_consent=
Request Chain 158
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=74bfb593c4a7cc6fb688565758ed73b&ex=freewheel.tv&gdpr=0&gdpr_consent=
Request Chain 179
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D7aad1080-f1f2-48c4-a69f-25c9683790df%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/setuid?A=7aad1080-f1f2-48c4-a69f-25c9683790df&D=&bidder=appnexus&uid=1866752352706313644
Request Chain 181
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D7aad1080-f1f2-48c4-a69f-25c9683790df%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID HTTP 302
  • https://prebid.a-mo.net/setuid?A=7aad1080-f1f2-48c4-a69f-25c9683790df&D=&bidder=pubmatic&uid=D99664AA-4F47-4114-BAAE-E70B620016F6
Request Chain 182
  • https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=7aad1080-f1f2-48c4-a69f-25c9683790df HTTP 302
  • https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=7aad1080-f1f2-48c4-a69f-25c9683790df&apid=VAd81eb05f-1e23-11ec-a14e-02b90c27b1e5 HTTP 302
  • https://prebid.a-mo.net/setuid/verizon_video?uid=VAd81eb05f-1e23-11ec-a14e-02b90c27b1e5&gdpr=0&gdpr_consent=
Request Chain 183
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D7aad1080-f1f2-48c4-a69f-25c9683790df%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D7aad1080-f1f2-48c4-a69f-25c9683790df%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://prebid.a-mo.net/setuid?A=7aad1080-f1f2-48c4-a69f-25c9683790df&D=&bidder=sovrn&uid=3cb4b388af008b1e3c1679e3
Request Chain 184
  • https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D7aad1080-f1f2-48c4-a69f-25c9683790df%26D%3D%26bidder%3Dindex_rtb%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D7aad1080-f1f2-48c4-a69f-25c9683790df%26D%3D%26bidder%3Dindex_rtb%26uid%3D&s=191503&C=1 HTTP 302
  • https://prebid.a-mo.net/setuid?A=7aad1080-f1f2-48c4-a69f-25c9683790df&D=&bidder=index_rtb&uid=YU9YpIvEk4ZlqQwmE-kNwgAA%261104
Request Chain 193
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dbetween%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=c37676ff-beca-530c-89de-a8a6e891f007&ssp=between&expires=30&user_group=1 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=89dc79c7-90a1-4ae7-969f-c85fa43b5b52
Request Chain 194
  • https://px.adhigh.net/p/cm/btw HTTP 302
  • https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=uM5CpJZ75d6m.AikABlF8HfJCpQ
Request Chain 195
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID HTTP 307
  • https://ads.betweendigital.com/match?bidder_id=114&external_user_id=3cb4b388af008b1e3c1679e3
Request Chain 196
  • https://sync.bumlam.com/?src=bw1&uid=c37676ff-beca-530c-89de-a8a6e891f007 HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiksb2KBlIFvp7KygpiJGMzNzY3NmZmLWJlY2EtNTMwYy04OWRlLWE4YTZlODkxZjAwNw** HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiksb2KBlIFvp7KygpiJGMzNzY3NmZmLWJlY2EtNTMwYy04OWRlLWE4YTZlODkxZjAwN6IBENrK6koeIxHspukAJZDIJDc* HTTP 302
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQABiksb2KBmIkYzM3Njc2ZmYtYmVjYS01MzBjLTg5ZGUtYThhNmU4OTFmMDA3ogEQ2srqSh4jEeym6QAlkMgkNw** HTTP 302
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQARiksb2KBmIkYzM3Njc2ZmYtYmVjYS01MzBjLTg5ZGUtYThhNmU4OTFmMDA3ogEQ2srqSh4jEeym6QAlkMgkNw** HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=18&external_user_id=dacaea4a-1e23-11ec-a6e9-002590c82437
Request Chain 201
  • https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
  • https://idsync.rlcdn.com/464986.gif?partner_uid=FdfmZyOpPOE
Request Chain 202
  • https://bh.contextweb.com/bh/rtset?pid=561322&ev=1&rurl=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D53%26partnerUserId%3D%25%25VGUID%25%25 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=53&partnerUserId=O9K7oVeklgg5&ev=1&pid=561322
Request Chain 205
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YU9YpIvEk4ZlqQwmE-kNwgAA
Request Chain 206
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YU9YpIvEk4ZlqQwmE_kNwgAABFAAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YU9YpIvEk4ZlqQwmE_kNwgAABFAAAAAB&dcc=t
Request Chain 209
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=21cd614f-58a1-4d00-a8ef-28ac81915f69&gdpr=1&gdpr_consent=
Request Chain 210
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06c0220407d4428ba6c6ea9a&expiration=[EXPIRATION]&gdpr=1
Request Chain 212
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 215
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1866752352706313644
Request Chain 216
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-gmvdP49E2uE0sucQEQAhFVLcklrWRsUcT9rRUeQ-~A
Request Chain 217
  • https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-0eea9e51-22c6-41b2-bbbe-0e1def4616e0-003&rndcb=3036468328 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=89dc79c7-90a1-4ae7-969f-c85fa43b5b52&google_hm=ODlkYzc5YzctOTBhMS00YWU3LTk2OWYtYzg1ZmE0M2I1YjUy
Request Chain 218
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=VAd81eb05f-1e23-11ec-a14e-02b90c27b1e5 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=VAd81eb05f-1e23-11ec-a14e-02b90c27b1e5
Request Chain 219
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Request Chain 220
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=8d8899d3-ef1c-4916-ad6b-cf121f740e63
Request Chain 221
  • https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=21b813cb-0f6f-4612-b7e1-03f8bde89cbd
Request Chain 222
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=1866752352706313644
Request Chain 223
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=3cb4b388af008b1e3c1679e3
Request Chain 237
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4550115372334824880
Request Chain 239
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-8996f02a-9307-4d1a-b164-45ffc2d8afe8
Request Chain 243
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7011920606247319691
Request Chain 244
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFKVGdrN0NuckVBQURiUGxTSGJIZw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAJTgk7CnrEAADbPlSHbHg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Request Chain 246
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=D99664AA-4F47-4114-BAAE-E70B620016F6&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=D99664AA-4F47-4114-BAAE-E70B620016F6&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=D99664AA-4F47-4114-BAAE-E70B620016F6&addseg=10,33,39
Request Chain 247
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=D99664AA-4F47-4114-BAAE-E70B620016F6&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=D99664AA-4F47-4114-BAAE-E70B620016F6&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 249
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=D99664AA-4F47-4114-BAAE-E70B620016F6 HTTP 302
  • https://a.audrte.com/p
Request Chain 250
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=D99664AA-4F47-4114-BAAE-E70B620016F6&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.TnqWsVE2uUuBVBL6gPhyu_Mdlr_08I-~A&gdpr=0&gdpr_consent=
Request Chain 252
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=89dc79c7-90a1-4ae7-969f-c85fa43b5b52 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=257&user_id=mk443a738d-1ad1-422e-a79a-39b221135c2d&expires=7&user_group=5&ssp=pubmatic&bsw_param=89dc79c7-90a1-4ae7-969f-c85fa43b5b52 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=89dc79c7-90a1-4ae7-969f-c85fa43b5b52&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 254
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YU9YpAAAAma1QAA6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YU9YpAAAAma1QAA6&gdpr=0&gdpr_consent=&_test=YU9YpAAAAma1QAA6
Request Chain 255
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4550115372334824880&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 256
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=f21d3a9e-a4a1-4873-84f6-b16245ceb721-614f589f-5553&gdpr=0&gdpr_consent=
Request Chain 257
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:e8166378-8448-4f2d-9281-67e6a837ec4e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 258
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=between&bsw_custom_parameter=89dc79c7-90a1-4ae7-969f-c85fa43b5b52 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=between&expires=10&bsw_param=89dc79c7-90a1-4ae7-969f-c85fa43b5b52 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=89dc79c7-90a1-4ae7-969f-c85fa43b5b52
Request Chain 263
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=978240434&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fdimpleleaf174&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1 HTTP 302
  • https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=978240434&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fdimpleleaf174&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=d37006ff-0c1f-4d6e-bb7b-a30d0e77164a&a.is_yahoo=3&redirect_y=dHM9MTYzMjU4OTk4ODY2MC42OTY3Nzc6dXVpZD0iNzAyNDI4MjEyODIwNzcyMTE1Ml9fVElNRV9fMjAyMS0wOS0yNSsxMCUzQTEzJTNBMDQiOmFwaWQ9VkFkODFlYjA1Zi0xZTIzLTExZWMtYTE0ZS0wMmI5MGMyN2IxZTU6cmVxdWVzdF9pZD1kMzcwMDZmZi0wYzFmLTRkNmUtYmI3Yi1hMzBkMGU3NzE2NGE=
Request Chain 268
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=321486151&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fdimpleleaf174&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1 HTTP 302
  • https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=321486151&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fdimpleleaf174&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=d894cbe4-d21c-4f2a-a72f-c3c578569c12&a.is_yahoo=3&redirect_y=dHM9MTYzMjU4OTk4NzkxOS40MTUyODM6dXVpZD0iNzAyNDI4MjEyODIwNzcyMTE1Ml9fVElNRV9fMjAyMS0wOS0yNSsxMCUzQTEzJTNBMDQiOmFwaWQ9VkFkODFlYjA1Zi0xZTIzLTExZWMtYTE0ZS0wMmI5MGMyN2IxZTU6cmVxdWVzdF9pZD1kODk0Y2JlNC1kMjFjLTRmMmEtYTcyZi1jM2M1Nzg1NjljMTI=
Request Chain 269
  • https://sync.bumlam.com/?src=aid0 HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=dacaea4a-1e23-11ec-a6e9-002590c82437 HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=dacaea4a-1e23-11ec-a6e9-002590c82437&bounce=1 HTTP 302
  • https://sync.bumlam.com/?src=aid1&uid=hz3GvpdAk1NuoXGyK4k48g& HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=hz3GvpdAk1NuoXGyK4k48g&extra2=aidata HTTP 302
  • https://sync3.sniperlog.ru/?src=ggl&extra1=hz3GvpdAk1NuoXGyK4k48g&extra2=aidata&google_error=15 HTTP 301
  • https://sync.bumlam.com/?src=ggl&extra1=hz3GvpdAk1NuoXGyK4k48g&extra2=aidata&google_error=15
Request Chain 270
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Request Chain 277
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=null&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YU9YpAAAAma1QAA6&gdpr=0&gdpr_consent=null HTTP 302
  • https://ad.turn.com/r/cs?pid=34&gdpr=0&gdpr_consent=null&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=4550115372334824880 HTTP 302
  • https://sync.adotmob.com/cookie/stickyads?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=257&userId=06c0220407d4428ba6c6ea9a&gdpr=0&gdprConsent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NzRiZmI1OTNjNGE3Y2M2ZmI2ODg1NjU3NThlZDczYg==&gdpr=0&gdpr_consent=&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=&google_error=15&gdpr=0&gdpr_consent=&gdpr=0 HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=5599088&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=0&gdpr_consent=
Request Chain 280
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRiZmI1OTNjNGE3Y2M2ZmI2ODg1NjU3NThlZDczYg==&gdpr=0&gdpr_consent=
Request Chain 281
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=74bfb593c4a7cc6fb688565758ed73b&ex=freewheel.tv&gdpr=0&gdpr_consent=
Request Chain 288
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/182228 HTTP 302
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/182228
Request Chain 291
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=c37676ff-beca-530c-89de-a8a6e891f007&expires=60 HTTP 302
  • https://sync-eu.connectad.io/pixel/1?dataid=data3&uuid=89dc79c7-90a1-4ae7-969f-c85fa43b5b52

289 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set dimpleleaf174
ask.fm/ 		13 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ask.fm/dimpleleaf174
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.138.77.144 , Latvia, ASN395754 (ASK-FM, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
d82666f848091c41f833bd9697431fec9583909027d27f5d69306654db1461d4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
ask.fm
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Status
410 Gone
Cache-Control
no-cache
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Date
Sat, 25 Sep 2021 17:13:02 GMT
Set-Cookie
locale=de; path=/; expires=Sun, 25 Sep 2022 23:13:02 GMT uuid=f70b640c-d4b3-4314-885e-4324846407d7; path=/; expires=Sun, 25 Sep 2022 23:13:02 GMT; secure; HttpOnly country=DE; path=/; expires=Sun, 25 Sep 2022 23:13:02 GMT _m_ask_fm_session=NEI4K3kwRnkxUi9NK2MxSWo4Z25UazArME1aZHQyR0gzWDVGeDljTHU1N2NKWERzUTcrSVhpY2R1YlJwbE12ajBQUFozbkxSSE5mbXJ0cHhrNGZuZVBSR0RObzF2RTR4NW1LNmhhcXN3dkxTOUJFM0xaVEhHd0lvTURZejM5VURWOFZ5TXRKeUkwSmdZaUdDazMwTS9acWg5cW1pSHhPcDI5SzNzTHMzUDNjdUNUSlRNQjZ6SWdOK3VpTzk3N0FhMCs1bUhGdzhQQ09nODB2MW1CVWxVNlRIaDZOTklsVm13RWxCdHBWZiswb29VWWpXazl4cjBtWTN2dTQzQUpaYi0tRU1CMmZjekE4cHFjb2xUVnAvVWthQT09--a77082c7008bd1471ec43ba576b2c5e3a49f1c95; path=/; expires=Tue, 28 Sep 2021 17:13:02 GMT; secure; HttpOnly
Server
Ask.FM Web Service
Content-Security-Policy
frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security
max-age=63072000
application_ltr-e431b1b76f357244f36acf55909bf2867bff80742139afe7b2313cff66aa5d39.css
d3r6ceqp4shltl.cloudfront.net/assets/ 		205 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-e431b1b76f357244f36acf55909bf2867bff80742139afe7b2313cff66aa5d39.css
Requested by
Host: ask.fm
URL: https://ask.fm/dimpleleaf174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-57.fra50.r.cloudfront.net
Software
Ask.FM Web Service /
Resource Hash
f35eb63af5172e2882f9880d0668b3517869ae1dcf15cec3b5b4ebd506ffb544
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:00:24 GMT
content-encoding
gzip
vary
Accept-Encoding
age
461559
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000
access-control-allow-origin
https://ask.fm
last-modified
Mon, 20 Sep 2021 08:56:03 GMT
server
Ask.FM Web Service
etag
W/"61484ca3-33492"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
cache-control
public, max-age=315360000, immutable
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
cedgDoSm0IwlSKj_vZK8BrVDeIqnxLaiISPq945aWCKtmV7rKuBzYQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
application-f82948a8cf5896011175c1fbf42c5b3ad45aaa9cfae7d60fa0f42812eb0e410e.js
d3r6ceqp4shltl.cloudfront.net/assets/ 		216 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3r6ceqp4shltl.cloudfront.net/assets/application-f82948a8cf5896011175c1fbf42c5b3ad45aaa9cfae7d60fa0f42812eb0e410e.js
Requested by
Host: ask.fm
URL: https://ask.fm/dimpleleaf174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-57.fra50.r.cloudfront.net
Software
Ask.FM Web Service /
Resource Hash
68bbd771eecb76f98639a65674facba6df78abad6550a712aff0d30fefe11c71
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:00:23 GMT
content-encoding
gzip
vary
Accept-Encoding
age
461560
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000
access-control-allow-origin
https://ask.fm
last-modified
Mon, 20 Sep 2021 08:56:04 GMT
server
Ask.FM Web Service
etag
W/"61484ca4-35fe0"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
cache-control
public, max-age=315360000, immutable
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
GvHOwbRgcLNTFGOiVVoUVfvP_4TrtTPaD0FFK_W3DSETaSLWdQgGHg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
askfm_4249.js
ads.vidoomy.com/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.vidoomy.com/askfm_4249.js
Requested by
Host: ask.fm
URL: https://ask.fm/dimpleleaf174
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.129.250.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-129-250-65.us-east-2.compute.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash
fc35b6a76bb702a8e0aa388cf7382965c14420dbe7399dbddab0941b33c4eb82

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:03 GMT
Server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By
PHP/7.0.33
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=300
Content-Length
5938
account-suspended.gif
d3r6ceqp4shltl.cloudfront.net/images/errors/ 		380 KB
380 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3r6ceqp4shltl.cloudfront.net/images/errors/account-suspended.gif
Requested by
Host: ask.fm
URL: https://ask.fm/dimpleleaf174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-57.fra50.r.cloudfront.net
Software
Ask.FM Web Service /
Resource Hash
b570d38ee9fb9d3c62cdd3395021b23cf0c1b8d6e55aa0f4c31496723a30c202
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 15:38:28 GMT
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
age
3288875
x-cache
Hit from cloudfront
content-length
388641
last-modified
Wed, 18 Aug 2021 12:19:47 GMT
server
Ask.FM Web Service
etag
"611cfae3-5ee21"
strict-transport-security
max-age=63072000
content-type
image/gif
cache-control
max-age=315360000, public
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
FLUPmqTl65fV5HheUIlJeyVkIxDOd21ylcLzIM6UNmeI1QCs67gxAw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
v2doydDDr7mj6NrgHnAK5ak-qxBmJSRZTUAYuHM-2FpCgUsDt2NNH9aFlN0Jtm2lc
colossalcoat.com/ 		103 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://colossalcoat.com/v2doydDDr7mj6NrgHnAK5ak-qxBmJSRZTUAYuHM-2FpCgUsDt2NNH9aFlN0Jtm2lc
Requested by
Host: ask.fm
URL: https://ask.fm/dimpleleaf174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
133.96.201.35.bc.googleusercontent.com
Software
/
Resource Hash
10f3c8534fa774caffa3cb82d97cc822c03a1a9f1cf5ff33b42dbaec87e5485d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"7796c0b3069549379f0bb7e2e12b057a0e4c4c779190a66b7178ee145e3c6d43"
vary
Accept-Encoding, Accept-Language
x-hostname
e47ab626
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Sat, 25 Sep 2021 17:13:03 GMT
timing-allow-origin
*
scripts
esputnik.com/scripts/v1/public/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://esputnik.com/scripts/v1/public/scripts?apiKey=eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI0NTI0ZWZhYTJkYzI2MGRmYTM4YTE1NDBlMWFlYmU1M2QxYjUyMDE3MzM0OWZhOTIxZGExMGU3OWRmYzEwMDRmMjJhOGU1MzE1ZmJlYTIyZTBhMDMzY2FhODU3ZDgzNTY1MGFhYTM0NjEwNjUzNGMxZTcyMjRhOTU2ODVlYmQ0N2JkZDhlYjZkNmIyMDc0NWFhNDY3YjIyMWI0ODI0NTE2MGY4ZmU1OTY5MDU3In0.G6LVcfCiI7Js2CYtqG0BsrNJdgaviLhvqlodAVkkBkzVwQmSlSOsrIkTvP_QNoXGzaogwOdqcjtaXPMKvwWD0A&domain=1152F29B-9126-4F22-869C-ECC03B33FB2B
Requested by
Host: ask.fm
URL: https://ask.fm/dimpleleaf174
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.134.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-134-133.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0df33bbf056c61ab7c3c2d0bbfe612a27d73899ff4e9379a65592d3894209531
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 17:13:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=300
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Expires
Sat, 25 Sep 2021 17:18:03 GMT
tag.js
mc.yandex.ru/metrika/ 		191 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-f82948a8cf5896011175c1fbf42c5b3ad45aaa9cfae7d60fa0f42812eb0e410e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
8ce174fc34969d02274382ec6da5a274b254802c3814de6971de6ec349c7dd6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:03 GMT
content-encoding
br
last-modified
Sat, 25 Sep 2021 10:27:39 GMT
etag
"614ecf6b-1031a"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
66330
expires
Sat, 25 Sep 2021 18:13:03 GMT
35773.jpg
d16vsmxl4d5tw1.cloudfront.net/22b/30bb4/f43d/47ad/8635/f38fc24bd3da/thumb/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/22b/30bb4/f43d/47ad/8635/f38fc24bd3da/thumb/35773.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/dimpleleaf174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-224.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
445d4a7744f802bf1d563fe6e8be791375da23d50a6e69815fbe54f22b0320de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:07:00 GMT
via
1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
last-modified
Wed, 26 Sep 2018 13:37:03 GMT
server
AmazonS3
age
364
etag
"3f7cf5f21a73629da3c946953e7b85b0"
x-edge-origin-shield-skipped
0
x-amz-version-id
za5SJVDHuCbikEY_FHPjGz7x_SQEfdLD
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
3807
x-amz-cf-id
_LqMqP9ykfrLuETEkKWdEYclTvX53vr2o35moOvUdUV4BiQniX42Ng==
48084.jpg
dbq8hrmshvuto.cloudfront.net/d27/c3c84/e0f2/4d12/926b/b847a38dcfc9/thumb/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dbq8hrmshvuto.cloudfront.net/d27/c3c84/e0f2/4d12/926b/b847a38dcfc9/thumb/48084.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/dimpleleaf174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-165.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
641ea53674cdccf36fc3f7a90a5756ba9ade81aa05f73f6544682e090176cd55

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 07:19:59 GMT
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
last-modified
Wed, 08 Jan 2020 08:16:53 GMT
server
AmazonS3
age
35585
etag
"a8cb64f70879665031f3860cf129c9e1"
x-edge-origin-shield-skipped
0
x-amz-version-id
HH.AGKhOSCv2UWlE8QzxzH3O57IyKb0C
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
4302
x-amz-cf-id
hj4zAMg0Rpl-DeihFlIbjM5rtStfJTpMHhvmEYTUrAc5UHiyEywIpQ==
190043.jpg
d16vsmxl4d5tw1.cloudfront.net/5a4/b43f6/b0c6/413c/b428/acb243338d5a/thumb/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/5a4/b43f6/b0c6/413c/b428/acb243338d5a/thumb/190043.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/dimpleleaf174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-224.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6115ecfeca892ffef4dab2e54d40f4d840c008b65d43ef257a0184f9a4573e38

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 16:55:41 GMT
via
1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
last-modified
Mon, 30 Jul 2018 05:55:16 GMT
server
AmazonS3
age
1043
etag
"042f14b30b6aba87064da8383a55987b"
x-edge-origin-shield-skipped
0
x-amz-version-id
uCe4Am52KVinvlBLqNMWTa5RfEZhLdk7
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
2038
x-amz-cf-id
vQ_guSkwqPiFdPVdC-peT_1jG0FjUm_DmqPFYd4stBlSb1AVY14Qfg==
34748.jpg
d16vsmxl4d5tw1.cloudfront.net/d7e/170e5/4af7/469c/ba6d/38f3b722579e/thumb/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/d7e/170e5/4af7/469c/ba6d/38f3b722579e/thumb/34748.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/dimpleleaf174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-224.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc74086fac0cf6f439243db9950cc8f1404a1b70e7722af16075864b1592db77

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:04 GMT
via
1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
last-modified
Thu, 23 May 2019 19:48:57 GMT
server
AmazonS3
x-edge-origin-shield-skipped
0
etag
"54b6cc50c6c2a4d46ff37e0347256955"
x-cache
Miss from cloudfront
x-amz-version-id
r9jBigM2Pw_ezUU8C5kacVuKSqPgnhLM
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
1855
x-amz-cf-id
24TmjMitSUNJUC_MKUxfch_O87yX8XWujfbA_dpmFPdFk_wmTCqJOg==
164980.jpg
d16vsmxl4d5tw1.cloudfront.net/812/ccc5a/cbf8/42a2/9740/138a6db0727d/thumb/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/812/ccc5a/cbf8/42a2/9740/138a6db0727d/thumb/164980.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/dimpleleaf174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-224.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c29bd940605257a5f5e6b8384831bb5affd018a2ec1665e10a687ad51c5669fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:04 GMT
via
1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
last-modified
Thu, 27 Sep 2018 10:42:50 GMT
server
AmazonS3
x-edge-origin-shield-skipped
0
etag
"0ab7a6bfa93e72fd2c8d3087d0b2505e"
x-cache
Miss from cloudfront
x-amz-version-id
vf2cgzTQq0QUK.pcldXsPsFvCzEJQUdW
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
1724
x-amz-cf-id
DgS-woAN7PkBdmU_wYzQ_dOBEyU_arQxi3o2tMX1oOLqAZk8nJuQNw==
1488633.jpg
d16vsmxl4d5tw1.cloudfront.net/2e8/a1dcd/97aa/4e82/9e2a/3f77668bf377/thumb/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/2e8/a1dcd/97aa/4e82/9e2a/3f77668bf377/thumb/1488633.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/dimpleleaf174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-224.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
58327b25b09d7009b99da85bdc1852039781d9ca7c94358309083bb4c53900d1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 16:54:55 GMT
via
1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
last-modified
Sun, 30 Dec 2018 19:41:10 GMT
server
AmazonS3
age
1089
etag
"d2c078dce39fce2f04739d386f5e6b0e"
x-edge-origin-shield-skipped
0
x-amz-version-id
eHn7zG.Htd0nzZL7EiHjZ9_CxpGPpuhh
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
3294
x-amz-cf-id
QuKSai9ZwSsyODDcooq9y_YFSa_BeCd4B8AdSfkMvVwYLiCgGxdOUw==
fontello-6de8dcc952e62df3b6c6537122b71ee61f92674b1ae412f27efae801f9d65884.woff2
d3r6ceqp4shltl.cloudfront.net/assets/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3r6ceqp4shltl.cloudfront.net/assets/fontello-6de8dcc952e62df3b6c6537122b71ee61f92674b1ae412f27efae801f9d65884.woff2
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-e431b1b76f357244f36acf55909bf2867bff80742139afe7b2313cff66aa5d39.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-57.fra50.r.cloudfront.net
Software
Ask.FM Web Service /
Resource Hash
4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-e431b1b76f357244f36acf55909bf2867bff80742139afe7b2313cff66aa5d39.css
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:34:09 GMT
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
age
1312734
x-cache
Hit from cloudfront
access-control-max-age
3000
content-length
17880
last-modified
Fri, 10 Sep 2021 12:31:15 GMT
server
Ask.FM Web Service
etag
"613b5013-45d8"
strict-transport-security
max-age=63072000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
https://ask.fm
cache-control
public, max-age=315360000, immutable
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
gjodF1Ar5q-_uiCgJyh-k5sY5HIjw-aHRrfOa77KBd61XR0r539iPw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
proximanova-semibold-a2a83f94ebfbd8389d8941dd31fce0d6de92ab5054d892a53d3cf495980ce7de.woff2
d3r6ceqp4shltl.cloudfront.net/assets/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3r6ceqp4shltl.cloudfront.net/assets/proximanova-semibold-a2a83f94ebfbd8389d8941dd31fce0d6de92ab5054d892a53d3cf495980ce7de.woff2
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-e431b1b76f357244f36acf55909bf2867bff80742139afe7b2313cff66aa5d39.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-57.fra50.r.cloudfront.net
Software
Ask.FM Web Service /
Resource Hash
41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-e431b1b76f357244f36acf55909bf2867bff80742139afe7b2313cff66aa5d39.css
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:34:09 GMT
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
age
1312734
x-cache
Hit from cloudfront
access-control-max-age
3000
content-length
25400
last-modified
Fri, 10 Sep 2021 12:31:22 GMT
server
Ask.FM Web Service
etag
"613b501a-6338"
strict-transport-security
max-age=63072000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
https://ask.fm
cache-control
public, max-age=315360000, immutable
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
2UpFyVtV66EixESeMEq3FgscfAnpA4VGv75E0YFpjG6GCaimjrnlkA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
proximanovareg-160969822c078cfce7f0e80a45d30a168b9e4b202f5c2480a520bd09e47df7de.woff2
d3r6ceqp4shltl.cloudfront.net/assets/ 		51 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3r6ceqp4shltl.cloudfront.net/assets/proximanovareg-160969822c078cfce7f0e80a45d30a168b9e4b202f5c2480a520bd09e47df7de.woff2
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-e431b1b76f357244f36acf55909bf2867bff80742139afe7b2313cff66aa5d39.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-57.fra50.r.cloudfront.net
Software
Ask.FM Web Service /
Resource Hash
98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-e431b1b76f357244f36acf55909bf2867bff80742139afe7b2313cff66aa5d39.css
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:34:09 GMT
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
age
1312734
x-cache
Hit from cloudfront
access-control-max-age
3000
content-length
52204
last-modified
Fri, 10 Sep 2021 12:31:15 GMT
server
Ask.FM Web Service
etag
"613b5013-cbec"
strict-transport-security
max-age=63072000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
https://ask.fm
cache-control
public, max-age=315360000, immutable
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
sODG6VbsHz-bLDfS4nmt9jcjzwsprFewakKzfH3c1aZQyJh9liZENg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
173198.jpg
d16vsmxl4d5tw1.cloudfront.net/81a/ca156/f56b/4419/8737/c442c8cdcb44/thumb/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/81a/ca156/f56b/4419/8737/c442c8cdcb44/thumb/173198.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/dimpleleaf174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-224.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99cb29b730d22aa7c59a9fbfbe46c8d187f8319a852e4dbfcc04bd89a0cd43d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:11:47 GMT
via
1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
last-modified
Fri, 01 Jun 2018 14:27:04 GMT
server
AmazonS3
age
77
etag
"897eb8098cd4b1efe8004189ef027e8a"
x-edge-origin-shield-skipped
0
x-amz-version-id
ymf5LWkDtCqO3bl1gM2P9WhkeqR6_Afa
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
4132
x-amz-cf-id
Pq36p-kW9LWvMZayiVU2lLWWsTtmWE-wynDL0jhnTzOGAX-mdMM_0A==
651424.jpg
d16vsmxl4d5tw1.cloudfront.net/1f5/5a379/4286/46c0/8d5e/577c359481c2/thumb/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/1f5/5a379/4286/46c0/8d5e/577c359481c2/thumb/651424.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/dimpleleaf174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-224.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06483660f222ef21090d6268205b0e1722a78ddf48b44178a596cdd1e3db058f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 16:10:57 GMT
via
1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
last-modified
Tue, 06 Nov 2018 07:33:34 GMT
server
AmazonS3
age
3727
etag
"245e711ea0c2e740e06da1552d1f197f"
x-edge-origin-shield-skipped
0
x-amz-version-id
0R2JffEF0qPn7TeKYXJgVL62d63FzqqB
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
3609
x-amz-cf-id
_mTBuOtbo5QHOT7bXuaFYqgXNh41FdKuoHbCrVR3lbYke7qZnMGg7w==
22630.jpg
d16vsmxl4d5tw1.cloudfront.net/496/a948d/7472/4133/8a39/0313d76da81f/thumb/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/496/a948d/7472/4133/8a39/0313d76da81f/thumb/22630.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/dimpleleaf174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-224.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fe944f0c391a7973c3f4e1a999ff5d5f7bc2a85dc97c5ef9598073ca4e4449f9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 10:11:04 GMT
via
1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
last-modified
Tue, 16 Apr 2019 16:23:01 GMT
server
AmazonS3
age
25320
etag
"5ec8abecd698a7a434fffb786da2640c"
x-edge-origin-shield-skipped
0
x-amz-version-id
qRy0hZre3_hBzO9OIyb50x.goJBkc4AI
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
1538
x-amz-cf-id
sK4xbm_lIqeWkXfGeXuL6w1joTfGWrtUsCyyTQnlMv3F4scS2OJ4HA==
399687.jpg
d16vsmxl4d5tw1.cloudfront.net/4d4/df447/70ba/476f/94a7/c792bde70ff4/thumb/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/4d4/df447/70ba/476f/94a7/c792bde70ff4/thumb/399687.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/dimpleleaf174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-224.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a4fee7a4e35dc68ef0339d5962e1af8cc483c2fdea70def97fb97a6cc075b5f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 16:36:42 GMT
via
1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
last-modified
Tue, 08 Jan 2019 17:57:30 GMT
server
AmazonS3
age
2181
etag
"e8ae315d55652ee87a83d430492f94cd"
x-edge-origin-shield-skipped
0
x-amz-version-id
s65VgMy8yrjiQT8V90YynPHOrlqFkvOb
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
3458
x-amz-cf-id
9UpGg1VJoD1Hxddm_Z9IyS9uBRpbkxJk9nf5gyapdMrOq7OXycYXSw==
291156.jpg
d16vsmxl4d5tw1.cloudfront.net/d96/18b24/45f9/4650/8935/051e7362514d/thumb/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/d96/18b24/45f9/4650/8935/051e7362514d/thumb/291156.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/dimpleleaf174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-224.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b52ca49948dd8e72f792b1d2e6576bef0a7eae1ee8d9ce09707cbadc24563e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 01:25:49 GMT
via
1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
last-modified
Tue, 01 Jan 2019 20:00:26 GMT
server
AmazonS3
age
56835
etag
"429df5567f92df1f9273fecfa6e963f4"
x-edge-origin-shield-skipped
0
x-amz-version-id
uPkD8rl8NPJPViDkinMItJ_grZ_jPIfA
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
2725
x-amz-cf-id
oLzGpd8fOdGzoAkvVm6xHbKb5-dYQIax4r8ouKTOdHc6vzmyE7oN2Q==
33684.jpg
d16vsmxl4d5tw1.cloudfront.net/fe2/94e48/9d12/4c34/9644/112a8fd1a1fb/thumb/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/fe2/94e48/9d12/4c34/9644/112a8fd1a1fb/thumb/33684.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/dimpleleaf174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-224.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
318bb84d6256390bea784862600a5e1d1f432d627c550edc599eeb46641d6e0d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 00:43:14 GMT
via
1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
last-modified
Fri, 12 Apr 2019 07:40:27 GMT
server
AmazonS3
age
59390
etag
"27994da833b5574b8bc9018c9ce391dd"
x-edge-origin-shield-skipped
0
x-amz-version-id
Gr7HFpKgiJg_QiW_LdbehWPZCl9tvvnX
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
4334
x-amz-cf-id
qBQQ0WEAAaUXrRZlywuXYWYDE1fvqHVJoT_8S99uNqYlYUykIPRneg==
211014.jpg
d16vsmxl4d5tw1.cloudfront.net/4a3/bcad8/961e/4214/8666/3ccd38ae51be/thumb/ 		465 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/4a3/bcad8/961e/4214/8666/3ccd38ae51be/thumb/211014.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/dimpleleaf174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-224.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63b3a2f91e35bbb0b0d27dcf4c99fbc09e87ff92e52545c68a8b84d0c549301d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:04 GMT
via
1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
last-modified
Mon, 29 Apr 2019 08:39:30 GMT
server
AmazonS3
x-edge-origin-shield-skipped
0
etag
"5722252e0ccd7ef9f33f07f3c78e1715"
x-cache
Miss from cloudfront
x-amz-version-id
2EKOvuSSKP5ewPlSXVY7P9L68V4GuQnS
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
465
x-amz-cf-id
EKuoX0pWD4Yf6EjLLgf8RC-HifhPBqV3P30fVmXYp5356LmrCn5PrA==
64906.jpg
dbq8hrmshvuto.cloudfront.net/d20/7bc53/f62f/4b8f/849c/ba1469d62ec9/thumb/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dbq8hrmshvuto.cloudfront.net/d20/7bc53/f62f/4b8f/849c/ba1469d62ec9/thumb/64906.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/dimpleleaf174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-165.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bc48ed93567fdd17b88530b500a6e8f04fc3060039be1f962c399e15c75c990c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 10:11:03 GMT
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
last-modified
Wed, 26 Feb 2020 10:31:52 GMT
server
AmazonS3
age
25320
etag
"aaf8ca758bd967290bcf5a6c0a98968b"
x-edge-origin-shield-skipped
0
x-amz-version-id
k6EswaRqCN_gwEYatrR1MHrIcuPnmnmy
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
4074
x-amz-cf-id
3RdH2zTxScSbqB3F_7nik05Nvr4dyJLEwPI0nC3OP8Inb9GMHvhw7Q==
652296.jpg
d16vsmxl4d5tw1.cloudfront.net/816/fd2bb/1849/4fc0/afba/613e9b8ba32e/thumb/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/816/fd2bb/1849/4fc0/afba/613e9b8ba32e/thumb/652296.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/dimpleleaf174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-224.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fb26debd1b0dc2ad4470e5ce5d13cf32333cc653b2c6ebcdfb707af465f52fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 16:53:27 GMT
via
1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
last-modified
Wed, 30 May 2018 06:20:53 GMT
server
AmazonS3
age
1177
etag
"6482d5b41839c9ce8fbb6426ae8f70b0"
x-edge-origin-shield-skipped
0
x-amz-version-id
GTAgWQQxNSTA_DI3rmHvBBmdxTv9p5TK
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
2506
x-amz-cf-id
5BMaTSSfYgApew576zLLfFivw-Z3FwUiyOcWZULaKkHEyKvwjnvkgQ==
133542.png
dbq8hrmshvuto.cloudfront.net/001/6a9b9/314d/4812/9fca/a25d8d2f1c6c/thumb/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dbq8hrmshvuto.cloudfront.net/001/6a9b9/314d/4812/9fca/a25d8d2f1c6c/thumb/133542.png
Requested by
Host: ask.fm
URL: https://ask.fm/dimpleleaf174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-165.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b85deb1925e6bcf2ef7d26b0c9623f4079317315c7c17a6042473813b1b35663

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 16:13:48 GMT
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
last-modified
Sun, 23 Aug 2020 10:02:21 GMT
server
AmazonS3
age
3556
etag
"52f802fb018f4b8414b77df40b0dbc7d"
x-edge-origin-shield-skipped
0
x-amz-version-id
DZez.wMo96bdE7nCqpB8U4P0G282EYjG
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/png
content-length
15121
x-amz-cf-id
hol4uoUNM1Crg93lyLv9e0PDSCuk-vt7ML19pQaqT3Kg4WVCZyuVjw==
8444.jpg
dbq8hrmshvuto.cloudfront.net/2e5/80e35/0eee/43a4/98e0/517c52373547/thumb/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dbq8hrmshvuto.cloudfront.net/2e5/80e35/0eee/43a4/98e0/517c52373547/thumb/8444.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/dimpleleaf174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-165.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b477b579664c48d0b2e4446db03763a18ab4c22ff01a0a4eeea5049f7ac94900

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
kUZRUbs6oZF_MWcxn_fDzj28bQhdnH05
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
last-modified
Thu, 09 Jan 2020 10:39:12 GMT
server
AmazonS3
age
365
etag
"142672a0002c03199795953a41c6514d"
x-edge-origin-shield-skipped
0
content-type
image/jpeg
x-amz-storage-class
REDUCED_REDUNDANCY
date
Sat, 25 Sep 2021 17:06:59 GMT
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
2290
x-amz-cf-id
WaICuWnwkZYGBPxXaqrBHmiw4pwv7YWMWUzlD-nzpcODub5rtWW7jg==
379750.jpg
d16vsmxl4d5tw1.cloudfront.net/e49/8f0ae/bd9e/4afe/a57b/41da1536a622/thumb/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/e49/8f0ae/bd9e/4afe/a57b/41da1536a622/thumb/379750.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/dimpleleaf174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-224.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b227f56a43511b6e86555660ea43ab1a46930545071c2e333f0465759ce63074

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 15:26:53 GMT
via
1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
last-modified
Thu, 20 Dec 2018 21:12:09 GMT
server
AmazonS3
age
6370
etag
"9288128e81b4666fba2283a93e1c7c40"
x-edge-origin-shield-skipped
0
x-amz-version-id
xIJi0kvp2PJ5t405kUosEslf3dUwQd72
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
2622
x-amz-cf-id
ysYFK55haYuHuOcXScLzNBrd_MiWxp8C2J9Bgk2iDG83BQv4puOr9w==
149698.jpg
dbq8hrmshvuto.cloudfront.net/c54/d223f/6cc0/4220/a1a1/d5c75b593f18/thumb/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dbq8hrmshvuto.cloudfront.net/c54/d223f/6cc0/4220/a1a1/d5c75b593f18/thumb/149698.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/dimpleleaf174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-165.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0a6a088ce88b703a49e8fb5f0d3096ce6f66491080477080d17f9727f9394268

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 04:55:23 GMT
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
last-modified
Sun, 12 Jul 2020 23:35:34 GMT
server
AmazonS3
age
44260
etag
"f6470de6eb45455bd7c1488d59cca8bd"
x-edge-origin-shield-skipped
0
x-amz-version-id
dMYwRB5c2ffegDjmHDAGW3qpvl4X5LLl
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
2657
x-amz-cf-id
K54kUB24GlDSkimgpQY8EqSoOh3WrIwbtknEreFl93OL5BcabjCjnA==
319841.jpg
d16vsmxl4d5tw1.cloudfront.net/5e4/c791e/30bb/4d49/863c/afcc646c4e79/thumb/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/5e4/c791e/30bb/4d49/863c/afcc646c4e79/thumb/319841.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/dimpleleaf174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-224.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1accd948bfc40e8ec6a71d60ae55686814df618a225d665d892e2d5c459e4869

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 16:54:11 GMT
via
1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
last-modified
Wed, 27 Jun 2018 01:05:33 GMT
server
AmazonS3
age
1133
etag
"3d20577db9ac11016f251429fc66a066"
x-edge-origin-shield-skipped
0
x-amz-version-id
AQClFy1Mf7mvXj0F.m7y.jyLd4Xp9CRL
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
2539
x-amz-cf-id
k-Fmahssqy8SP-kHFJ5rKjlawE-lUGAS2vFY_LWs7Aaa1uW9b2VmKA==
11134.jpg
d16vsmxl4d5tw1.cloudfront.net/4f1/be80c/8a26/4374/b90c/f2cdb9e6f678/thumb/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/4f1/be80c/8a26/4374/b90c/f2cdb9e6f678/thumb/11134.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/dimpleleaf174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-224.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b4f605742ba56e6a2bbaab92fb08a0532d7d690dcfa9770b225fa4ac4b65a5c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:06:59 GMT
via
1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
last-modified
Fri, 27 Dec 2019 14:03:44 GMT
server
AmazonS3
age
365
etag
"eb9f5863895921b96184bb270c1406a8"
x-edge-origin-shield-skipped
0
x-amz-version-id
2w6LwaVX4yauWo.SRZuZrwRpHwucTi4H
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
2002
x-amz-cf-id
Os7ySNKiGWUsvXUtYhT4Kubz0UDouos-XBATtfK4L4c02L5PKQoSfw==
83735.jpg
d16vsmxl4d5tw1.cloudfront.net/954/69e01/70b1/433d/9ca1/3f8525591097/thumb/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/954/69e01/70b1/433d/9ca1/3f8525591097/thumb/83735.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/dimpleleaf174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-224.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d508bc23e69e65b2773b660dc0c1664f0e08097c2375af9a6b80ffe05fa296a2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 16:59:45 GMT
via
1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
last-modified
Fri, 07 Sep 2018 21:43:13 GMT
server
AmazonS3
age
799
etag
"3b12979fa1876941780a315913d3460a"
x-edge-origin-shield-skipped
0
x-amz-version-id
ADPxDau4WnuPAir.aPhdSr_ehBrNERd_
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
2157
x-amz-cf-id
BsUrZnERP4QFVUEFYCKOZsgH1DiIhAn3bMzv1ytELtYtZMPss2-PCQ==
61893.jpg
dbq8hrmshvuto.cloudfront.net/4b4/4d0e8/02bf/4f58/8ff3/c09fa8b60525/thumb/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dbq8hrmshvuto.cloudfront.net/4b4/4d0e8/02bf/4f58/8ff3/c09fa8b60525/thumb/61893.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/dimpleleaf174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-165.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7cb7054f41df4688162c9d762db001850e8b66dc54666797e197478f6d9887bb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 00:26:15 GMT
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
last-modified
Thu, 28 May 2020 14:05:13 GMT
server
AmazonS3
age
60409
etag
"1a00e160c24eacdbf7eca784c3cb5c70"
x-edge-origin-shield-skipped
0
x-amz-version-id
dVLI6vymXa9jwYHZb7vBV_Pp1s04.Wun
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
3998
x-amz-cf-id
GfzN2lGOANDo1O0SU9w8dZiQekn1wn3dM51qCUk0OUPJOChluYQ2kA==
264285.jpg
d16vsmxl4d5tw1.cloudfront.net/67d/22a0e/5200/4190/97c0/481349dee006/thumb/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/67d/22a0e/5200/4190/97c0/481349dee006/thumb/264285.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/dimpleleaf174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-224.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
68e680e7fc29162479ceea99fd8ec1b384d534593b9ec4dc6c1101543dcc7e64

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 16:17:23 GMT
via
1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
last-modified
Sun, 30 Jun 2019 18:43:53 GMT
server
AmazonS3
age
3341
etag
"4306c81a17842408bb0f8685055d51ed"
x-edge-origin-shield-skipped
0
x-amz-version-id
UVXcs6ZSDPJwLPcRcqTCHrepgJOqYJtt
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
3541
x-amz-cf-id
7ZBYuXghHuAtrdI2_MUpR6S-i4wlVU1w3XF7-i95EvwgexO_OoQy3A==
56078.png
d16vsmxl4d5tw1.cloudfront.net/918/bc37e/e39b/4ad0/a2c2/733f9c7348ca/thumb/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/918/bc37e/e39b/4ad0/a2c2/733f9c7348ca/thumb/56078.png
Requested by
Host: ask.fm
URL: https://ask.fm/dimpleleaf174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-224.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
50b369f49129738f9a30ccc0362c956ce4667f1f00460b6233b8a2fbcde3a1f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 04:56:34 GMT
via
1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
last-modified
Sat, 04 May 2019 23:33:12 GMT
server
AmazonS3
age
44190
etag
"b93181b888c5d00c7afc70464582d1ca"
x-edge-origin-shield-skipped
0
x-amz-version-id
aG4Am24oB8Kxy8QEerpWHVygWbugDm7m
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/png
content-length
16781
x-amz-cf-id
WTupIs1R4FQbyNTcyfMFSax3LA3ecnREAygwWp8XAFEGJCffgvhg0w==
skeleton.gif
static.adsafeprotected.com/ 		43 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif
Requested by
Host: ask.fm
URL: https://ask.fm/dimpleleaf174
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.174.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-174-220.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:03 GMT
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
nginx/1.16.1
age
18557168
etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-cache-status
HIT
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
content-length
43
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9407.Y7ToBPdneKX19SzBQYGqzLhRqzAuOtAvojXkK2oTN3YVK9rgjnF8wnYP-SRDrMaN.j2E7nDCX2aQKoKHCqblsBQQm5Jk%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9407.1ej8TCR1I7ow3r-cB_U6dcPdadM5l7Ec1ipKSpeb7T6Te9IP53tbZ0Ds7RuMW6CR-q2LkeOJ6UdesJfjxHBoqQ%2C%2C.zsZIzaQCWTy1ipMUUoTlWUJgM90%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9407.1ej8TCR1I7ow3r-cB_U6dcPdadM5l7Ec1ipKSpeb7T6Te9IP53tbZ0Ds7RuMW6CR-q2LkeOJ6UdesJfjxHBoqQ%2C%2C.zsZIzaQCWTy1ipMUUoTlWUJgM90%2C
Requested by
Host: ask.fm
URL: https://ask.fm/dimpleleaf174
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:03 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9407.1ej8TCR1I7ow3r-cB_U6dcPdadM5l7Ec1ipKSpeb7T6Te9IP53tbZ0Ds7RuMW6CR-q2LkeOJ6UdesJfjxHBoqQ%2C%2C.zsZIzaQCWTy1ipMUUoTlWUJgM90%2C
date
Sat, 25 Sep 2021 17:13:03 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: ask.fm
URL: https://ask.fm/dimpleleaf174
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:03 GMT
last-modified
Sat, 25 Sep 2021 10:27:39 GMT
etag
"614ecf6b-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sat, 25 Sep 2021 18:13:03 GMT
1
mc.yandex.com/watch/48953915/
Redirect Chain
  • https://mc.yandex.com/watch/48953915?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fdimpleleaf174&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A592%3Afu%3A0%3Aen%3Autf-8%3...
  • https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fdimpleleaf174&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A592%3Afu%3A0%3Aen%3Autf-8...
383 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fdimpleleaf174&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A592%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A1362935389004%3Ahid%3A690348642%3Az%3A0%3Ai%3A20210925171303%3Aet%3A1632589983%3Ac%3A1%3Arn%3A694969706%3Arqn%3A1%3Au%3A1632589983784394973%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1632589982578%3Ads%3A0%2C303%2C147%2C100%2C0%2C0%2C%2C148%2C5%2C%2C%2C%2C602%3Adsn%3A1%2C302%2C147%2C100%2C0%2C0%2C%2C51%2C6%2C%2C%2C%2C602%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1632589983%3At%3AAccount%20Suspended%20-%20Ask.fm
Requested by
Host: ask.fm
URL: https://ask.fm/dimpleleaf174
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
922c64eafab3446ab36a749ac1e93e8dcbd637161988107a58cab903ab752c3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 17:13:03 GMT
x-content-type-options
nosniff
last-modified
Sat, 25-Sep-2021 17:13:03 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
383
x-xss-protection
1; mode=block
expires
Sat, 25-Sep-2021 17:13:03 GMT

Redirect headers

pragma
no-cache
date
Sat, 25 Sep 2021 17:13:03 GMT
last-modified
Sat, 25-Sep-2021 17:13:03 GMT
location
/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fdimpleleaf174&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A592%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A1362935389004%3Ahid%3A690348642%3Az%3A0%3Ai%3A20210925171303%3Aet%3A1632589983%3Ac%3A1%3Arn%3A694969706%3Arqn%3A1%3Au%3A1632589983784394973%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1632589982578%3Ads%3A0%2C303%2C147%2C100%2C0%2C0%2C%2C148%2C5%2C%2C%2C%2C602%3Adsn%3A1%2C302%2C147%2C100%2C0%2C0%2C%2C51%2C6%2C%2C%2C%2C602%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1632589983%3At%3AAccount%20Suspended%20-%20Ask.fm
strict-transport-security
max-age=31536000
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sat, 25-Sep-2021 17:13:03 GMT
formats.js
ad.lkqd.net/vpaid/ Frame BD69 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: ask.fm
URL: https://ask.fm/dimpleleaf174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:03 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1632589983.cds132.fr8.hn,1632589983.cds289.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
formats.js
ad.lkqd.net/vpaid/ Frame 0F9E 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: ask.fm
URL: https://ask.fm/dimpleleaf174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:03 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1632589983.cds132.fr8.hn,1632589983.cds289.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
cookie
a.vidoomy.com/api/rtbserver/ Frame DF08
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=f21d3a9e-a4a1-4873-84f6-b16245ceb721-614f589f-5553&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=f21d3a9e-a4a1-4873-84f6-b16245ceb721-614f589f-5553&partner_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3D...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=f21d3a9e-a4a1-4873-84f6-b16245ceb721-614f589f-5553&partner_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%...
  • https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=f21d3a9e-a4a1-4873-84f6-b16245ceb721-614f589f-5553
43 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=f21d3a9e-a4a1-4873-84f6-b16245ceb721-614f589f-5553
Requested by
Host: ask.fm
URL: https://ask.fm/dimpleleaf174
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.90.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-90-134.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

:method
GET
:authority
a.vidoomy.com
:scheme
https
:path
/api/rtbserver/cookie?i=CEN&uid=f21d3a9e-a4a1-4873-84f6-b16245ceb721-614f589f-5553
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ask.fm/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

date
Sat, 25 Sep 2021 17:13:03 GMT
content-type
image/gif
content-length
43
content-encoding
none
set-cookie
vidoomy-uids=eyJ1aWRzIjp7IkNFTiI6eyJ1aWQiOiJmMjFkM2E5ZS1hNGExLTQ4NzMtODRmNi1iMTYyNDVjZWI3MjEtNjE0ZjU4OWYtNTU1MyIsImV4cGlyZXMiOjE2MzUxODE5ODN9fX0=; Path=/; Domain=vidoomy.com; Expires=Sun, 25 Sep 2022 17:13:03 GMT; Secure; SameSite=None
vary
Origin

Redirect headers

date
Sat, 25 Sep 2021 17:13:03 GMT
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie
TapAd_TS=1632589983730;Expires=Wed, 24 Nov 2021 17:13:03 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=25e22c99-6acc-4f03-a6c8-63e1754dbe1f;Expires=Wed, 24 Nov 2021 17:13:03 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_3WAY_SYNCS=;Expires=Wed, 24 Nov 2021 17:13:03 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=f21d3a9e-a4a1-4873-84f6-b16245ceb721-614f589f-5553
content-length
0
via
1.1 google
alt-svc
clear
p2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=897688&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va...
  • https://sb.scorecardresearch.com/p2?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=897688&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=v...
64 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=897688&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va&ns_st_cl=0&ns_st_pt=0&c3=vidoomynet&c4=&c6=&ns_ts=1632589983
Requested by
Host: ask.fm
URL: https://ask.fm/dimpleleaf174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-125.fra50.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:03 GMT
via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
6xQ5x1BXuS-hEHDh2AwZihhbZxGJLfvfJaiMLIj2zfmop5upVVMNvg==

Redirect headers

date
Sat, 25 Sep 2021 17:13:03 GMT
via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/p2?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=897688&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va&ns_st_cl=0&ns_st_pt=0&c3=vidoomynet&c4=&c6=&ns_ts=1632589983
content-length
281
x-amz-cf-id
zU0tkBLqwzhPANlTvsz8puP7icRHuStwGQ04_xSamBjEmR6gX3SRVA==
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=477388954.516702061776682537.5950449
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=477388954.516702061776682537.5950449
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=vidoomy&bsw_custom_parameter=89dc79c7-90a1-4ae7-969f-c85fa43b5b52
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=vidoomy&bsw_custom_parameter=89dc79c7-90a1-4ae7-969f-c85fa43b5b52
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=6344ec75-1c56-4788-8567-344c623af1d1&user_group=1&ssp=vidoomy&bsw_param=89dc79c7-90a1-4ae7-969f-c85fa43b5b52
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=89dc79c7-90a1-4ae7-969f-c85fa43b5b52
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=89dc79c7-90a1-4ae7-969f-c85fa43b5b52
Requested by
Host: ask.fm
URL: https://ask.fm/dimpleleaf174
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.90.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-90-134.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:03 GMT
content-encoding
none
content-length
43
vary
Origin
content-type
image/gif

Redirect headers

Location
//a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=89dc79c7-90a1-4ae7-969f-c85fa43b5b52
Date
Sat, 25 Sep 2021 17:13:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://sync.1rx.io/usersync2/vidoomy?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2132261504
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2132261504
  • https://sync.1rx.io/usersync/tradedesk/55b3b496-f579-440a-904c-cb231f86d3bc
  • https://sync.targeting.unrulymedia.com/csync/RX-0eea9e51-22c6-41b2-bbbe-0e1def4616e0-003?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3DRX-0eea9e51-22c6-41b2-bbbe-0e1...
  • https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=RX-0eea9e51-22c6-41b2-bbbe-0e1def4616e0-003
43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=RX-0eea9e51-22c6-41b2-bbbe-0e1def4616e0-003
Requested by
Host: ask.fm
URL: https://ask.fm/dimpleleaf174
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.90.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-90-134.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:03 GMT
content-encoding
none
content-length
43
vary
Origin
content-type
image/gif

Redirect headers

location
https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=RX-0eea9e51-22c6-41b2-bbbe-0e1def4616e0-003
date
Sat, 25 Sep 2021 17:13:03 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX0eea9e5122c641b2bbbe0e1def4616e0003
content-type
text/html
auto-user-sync
ads.stickyadstv.com/ 		43 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/auto-user-sync
Requested by
Host: ask.fm
URL: https://ask.fm/dimpleleaf174
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:03 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1632589983578029-382
Expires
Sat, 25 Sep 2021 17:13:03 GMT
usync.html
ad.lkqd.net/cookie-sync/ Frame D313 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 25 Sep 2021 17:13:03 GMT
content-encoding
gzip
content-length
1868
content-type
text/html
last-modified
Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges
bytes
etag
"81f08e6987a7c8675462207e3514d72e"
cache-control
public, max-age=1209600
x-hw
1632589983.cds132.fr8.hn,1632589983.cds226.fr8.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame BD69 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fdimpleleaf174&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=23532825&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.69 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
d9bca32135f63f5e09efbeb495dfc732532423f195c5a3983dc4d044c51b1f02

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:03 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1358
usync.html
ad.lkqd.net/cookie-sync/ Frame D035 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 25 Sep 2021 17:13:03 GMT
content-encoding
gzip
content-length
1868
content-type
text/html
last-modified
Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges
bytes
etag
"81f08e6987a7c8675462207e3514d72e"
cache-control
public, max-age=1209600
x-hw
1632589983.cds132.fr8.hn,1632589983.cds226.fr8.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 0F9E 		180 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148643&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fdimpleleaf174&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=10365328&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.69 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:03 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
150
pixel
cm.g.doubleclick.net/ Frame D313
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&google_hm=QjhuMHBUT3hXcm8
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm=&google_hm=QjhuMHBUT3hXcm8&google_tc=
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm=&google_hm=QjhuMHBUT3hXcm8&google_tc=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 17:13:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 25 Sep 2021 17:13:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm=&google_hm=QjhuMHBUT3hXcm8&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
311
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
lkqd
event.clientgear.com/cookie/ Frame D313
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
  • https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=iEPG6ZyxYDg
0
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=iEPG6ZyxYDg
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.252.78.131 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:04 GMT
content-length
0

Redirect headers

date
Sat, 25 Sep 2021 17:13:03 GMT
server
nginx
location
https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=iEPG6ZyxYDg
access-control-max-age
0
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
cs
cs.lkqd.net/ Frame D313
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252...
  • https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=xd4LHD43_vo&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D
  • https://cs.lkqd.net/cs?partnerId=102&partnerUserId=8128ae9c-5111-408d-9026-95df7974a732
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=8128ae9c-5111-408d-9026-95df7974a732
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.78 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:04 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:04 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=8128ae9c-5111-408d-9026-95df7974a732
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
NXST
c.deployads.com/cs/ Frame D313
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
  • https://c.deployads.com/cs/NXST?b=9_DRYUd2rAc
43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.deployads.com/cs/NXST?b=9_DRYUd2rAc
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.212.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-212-58.eu-west-1.compute.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 17:13:03 GMT
cache-control
no-cache
server
SortableCactus/1.0
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Sat, 25 Sep 2021 17:13:03 GMT
server
nginx
location
https://c.deployads.com/cs/NXST?b=9_DRYUd2rAc
access-control-max-age
0
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
cs
cs.lkqd.net/ Frame D313
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4478057778296896944
43 B
526 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4478057778296896944
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.78 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:03 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4478057778296896944
pragma
no-cache
date
Sat, 25 Sep 2021 17:13:02 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pixel
cm.g.doubleclick.net/ Frame D035
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&google_hm=OHJkby0tNW1HbkE
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm=&google_hm=OHJkby0tNW1HbkE&google_tc=
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm=&google_hm=OHJkby0tNW1HbkE&google_tc=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 17:13:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 25 Sep 2021 17:13:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm=&google_hm=OHJkby0tNW1HbkE&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
311
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
lkqd
event.clientgear.com/cookie/ Frame D035
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
  • https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=tD7yckwaGac
0
133 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=tD7yckwaGac
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.252.78.131 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:04 GMT
content-length
0

Redirect headers

date
Sat, 25 Sep 2021 17:13:03 GMT
server
nginx
location
https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=tD7yckwaGac
access-control-max-age
0
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
cs
cs.lkqd.net/ Frame D035
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252...
  • https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=OfEVR28IWIM&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D
  • https://cs.lkqd.net/cs?partnerId=102&partnerUserId=7568e9fe-38c9-4143-8cc1-df8bd7ca4206
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=7568e9fe-38c9-4143-8cc1-df8bd7ca4206
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.78 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:04 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:04 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=7568e9fe-38c9-4143-8cc1-df8bd7ca4206
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
NXST
c.deployads.com/cs/ Frame D035
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
  • https://c.deployads.com/cs/NXST?b=FdfmZyOpPOE
43 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.deployads.com/cs/NXST?b=FdfmZyOpPOE
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.212.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-212-58.eu-west-1.compute.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 17:13:04 GMT
cache-control
no-cache
server
SortableCactus/1.0
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Sat, 25 Sep 2021 17:13:03 GMT
server
nginx
location
https://c.deployads.com/cs/NXST?b=FdfmZyOpPOE
access-control-max-age
0
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
cs
cs.lkqd.net/ Frame D035
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4550115372334824880
43 B
526 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4550115372334824880
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.78 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:03 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=4550115372334824880
pragma
no-cache
date
Sat, 25 Sep 2021 17:13:02 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.94 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 25 Sep 2021 17:13:04 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame 23AB 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.94 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 25 Sep 2021 17:13:04 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid.js
ad.lkqd.net/vpaid/ Frame 52AE 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:03 GMT
content-encoding
gzip
last-modified
Mon, 10 May 2021 16:09:54 GMT
etag
"18431b5d583ab7507824ab63424fc76a"
x-hw
1632589983.cds132.fr8.hn,1632589983.cds107.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62012
usync.html
ad.lkqd.net/cookie-sync/ Frame EDB2 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
cookie
sr59=1||1632589983; lkqdidts=1632589983; sr103=1||1632589983; sr102=1||1632589983; sr99=1||1632589983; sr94=1|4478057778296896944|1632589983; lkqdid=_M04G1iHkbc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 25 Sep 2021 17:13:03 GMT
content-encoding
gzip
content-length
1868
content-type
text/html
last-modified
Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges
bytes
etag
"81f08e6987a7c8675462207e3514d72e"
cache-control
public, max-age=1209600
x-hw
1632589983.cds132.fr8.hn,1632589983.cds226.fr8.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fdimpleleaf174&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=23532825&m=&rtv=1&thost=ask.fm
Protocol
H2
Server
146.20.132.69 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 25 Sep 2021 17:13:04 GMT
content-length
0
access-control-allow-origin
https://ask.fm
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
ad
v.lkqd.net/ Frame 52AE 		86 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fdimpleleaf174&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=23532825&m=&rtv=1&thost=ask.fm
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.69 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
ac243b23762e4a07032d021b32c1c8b457ffe8f3974bead1ae294ea15898291e

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 25 Sep 2021 17:13:04 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
6250
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
cs
cs.lkqd.net/ Frame EDB2
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=AjWmp0epTDRp_YgNDP0agdiDckk
43 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=AjWmp0epTDRp_YgNDP0agdiDckk
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.78 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:04 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=AjWmp0epTDRp_YgNDP0agdiDckk
Date
Sat, 25 Sep 2021 17:13:04 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
cs
cs.lkqd.net/ Frame EDB2
Redirect Chain
  • https://nxd.adhaven.com/bid-engine/cs/2e288610711ad6050acd86a3fc72a6c3/v1?rd=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D90%26partnerUserId%3D%24UID
  • https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_083d9508-1a0d-46dd-b5b7-6e402c26ca75
43 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_083d9508-1a0d-46dd-b5b7-6e402c26ca75
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.78 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:04 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_083d9508-1a0d-46dd-b5b7-6e402c26ca75
date
Sat, 25 Sep 2021 17:13:04 GMT
via
1.1 google
server
WildFly/10
x-powered-by
Undertow/1
alt-svc
clear
content-length
0
cm
p.rfihub.com/ Frame EDB2 		42 B
614 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?pub=35678&in=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 17:13:04 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cs
cs.lkqd.net/ Frame EDB2
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=85&redirect=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db30%26u%3D%24%24rawlkqduserid%24%24%26redirect%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%2...
  • https://a.tribalfusion.com/i.match?p=b30&u=_M04G1iHkbc&redirect=https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D$TF_USER_ID_ENC$
  • https://s.tribalfusion.com/z/i.match?p=b30&u=_M04G1iHkbc&redirect=https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D$TF_USER_ID_ENC$
  • https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662308853187965
0
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662308853187965
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.78 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:04 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0

Redirect headers

pragma
no-cache
date
Sat, 25 Sep 2021 17:13:04 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
668
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6945e18969d1d721-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662308853187965
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
cs
cs.lkqd.net/ Frame EDB2
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/lkq
  • https://match.prod.bidr.io/cookie-sync/lkq?_bee_ppp=1
  • https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AAJTgk7CnrEAADbPlSHbHg
43 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AAJTgk7CnrEAADbPlSHbHg
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.78 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:04 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AAJTgk7CnrEAADbPlSHbHg
Date
Sat, 25 Sep 2021 17:13:04 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.94 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 25 Sep 2021 17:13:04 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame 91A5 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.94 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 25 Sep 2021 17:13:04 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 2B08 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.94 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 25 Sep 2021 17:13:04 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.94 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 25 Sep 2021 17:13:04 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
/
adx.adform.net/adx/ 		65 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fask.fm%2Fdimpleleaf174
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:04 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fask.fm%2Fdimpleleaf174&cb=52711983&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C63087268440557889392067577428,,
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fask.fm%2Fdimpleleaf174&cb=52711983&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C63087268440557889392067577428,,
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
0
0
218945
search.spotxchange.com/vast/2.0/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=https%3A%2F%2Fask.fm%2Fdimpleleaf174&cb=471646176&player_width=400&player_height=225&regs[gdpr]=&user[consent]=&device[geo][lat]=&device[geo][lon]=&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C6308726844055788939887478669%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 17:13:04 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000248
X-SpotX-Timing-SpotMarket
0.009843
X-SpotX-Timing-Page-Mux
0.000798
X-SpotX-Timing-Page-Require
0.000369
X-fe
118
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000025
Content-Length
77
X-SpotX-Timing-Page
0.014055
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000287
Last-Modified
Sat, 25 Sep 2021 17:13:04 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.009843
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://ask.fm
X-SpotX-Timing-Page-Misc
0.002477
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000008
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
adx.adform.net/adx/ 		65 B
643 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&url=https%3A%2F%2Fask.fm%2Fdimpleleaf174&t=2
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:04 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
sync
ups.analytics.yahoo.com/ups/56465/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=163799699&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fdimpleleaf174&eov=eov&pi.width=400&pi...
  • https://pr-bh.ybp.yahoo.com/sync/adtech/VAd81eb05f-1e23-11ec-a14e-02b90c27b1e5?gdpr=0&gdpr_consent=&nsync=1
  • https://pixel.advertising.com/ups/56465/sync?uid=y-F10BoFpE2p6aclac0QVvHUPAscXsS_7oHekg~A&_origin=0&nsync=1
  • https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-F10BoFpE2p6aclac0QVvHUPAscXsS_7oHekg~A&_origin=0&nsync=1&apid=VAd81eb05f-1e23-11ec-a14e-02b90c27b1e5
227 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-F10BoFpE2p6aclac0QVvHUPAscXsS_7oHekg~A&_origin=0&nsync=1&apid=VAd81eb05f-1e23-11ec-a14e-02b90c27b1e5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 17:13:04 GMT
Strict-Transport-Security
max-age=31536000
Server
ATS/7.1.2.138
Age
0
Vary
Origin
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin
null
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/xml;charset=UTF-8
Transfer-Encoding
chunked

Redirect headers

date
Sat, 25 Sep 2021 17:13:04 GMT
location
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-F10BoFpE2p6aclac0QVvHUPAscXsS_7oHekg~A&_origin=0&nsync=1&apid=VAd81eb05f-1e23-11ec-a14e-02b90c27b1e5
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
null
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
content-length
0
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C17142597176308726844055788939,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f5fd425fc2c941865be5b770d6a6ab2bd4bb2e41d2988104447132e7aa678a62

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:04 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1158
x-sticky-vk
1632589984266046-418
Expires
Sat, 25 Sep 2021 17:13:04 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C13123278266308726844055788939,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
87f061a51a572a2acf5fae1148e6f4cd90a06860c751d1c2615041481f431ac8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:04 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1158
x-sticky-vk
1632589984345021-419
Expires
Sat, 25 Sep 2021 17:13:04 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C6308726844055788939824415883%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3b952b3f1e0a77611474b4d168a3ba3c72b4be7ad57a071f8ef5061b2eab7ad3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:04 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1188
x-sticky-vk
1632589984345022-419
Expires
Sat, 25 Sep 2021 17:13:04 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C6308726844055788939783274585%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8f6b753276fb19689d62bc8faa080e61d670c5be241c973bf261f8825821d584

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:04 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1188
x-sticky-vk
1632589984287044-382
Expires
Sat, 25 Sep 2021 17:13:04 GMT
sync
ups.analytics.yahoo.com/ups/56465/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=732147395&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fdimpleleaf174&eov=eov&pi.width=400&pi...
  • https://pr-bh.ybp.yahoo.com/sync/adtech/VAd81f3d6e-1e23-11ec-b296-068489b665ff?gdpr=0&gdpr_consent=&nsync=1
  • https://pixel.advertising.com/ups/56465/sync?uid=y-6qVUILZE2p6H6DeFh_vhbJsDZI_..Sd3EvbK~A&_origin=0&nsync=1
  • https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-6qVUILZE2p6H6DeFh_vhbJsDZI_..Sd3EvbK~A&_origin=0&nsync=1&apid=VAd81eb05f-1e23-11ec-a14e-02b90c27b1e5
227 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-6qVUILZE2p6H6DeFh_vhbJsDZI_..Sd3EvbK~A&_origin=0&nsync=1&apid=VAd81eb05f-1e23-11ec-a14e-02b90c27b1e5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 17:13:04 GMT
Strict-Transport-Security
max-age=31536000
Server
ATS/7.1.2.138
Age
0
Vary
Origin
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin
null
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/xml;charset=UTF-8
Transfer-Encoding
chunked

Redirect headers

date
Sat, 25 Sep 2021 17:13:04 GMT
location
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-6qVUILZE2p6H6DeFh_vhbJsDZI_..Sd3EvbK~A&_origin=0&nsync=1&apid=VAd81eb05f-1e23-11ec-a14e-02b90c27b1e5
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
null
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
content-length
0
av
vidoomy-d.openx.net/v/1.0/
Redirect Chain
  • https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fask.fm%2Fdimpleleaf174&cb=52711983&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C63087268440557889392067577428,,
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fask.fm%2Fdimpleleaf174&cb=52711983&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C63087268440557889392067577428,,
48 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fask.fm%2Fdimpleleaf174&cb=52711983&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C63087268440557889392067577428,,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.3 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 17:13:04 GMT
content-encoding
gzip
server
OXGW/16.216.3
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ask.fm
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Sat, 25 Sep 2021 17:13:04 GMT
via
1.1 google
server
OXGW/16.216.3
location
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fask.fm%2Fdimpleleaf174&cb=52711983&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C63087268440557889392067577428,,
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ask.fm
access-control-allow-credentials
true
alt-svc
clear
content-length
0
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-f82948a8cf5896011175c1fbf42c5b3ad45aaa9cfae7d60fa0f42812eb0e410e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frt3.fbcdn.net
Software
/
Resource Hash
a93424c9abbb8dfbf54ab7ac46a0e4233a11f53e2b0a5fcea0264abc13e7aca8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
M3IfGVCUI0rdK2CsR/uUxw==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1687
x-fb-rlafr
0
x-fb-debug
Mz89cCFJbFfD3sOLgsGxw6vcuy7K2FlZ/gWh4FhiIX1jAue319bcJ3kzaJOQ5Wg+mvAmBPxsj+g9/iUQa30WGA==
x-fb-trip-id
686109401
x-fb-content-md5
73538915794030db6bc531c17e403780
x-frame-options
DENY
date
Sat, 25 Sep 2021 17:13:04 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"452e794430fe8ecbae5cd6c83ff7bc0b"
timing-allow-origin
*
expires
Sat, 25 Sep 2021 17:13:47 GMT
gtm.js
www.googletagmanager.com/ 		101 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NDJVZHZ
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-f82948a8cf5896011175c1fbf42c5b3ad45aaa9cfae7d60fa0f42812eb0e410e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
677dbd144709b39776555be63083a7789315b41255335fc423014eedc26c04d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:04 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40288
x-xss-protection
0
last-modified
Sat, 25 Sep 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 25 Sep 2021 17:13:04 GMT
3eb3366e-65c3-4a24-90f5-0026136a4131.min.js
cmp.optad360.io/items/ 		2 B
359 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.optad360.io/items/3eb3366e-65c3-4a24-90f5-0026136a4131.min.js
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-f82948a8cf5896011175c1fbf42c5b3ad45aaa9cfae7d60fa0f42812eb0e410e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-119.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 16:45:47 GMT
via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
last-modified
Wed, 28 Apr 2021 09:49:58 GMT
server
AmazonS3
age
1638
etag
"99914b932bd37a50b983c5e7c90ae93b"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
2
x-amz-cf-id
TNu61D-Jo8ZzcvbvFl2tftxA4LB1soo7f9jkJcJu6qMpQI_Bj5uPUQ==
plugin.min.js
get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/ 		276 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-f82948a8cf5896011175c1fbf42c5b3ad45aaa9cfae7d60fa0f42812eb0e410e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-6.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0a76103406e7e58113441df8f2771a0f85544abb8f4abbf2ada5639b7326b659

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:00:14 GMT
content-encoding
gzip
last-modified
Wed, 15 Sep 2021 14:22:28 GMT
server
AmazonS3
age
771
etag
W/"4074a1126a14c337156303ffa83e7e61"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
8nQjyc-M0OuFwb7JR4M-ObvPQAB5d-ZMYfdlCNQ9bw-KSm6a-xzV8g==
v2ftbbdgjShj9cn-PQTFZOw4lZHs9wIzao85LOpZodWD1ckuccFkaHcbvffZrb3cy6ZeSklSffErFDD4EYw
colossalcoat.com/ 		216 B
607 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://colossalcoat.com/v2ftbbdgjShj9cn-PQTFZOw4lZHs9wIzao85LOpZodWD1ckuccFkaHcbvffZrb3cy6ZeSklSffErFDD4EYw
Requested by
Host: colossalcoat.com
URL: https://colossalcoat.com/v2doydDDr7mj6NrgHnAK5ak-qxBmJSRZTUAYuHM-2FpCgUsDt2NNH9aFlN0Jtm2lc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
133.96.201.35.bc.googleusercontent.com
Software
/
Resource Hash
183f6540981cc2cff9cef46b0b44c71f7c99156a7840de786f453c220dc6890a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Sat, 25 Sep 2021 17:13:04 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
e47ab626
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
216
expires
Sat, 25 Sep 2021 17:13:03 GMT
sdk.js
connect.facebook.net/en_US/ 		263 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=0557b70439188beae385b57d9610ce3d
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frt3.fbcdn.net
Software
/
Resource Hash
d730a56c524dd0fcc585ee044ff1e9263faab484c62d326aceb4e379fc781457
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Oi7HodFVviwq7IEe2u2eYw==
cross-origin-resource-policy
cross-origin
expires
Sun, 25 Sep 2022 14:57:45 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
76125
x-fb-rlafr
0
x-fb-debug
V7PqRImQU3qaQlv3NQTV4HQ9ya5vbQAaw1jr7YHXrjbvGH6Ju5WUrcyD90zqRyEUhmXkCwstwOWSNwbcw5pjTQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
265e13a8a056032d5c2ec578a02de058
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 25 Sep 2021 17:13:04 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"ab2466e906f14af20a17cf7bf5ab64e1"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
/
www.facebook.com/tr/ 		44 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=129215213762342&ev=fb_page_view&dl=https%3A%2F%2Fask.fm%2Fdimpleleaf174&rl=&if=false&ts=1632589984569&sw=1600&sh=1200&at=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:04 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 25 Sep 2021 17:13:04 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDJVZHZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
1264
date
Sat, 25 Sep 2021 16:52:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sat, 25 Sep 2021 18:52:00 GMT
v2qtv3jTjwLFeXA0CyEKdxG7a_r4WCz4jWnhFn9wOMFCiKuIid1KWIfkT0WDO812jUKqtTLYF7DX2JyZPAw
colossalcoat.com/ 		3 B
36 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://colossalcoat.com/v2qtv3jTjwLFeXA0CyEKdxG7a_r4WCz4jWnhFn9wOMFCiKuIid1KWIfkT0WDO812jUKqtTLYF7DX2JyZPAw
Requested by
Host: colossalcoat.com
URL: https://colossalcoat.com/v2doydDDr7mj6NrgHnAK5ak-qxBmJSRZTUAYuHM-2FpCgUsDt2NNH9aFlN0Jtm2lc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
133.96.201.35.bc.googleusercontent.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Sat, 25 Sep 2021 17:13:04 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
access-control-allow-credentials
true
x-hostname
e47ab626
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
3
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=35849014&t=pageview&_s=1&dl=https%3A%2F%2Fask.fm%2Fdimpleleaf174&ul=en-us&de=UTF-8&dt=Account%20Suspended%20-%20Ask.fm&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1948278205&gjid=431211743&cid=830168045.1632589985&tid=UA-12308109-15&_gid=697122398.1632589985&_r=1&gtm=2wg9m0NDJVZHZ&z=92389531
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 17:13:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-12308109-15&cid=830168045.1632589985&jid=1948278205&gjid=431211743&_gid=697122398.1632589985&_u=YEBAAEAAAAAAAC~&z=1850791943
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.120.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wd-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 25 Sep 2021 17:13:04 GMT
content-type
text/plain
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid4.39.0.js
get.optad360.io/sf/ 		492 KB
493 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/prebid4.39.0.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-6.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
86a90b183aecfa70018125329bdc860971b2f20123c0f40e68bac0a1dcb58645

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 09:46:29 GMT
via
1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
last-modified
Thu, 13 May 2021 10:44:35 GMT
server
AmazonS3
age
4519596
etag
"e020700f5effdce1f4be56434553da72"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=360000000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
503605
x-amz-cf-id
qZbyD_APBzKly-JQ5Ua80k5oD_pDHtZ1t33WvnkeYr6o-veBNz-esA==
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1&lsw=1
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://ask.fm
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1693
date
Sat, 25 Sep 2021 17:13:04 GMT
content-encoding
gzip
vary
Accept-Encoding
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210925
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.86.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d766a9a8cba29e030ed823e1cb7797fe855542c31cfa6e8786738cc4ee9172c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 25 Sep 2021 17:13:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
38128
x-jsd-version
1.0.1110
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19147-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"695-HhUJ4couHeu7Ei08//CtsL9+X8c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6945e18d0f50176e-FRA
localstore.js
script.4dex.io/ 		483 B
710 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.15.161 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:04 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 24 Sep 2021 13:44:43 GMT
server
cloudflare
age
98700
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
6945e18d2eecc277-FRA
x-amz-request-id
2T3ADNM0NA6XVJTY
x-amz-id-2
jfJxyshidfcTxFueSvcRLpZDL5svkJH7V5xVWWKPLBAqwrRRvGkDD6FTjU7Ytu9bd2Xme4HjNt4=
expires
Sat, 25 Sep 2021 17:43:04 GMT
json
gum.criteo.com/sid/ 		320 B
590 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1&lsw=1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
07937a6c164e07a866ffebb0075c63cd59abaf51d7d7ec8288e989bcaa92e4ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sat, 25 Sep 2021 17:13:04 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2357
expires
0
/
adx.adform.net/adx/ 		5 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTg2NTI1MyZ0cmFuc2FjdGlvbklkPTQ3MzE3MWNkLWRiYTctNDdjMC1hZjIzLWE1ZWI0NzBlYTcxNyZyY3VyPVBMTg%3D%3D&pt=gross&stid=47024951-8ecb-49c2-bb49-03aaa1ed2c7b&gdpr=0&gdpr_consent=undefined&fd=1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 17:13:04 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
cygnus
htlb.casalemedia.com/ 		24 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=425272&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223cffba14fbeda9%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fask.fm%2Fdimpleleaf174%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.39.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A2%2C%22msi%22%3A2%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22486bfc8a575f02%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22486bfc8a575f02%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22750x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A750%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22486bfc8a575f02%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e72e1f546abddf9871f231c92d6ed1d1ae30b67e2e86f18af763ee2f791c7434

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 17:13:04 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[216.131.114.73], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ask.fm
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
44
x-ak-client-geo
12
expires
Sat, 25 Sep 2021 17:13:04 GMT
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
2d917facccaa2e9b926dc0e03d9cd5fb9799a38616b1fd921c249049215b1b41

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 17:13:04 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
4%3b1%3b52
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://ask.fm
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
prebid
ib.adnxs.com/ut/v3/ 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
26de30b34acac82a854c76a16e83cdc62cc9ee830353b33c6a0a7e0a6af3afb3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:04 GMT
X-Proxy-Origin
216.131.114.73; 216.131.114.73; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
f8f33a49-1f1e-4f92-9c67-0b43cdc788d1
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adjson
ads.betweendigital.com/ 		2 B
902 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
126f70bb2559a1cc9e0ba41830e7d5e4e84abb8789409cfa6d89bf5020fd7655
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:05 GMT
X-Proxy-Origin
216.131.114.73; 216.131.114.73; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
a10e3a42-7ccc-4b4f-9e21-935f13848c3a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
apacdex
useast.quantumdex.io/auction/ 		0
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.57.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 25 Sep 2021 17:13:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://ask.fm
access-control-allow-credentials
true
cf-ray
6945e18d39bd2c22-FRA
v2
i.connectad.io/api/ 		0
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.55.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 25 Sep 2021 17:13:04 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://ask.fm
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
6945e18d393f5b8c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
c
prebid.a-mo.net/a/ 		861 B
781 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
f8ea138521526c7cce3a5014c2198678efe300eef2415583a8768bedbde1dd0e

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 25 Sep 2021 17:13:04 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
55
content-length
356
prebid-request
onetag-sys.com/ 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://ask.fm
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
adagio.js
script.4dex.io/ 		71 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.15.161 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dce90c8d06a68d557afc87d1783527292438bda3950121393107dcb663dae07

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:04 GMT
content-encoding
gzip
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
age
98702
x-amz-request-id
CNRGFM9Z8PRR9JBY
x-amz-id-2
n7qrxCVm49XhOvATybVxMFIY7ETqYAXMxDKOkZyeDkmWK3DBJkDcX/kHr6yqtx8RrHbm/n8pP0M=
last-modified
Fri, 24 Sep 2021 13:44:41 GMT
server
cloudflare
etag
W/"6cbe4a566109f9ab6c378764f4c5ba22"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
cf-ray
6945e18d5c724e67-FRA
expires
Sat, 25 Sep 2021 17:43:04 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.94 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 25 Sep 2021 17:13:04 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame 2B08 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.94 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 25 Sep 2021 17:13:05 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid_68c68ea6.js
vpaid.springserve.com/production/ Frame 9B7D 		491 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-82.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a54b6501010a2a11a342b7f1459a10336ce2b96a98c523c015de676203f1e282

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:36:21 GMT
content-encoding
br
last-modified
Wed, 22 Sep 2021 17:34:44 GMT
server
AmazonS3
age
257804
etag
W/"c41b3f31e617ac05abbd6b79785bd64a"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
q_p7C77pcc2ulxsDf3YnY_1febKaQzizPDZ_aeWZvlbN1REIaefOVg==
truncated
/ 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
t
t.lkqd.net/ Frame 2B08 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.94 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 25 Sep 2021 17:13:05 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.94 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 25 Sep 2021 17:13:04 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
prebid
ib.adnxs.com/ut/v3/ Frame 9B7D 		165 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
bb5fc650e66e1c93747a1c71b5d8328f780f3d0ba93eb7faff49eeb1c1d9b542
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:05 GMT
X-Proxy-Origin
216.131.114.73; 216.131.114.73; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
3ea5ae6f-7cb2-4d2c-83d8-b36c84839642
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
165
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame 9B7D 		0
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.159.45.88 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-159-45-88.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ask.fm
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ Frame 9B7D 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
f3555f5b3c03b8c7f12bf4d9415a72f99adbd5b58fc4130c3c5fc2a434be6e3a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:05 GMT
X-Proxy-Origin
216.131.114.73; 216.131.114.73; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
0f067c6e-8ba1-4b5a-8a1b-ccd79ab1be57
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 9B7D 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b10616760c90d4e265f25a7f3ff89851887f0ae4d91e11071a940788b151ef08
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:05 GMT
X-Proxy-Origin
216.131.114.73; 216.131.114.73; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
f8922b2f-b26b-4cfb-bfd7-506470e43949
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 9B7D 		963 B
844 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fdimpleleaf174&schain=1.0,1!vidoomy.com,54345,1,1632589984275,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
07f075bf5d549cbb4e0e14658ebdabe82db4a027f5a2d349581d7f00f77e7ef1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 17:13:05 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
592
expires
Sat, 25 Sep 2021 17:13:05 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame D206 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fdimpleleaf174&schain=1.0,1!vidoomy.com,54345,1,1632589984275,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:05 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
showad.js
ads.pubmatic.com/AdServer/js/ Frame 98DF 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fdimpleleaf174&schain=1.0,1!vidoomy.com,54345,1,1632589984275,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=83022
expires
Sun, 26 Sep 2021 16:16:47 GMT
date
Sat, 25 Sep 2021 17:13:05 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame D206 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fdimpleleaf174&schain=1.0,1!vidoomy.com,54345,1,1632589984275,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:05 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:07:52 GMT
server
Apache/2.2.15 (CentOS)
etag
"13006b6-974e-5c4c7cb53d8cb"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=83022
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13946
expires
Sun, 26 Sep 2021 16:16:47 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 98DF 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=24013235&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
3577c44d0ec4a3f5bb93919343bf66936d9471d28a9dd11c333615f9f3408a50

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:05 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame C38D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=D99664AA-4F47-4114-BAAE-E70B620016F6
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=D99664AA-4F47-4114-BAAE-E70B620016F6
35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=D99664AA-4F47-4114-BAAE-E70B620016F6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?CC=1&party=14&cid=D99664AA-4F47-4114-BAAE-E70B620016F6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 25 Sep 2021 17:13:05 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=8284600391802137550; expires=Wed, 24 Nov 2021 17:13:05 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Sat, 25 Sep 2021 17:13:05 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=D99664AA-4F47-4114-BAAE-E70B620016F6
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
C=1; expires=Mon, 25 Oct 2021 17:13:05 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame E43E
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1518085779537032752
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1518085779537032752
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1518085779537032752
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=D99664AA-4F47-4114-BAAE-E70B620016F6; chkChromeAb67Sec=1; DPSync3=1633737600%3A201_197_219%7C1632614400%3A174; SyncRTB3=1633737600%3A54_161_3_8_220_13_7_21_56%7C1633824000%3A35; PUBMDCID=3; KRTBCOOKIE_57=22776-1866752352706313644; PugT=1632589985; KRTBCOOKIE_153=19420-AsyL5AHF3rMZxIfkUs-SslbPh-AZyoy1VZzZ-V_w&KRTB&22979-AsyL5AHF3rMZxIfkUs-SslbPh-AZyoy1VZzZ-V_w; KRTBCOOKIE_27=16735-uid:21cd614f-58a1-4d00-a8ef-28ac81915f69&KRTB&16736-uid:21cd614f-58a1-4d00-a8ef-28ac81915f69&KRTB&23019-uid:21cd614f-58a1-4d00-a8ef-28ac81915f69&KRTB&23114-uid:21cd614f-58a1-4d00-a8ef-28ac81915f69; KRTBCOOKIE_377=6810-55b3b496-f579-440a-904c-cb231f86d3bc&KRTB&22918-55b3b496-f579-440a-904c-cb231f86d3bc&KRTB&23031-55b3b496-f579-440a-904c-cb231f86d3bc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 25 Sep 2021 17:13:05 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-1518085779537032752; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 25-Oct-2021 17:13:05 GMT; path=/ PugT=1632589985; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 25-Oct-2021 17:13:05 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 24-Dec-2021 17:13:05 GMT; path=/
x-lat
lhrpug005:0:912
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1518085779537032752
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 1347 		43 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Sat, 25 Sep 2021 17:13:04 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Sat, 25 Sep 2021 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
245552
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 98DF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2ZZkqk9HQRS6rucLYgAW9g%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:05 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=160786
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Mon, 27 Sep 2021 13:52:51 GMT

Redirect headers

pragma
no-cache
date
Sat, 25 Sep 2021 17:13:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 98DF
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=f9f1614f-58a1-4400-b875-4972f5d298e1
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=f9f1614f-58a1-4400-b875-4972f5d298e1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:04 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 25 Sep 2021 17:13:05 GMT
Server
MT3 3984 0e3af3b master cdg-pixel-x26 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=f9f1614f-58a1-4400-b875-4972f5d298e1
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 25 Sep 2021 17:13:04 GMT
/
pixel.onaudience.com/ Frame 98DF
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=D99664AA-4F47-4114-BAAE-E70B620016F6
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=f3f0d732b0050e1fe8041a07f4420091
0
0
Pug
image2.pubmatic.com/AdServer/ Frame 98DF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDk5NjY0QUEtNEY0Ny00MTE0LUJBQUUtRTcwQjYyMDAxNkY2&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:05 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug018:0:389
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 25 Sep 2021 17:13:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 98DF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&google_error=15
42 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&google_error=15
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:05 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug016:0:383
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 25 Sep 2021 17:13:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&google_error=15
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
333
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 98DF 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:05 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 24 Sep 2021 17:13:05 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 98DF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=55b3b496-f579-440a-904c-cb231f86d3bc
42 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=55b3b496-f579-440a-904c-cb231f86d3bc
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:05 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug007:0:620
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 25 Sep 2021 17:13:05 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=55b3b496-f579-440a-904c-cb231f86d3bc
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame 98DF
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=368486660504022358
42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=368486660504022358
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:05 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug008:0:933
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 25 Sep 2021 17:13:05 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=368486660504022358
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 98DF
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:21cd614f-58a1-4d00-a8ef-28ac81915f69&gdpr=0&gdpr_consent=
42 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:21cd614f-58a1-4d00-a8ef-28ac81915f69&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:05 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug010:0:402
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 25 Sep 2021 17:13:05 GMT
Server
MT3 3984 0e3af3b master cdg-pixel-x29 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:21cd614f-58a1-4d00-a8ef-28ac81915f69&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 25 Sep 2021 17:13:04 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 98DF
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1866752352706313644&gdpr=0&gdpr_consent=
42 B
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1866752352706313644&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:05 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug013:0:554
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:05 GMT
X-Proxy-Origin
216.131.114.73; 216.131.114.73; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
7b01176c-18e3-4262-af03-7d1c6fda2544
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1866752352706313644&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 98DF
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=AsyL5AHF3rMZxIfkUs-SslbPh-AZyoy1VZzZ-V_w
42 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=AsyL5AHF3rMZxIfkUs-SslbPh-AZyoy1VZzZ-V_w
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:05 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug005:0:555
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 25 Sep 2021 17:13:05 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=AsyL5AHF3rMZxIfkUs-SslbPh-AZyoy1VZzZ-V_w
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
48953915
mc.yandex.com/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=1&wv-hit=690348642&page-url=https%3A%2F%2Fask.fm%2Fdimpleleaf174&rn=447058309&wv-type=5&browser-info=gdpr%3A14%3Aet%3A1632589986%3Aw%3A1600x1200%3Av%3A660%3Az%3A0%3Ai%3A20210925171305%3Au%3A1632589983784394973%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1632589986
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 17:13:05 GMT
last-modified
Sat, 25-Sep-2021 17:13:05 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 25-Sep-2021 17:13:05 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame D206 		27 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fdimpleleaf174&schain=1.0,1!vidoomy.com,54345,1,1632589984275,,&us_privacy=&cb=1632589985423&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fask.fm%252Fdimpleleaf174&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fask.fm%252Fdimpleleaf174&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-9-25%2017:13:5&ranreq=0.7249800377780027&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fdimpleleaf174&schain=1.0,1!vidoomy.com,54345,1,1632589984275,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:06 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://ask.fm
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
48953915
mc.yandex.com/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=1&wv-hit=690348642&page-url=https%3A%2F%2Fask.fm%2Fdimpleleaf174&rn=514136424&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1632589986%3Aw%3A1600x1200%3Av%3A660%3Az%3A0%3Ai%3A20210925171305%3Au%3A1632589983784394973%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1632589986
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 17:13:06 GMT
last-modified
Sat, 25-Sep-2021 17:13:06 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 25-Sep-2021 17:13:06 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 9B7D 		67 B
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&playerSize=400x225&loc=https%3A%2F%2Fask.fm%2Fdimpleleaf174&_fw_gdpr=&_fw_gdpr_consent=&cb=1632589984275&width=400&height=225&dnt=&ip=146.20.132.74&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&schain=1.0,1!vidoomy.com,54345,1,1632589984275,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:06 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1632589986041023-428
Expires
Sat, 25 Sep 2021 17:13:06 GMT
track
aktrack.pubmatic.com/ Frame 9B7D 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1632589985&wa=0&e=96&ier=901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:06 GMT
content-length
0
content-type
text/html
i
vid-io-cle.springserve.com/vd/ Frame 9B7D 		0
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=ad356b76&ps_id=487310&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.128.15.210 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-128-15-210.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 25 Sep 2021 17:13:06 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
truncated
/ Frame 52AE 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame D127 		337 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
473f9af2c2b3673ff53946714c6fa377298cdfd1b440b76f672d54c47653b9ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 17:13:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Sep 2021 12:45:27 GMT
ETag
"1632401127"
X-HW
1632589986.dop205.fr8.t,1632589987.cds143.fr8.shn,1632589987.cds143.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
116229
t
t.lkqd.net/ Frame 2B08 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.94 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 25 Sep 2021 17:13:06 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.94 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 25 Sep 2021 17:13:06 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame D127 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1632589987229
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 17:13:07 GMT
Last-Modified
Thu, 23 Sep 2021 12:45:27 GMT
ETag
"1632401127"
X-HW
1632589987.dop205.fr8.t,1632589987.cds055.fr8.shn,1632589987.cds055.fr8.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
wGbQAlJJ
sync-tm.everesttech.net/upi/pid/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=74bfb593c4a7cc6fb688565758ed73b&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g015_7011920601942695000
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NzRiZmI1OTNjNGE3Y2M2ZmI2ODg1NjU3NThlZDczYg==&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=&google_error=15&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=55b3b496-f579-440a-904c-cb231f86d3bc
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/74bfb593c4a7cc6fb688565758ed73b&gdpr=0&gdpr_consent=?
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-olKPHKpE2oP_ql61nxOhdoVwxzJFMeIG4BPlcIji~A
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=1866752352706313644
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=21cd614f-58a1-4d00-a8ef-28ac81915f69&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAJTgk7CnrEAADbPlSHbHg&gdpr=0
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=8284600391802137550
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=UXhVP50d1MubeA5
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D
0
0
/
ads.stickyadstv.com/additional-scripts/ Frame D127 		301 B
846 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fask.fm%2Fdimpleleaf174
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:07 GMT
Server
nginx
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1632589987239011-387
Expires
Sat, 25 Sep 2021 17:13:07 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame D127 		67 B
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&schain=1.0%2C1!vidoomy.com%2C54345%2C1%2C17142597176308726844055788939%2C%2C&vav=726a552a616cbc07b470d216beb20b7d&vaviv=1fa43e0fd4b652da7cd34ee9142846b6&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.0.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fask.fm%2Fdimpleleaf174&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:07 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1632589987097082-384
Expires
Sat, 25 Sep 2021 17:13:07 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRiZmI1OTNjNGE3Y2M2ZmI2ODg1NjU3NThlZDczYg==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRiZmI1OTNjNGE3Y2M2ZmI2ODg1NjU3NThlZDczYg==&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 17:13:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:07 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRiZmI1OTNjNGE3Y2M2ZmI2ODg1NjU3NThlZDczYg==&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1632589987225023-376
Expires
Sat, 25 Sep 2021 17:13:07 GMT
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=74bfb593c4a7cc6fb688565758ed73b&ex=freewheel.tv&gdpr=0&gdpr_consent=
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=74bfb593c4a7cc6fb688565758ed73b&ex=freewheel.tv&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:07 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
M2W2H867A66EPVBMF49V
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:07 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=74bfb593c4a7cc6fb688565758ed73b&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1632589987261013-428
Expires
Sat, 25 Sep 2021 17:13:07 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.94 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 25 Sep 2021 17:13:07 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame 2B08 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.94 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 25 Sep 2021 17:13:07 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
optad360.js
serving.stat-rock.com/player/ 		307 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serving.stat-rock.com/player/optad360.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.217.114.174 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap10.adplayer.pro
Software
nginx /
Resource Hash
dec9b1658814521902f86d8ba736b2e32de4fc3642069815e0a7d852f0ca9383

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:07 GMT
content-encoding
gzip
last-modified
Mon, 06 Sep 2021 07:45:44 GMT
server
nginx
etag
W/"6135c728-4caf3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=600
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
d7d631acec0e103fd3b9eeb25251cbf8a0a34a46042355426e2574333f2ebe6d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:07 GMT
X-Proxy-Origin
216.131.114.73; 216.131.114.73; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
2eb45a6a-ce8e-469f-9497-a92cbaad0f44
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
adx.adform.net/adx/ 		5 B
534 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTgwMjYyMCZ0cmFuc2FjdGlvbklkPWExMzA1ZjI3LTk2ZTQtNDRiYy05M2Q5LWE5MzE0YjcwOWVhNiZyY3VyPVBMTg%3D%3D&pt=gross&stid=cb00ebab-e4d3-4b63-bfde-b67bf08faaff&gdpr=0&gdpr_consent=undefined&fd=1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 17:13:07 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
prebid
ib.adnxs.com/ut/v3/ 		139 B
966 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
c142157c7fc3dc229fe700ecc5e9f3d581724d87bc3a95cdda2caef457199b8f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:07 GMT
X-Proxy-Origin
216.131.114.73; 216.131.114.73; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
07da4b6d-9a5f-4247-84b8-f53aa7bafff7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
48953915
mc.yandex.com/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=2&wv-hit=690348642&page-url=https%3A%2F%2Fask.fm%2Fdimpleleaf174&rn=248077335&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1632589988%3Aw%3A1600x1200%3Av%3A660%3Az%3A0%3Ai%3A20210925171307%3Au%3A1632589983784394973%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1632589988
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 17:13:07 GMT
last-modified
Sat, 25-Sep-2021 17:13:07 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 25-Sep-2021 17:13:07 GMT
ad
v.lkqd.net/ Frame BD69 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fdimpleleaf174&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=49225472&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.69 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
f5c8a792a541db5340839cc1cedbe0a3c90b6779fb4c7b38093103bf14a445c1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:08 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1359
truncated
/ 		630 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
Cookie set dimpleleaf174
ask.fm/ 		13 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ask.fm/dimpleleaf174
Requested by
Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/optad360.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.138.77.144 , Latvia, ASN395754 (ASK-FM, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
1c6d933e229c0d6b58c2198cafb0fd0e669a4f30a97876df6a251bd6ea3be5ba
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://ask.fm/dimpleleaf174
Cookie
locale=de; uuid=f70b640c-d4b3-4314-885e-4324846407d7; country=DE; _m_ask_fm_session=NEI4K3kwRnkxUi9NK2MxSWo4Z25UazArME1aZHQyR0gzWDVGeDljTHU1N2NKWERzUTcrSVhpY2R1YlJwbE12ajBQUFozbkxSSE5mbXJ0cHhrNGZuZVBSR0RObzF2RTR4NW1LNmhhcXN3dkxTOUJFM0xaVEhHd0lvTURZejM5VURWOFZ5TXRKeUkwSmdZaUdDazMwTS9acWg5cW1pSHhPcDI5SzNzTHMzUDNjdUNUSlRNQjZ6SWdOK3VpTzk3N0FhMCs1bUhGdzhQQ09nODB2MW1CVWxVNlRIaDZOTklsVm13RWxCdHBWZiswb29VWWpXazl4cjBtWTN2dTQzQUpaYi0tRU1CMmZjekE4cHFjb2xUVnAvVWthQT09--a77082c7008bd1471ec43ba576b2c5e3a49f1c95; _ym_uid=1632589983784394973; _ym_d=1632589983; _ym_isad=2; _ym_visorc=w; _awl=2.1632589984.0.4-49e9ded7-8ec9b471fd7e9a557c1418b58e3c25c8-6763652d6575726f70652d7765737431-614f58a0-0; _ga=GA1.2.830168045.1632589985; _gid=GA1.2.697122398.1632589985; _gat_UA-12308109-15=1; _pbjs_userid_consent_data=6683316680106290; cto_bidid=5xC11V9iSlVMOTVFTEtQUDhtQ1JDMGd1SktoTk9xQ3NCd1JFVU83MldYc053S0U4YlpaVGdTWTQyTkJuZ0ZhR2RTdVZtYVJMS0RQcnFVSkM1dkhXbCUyRm9QRHFBJTNEJTNE; cto_bundle=yGeSPF9za2lEWWdxclBORyUyQkJLaG5TbU0lMkZIRVU1TW03MFJBc09FNyUyQjd2eGdyaGY5QXVXWkhQejZSZHpvOGs0MDlUOCUyRmVocWMyNW82d2lDVHNVREpzUnhTeHJFS1A4dTRRZXJpc0hPZ2JCb3h4U09ZJTNE
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/dimpleleaf174
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 17:13:08 GMT
X-Content-Type-Options
nosniff
Server
Ask.FM Web Service
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=63072000
Content-Type
text/html; charset=utf-8
Status
410 Gone
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Security-Policy
frame-ancestors 'self' https://askfm.adspirit.de
Set-Cookie
locale=de; path=/; expires=Sun, 25 Sep 2022 23:13:08 GMT _m_ask_fm_session=Q2tPckl2YWlnbHZMeHV1K3UvaHlwR09jaGFlbVBPemY5SDJBN3c3MWk2WlQwVVpUTWlDNUtLV0hFRkdrK3l6cUJiUm4rcXVTQmZiWC9tQVNacjlOOTVOV1dJQmtObm82RVl4Q2Q2eDUrQ0JUdnlGcFA3N3dhanc1eFpGN0ptTHFVM0dMblh6dnFSNW4waUUwV1EzL08wZ2FZQjQ0S1UzOEFkZmdicjVGQ0dCbElhaDVoQklsTmMwemk3Vyszbm9la3FFNDFtTVE0SXFKNWU4SnQ1U0JFWnFZNHQxS2FQMG1ZM1ptbGtGcXUxbDBWODVvbjlXbUErbmltWWdRc0d6aS0tMlNadDFyNkVMeElWRnI3Mkg0L2Z6dz09--44650755cc598a7c256d47751f354eba01f1e72e; path=/; expires=Tue, 28 Sep 2021 17:13:08 GMT; secure; HttpOnly
X-XSS-Protection
1; mode=block
1
serving.stat-rock.com/v1/log/js/ 		35 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1632589988048.8003&type=INIT&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fdimpleleaf174&t=138&v=96&width=528&z=p%3Adf%3Bv%3AinView%3B&r=0.8722239042323034
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.217.114.174 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap10.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 25 Sep 2021 17:13:08 GMT
srvf
95.217.114.174
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
1
serving.stat-rock.com/v1/log/js/ 		35 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1632589988048.8003&type=REQUEST&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fdimpleleaf174&t=142&v=96&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.04312137642838887
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.217.114.174 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap10.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 25 Sep 2021 17:13:08 GMT
srvf
95.217.114.174
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
/
onetag-sys.com/usync/ Frame A3DA 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1632589987743
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?cb=1632589987743
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ask.fm/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame 5C81 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ask.fm/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=1866752352706313644; icu=ChgI_t1aEAoYAiACKAIwo7G9igY4AkACSAIQo7G9igYYAQ..
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Sun, 26 Sep 2021 17:13:10 GMT
Date
Sat, 25 Sep 2021 17:13:08 GMT
Connection
keep-alive
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame DF2C 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1632589984841
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?cb=1632589984841
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ask.fm/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
connectmyusers.php
cdn.connectad.io/ Frame CE20 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.55.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

:method
GET
:authority
cdn.connectad.io
:scheme
https
:path
/connectmyusers.php?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ask.fm/
accept-encoding
gzip, deflate, br
cookie
uid=lf7Jjxsaz10WY2Cq7tg7Dvs8kEKBgHljC9MdDV9z
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

date
Sat, 25 Sep 2021 17:13:08 GMT
content-type
text/html; charset=UTF-8
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6945e1a25da95b8c-FRA
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
sspmatch-iframe
ads.betweendigital.com/ Frame BDBE 		658 B
837 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
b7639da768591a740c6b58bc9ddcc9631a1590a3fed56e061969897364096130

Request headers

:method
GET
:authority
ads.betweendigital.com
:scheme
https
:path
/sspmatch-iframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ask.fm/
accept-encoding
gzip, deflate, br
cookie
dc=was1; tuuid=c37676ff-beca-530c-89de-a8a6e891f007; ut=YU9YoQABBbhNorOdvZisqIJkuoBLsbR0eh4XAw==; ss=1; unm=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
set-cookie
unm=; Max-Age=0; Expires=Sat, 25 Sep 2021 17:13:08 GMT; Path=/; SameSite=None; Secure
content-length
658
apacdex
sync.quantumdex.io/usersync/ Frame E0C0 		3 KB
886 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.57.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f81547002f4fd33e9755a9f6f2adff853fad8d331d995e9ab268744baa7c4f16

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/apacdex
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ask.fm/
accept-encoding
gzip, deflate, br
cookie
uid=15c037f3-11a6-4dce-aac3-04f782ee5a2e
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

date
Sat, 25 Sep 2021 17:13:08 GMT
content-type
text/html
set-cookie
uid=15c037f3-11a6-4dce-aac3-04f782ee5a2e; expires=Fri, 15 Oct 2021 17:13:08 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6945e1a25d882c22-FRA
content-encoding
gzip
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1038 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ask.fm/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=1866752352706313644; icu=ChgI_t1aEAoYAiACKAIwo7G9igY4AkACSAIQo7G9igYYAQ..
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Sun, 26 Sep 2021 17:13:10 GMT
Date
Sat, 25 Sep 2021 17:13:08 GMT
Connection
keep-alive
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 86BC 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ask.fm/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Sat, 25 Sep 2021 17:13:08 GMT
Connection
keep-alive
setuid
prebid.a-mo.net/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D7aad1080-f1f2-48c4-a69f-25c9683790df%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=7aad1080-f1f2-48c4-a69f-25c9683790df&D=&bidder=appnexus&uid=1866752352706313644
0
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=7aad1080-f1f2-48c4-a69f-25c9683790df&D=&bidder=appnexus&uid=1866752352706313644
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:07 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:08 GMT
X-Proxy-Origin
216.131.114.73; 216.131.114.73; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
f7854007-8616-4e93-b40d-7ebf87ecd60f
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://prebid.a-mo.net/setuid?A=7aad1080-f1f2-48c4-a69f-25c9683790df&D=&bidder=appnexus&uid=1866752352706313644
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/usync/ 		0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?tag=img
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
setuid
prebid.a-mo.net/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D7aad1080-f1f2-48c4-a69f-25c9683790df%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID
  • https://prebid.a-mo.net/setuid?A=7aad1080-f1f2-48c4-a69f-25c9683790df&D=&bidder=pubmatic&uid=D99664AA-4F47-4114-BAAE-E70B620016F6
0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=7aad1080-f1f2-48c4-a69f-25c9683790df&D=&bidder=pubmatic&uid=D99664AA-4F47-4114-BAAE-E70B620016F6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:07 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=7aad1080-f1f2-48c4-a69f-25c9683790df&D=&bidder=pubmatic&uid=D99664AA-4F47-4114-BAAE-E70B620016F6
date
Sat, 25 Sep 2021 17:13:08 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
verizon_video
prebid.a-mo.net/setuid/
Redirect Chain
  • https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=7aad1080-f1f2-48c4-a69f-25c9683790df
  • https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=7aad1080-f1f2-48c4-a69f-25c9683790df&apid=VAd81eb05f-1e23-11ec-a14e-02b90c27b1e5
  • https://prebid.a-mo.net/setuid/verizon_video?uid=VAd81eb05f-1e23-11ec-a14e-02b90c27b1e5&gdpr=0&gdpr_consent=
0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/verizon_video?uid=VAd81eb05f-1e23-11ec-a14e-02b90c27b1e5&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:07 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Date
Sat, 25 Sep 2021 17:13:08 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://prebid.a-mo.net/setuid/verizon_video?uid=VAd81eb05f-1e23-11ec-a14e-02b90c27b1e5&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
setuid
prebid.a-mo.net/
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D7aad1080-f1f2-48c4-a69f-25c9683790df%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D7aad1080-f1f2-48c4-a69f-25c9683790df%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://prebid.a-mo.net/setuid?A=7aad1080-f1f2-48c4-a69f-25c9683790df&D=&bidder=sovrn&uid=3cb4b388af008b1e3c1679e3
0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=7aad1080-f1f2-48c4-a69f-25c9683790df&D=&bidder=sovrn&uid=3cb4b388af008b1e3c1679e3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:08 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Date
Sat, 25 Sep 2021 17:13:08 GMT
Server
nginx
Location
https://prebid.a-mo.net/setuid?A=7aad1080-f1f2-48c4-a69f-25c9683790df&D=&bidder=sovrn&uid=3cb4b388af008b1e3c1679e3
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
prebid.a-mo.net/
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D7aad1080-f1f2-48c4-a69f-25c9683790df%26D%3D%26bidder%3Dindex_rtb%26uid%3D
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D7aad1080-f1f2-48c4-a69f-25c9683790df%26D%3D%26bidder%3Dindex_rtb%26uid%3D&s=191503&C=1
  • https://prebid.a-mo.net/setuid?A=7aad1080-f1f2-48c4-a69f-25c9683790df&D=&bidder=index_rtb&uid=YU9YpIvEk4ZlqQwmE-kNwgAA%261104
0
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=7aad1080-f1f2-48c4-a69f-25c9683790df&D=&bidder=index_rtb&uid=YU9YpIvEk4ZlqQwmE-kNwgAA%261104
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:08 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:08 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://prebid.a-mo.net/setuid?A=7aad1080-f1f2-48c4-a69f-25c9683790df&D=&bidder=index_rtb&uid=YU9YpIvEk4ZlqQwmE-kNwgAA%261104
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
321
Expires
Sat, 25 Sep 2021 17:13:08 GMT
vpaid.js
ad.lkqd.net/vpaid/ Frame 98B5 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:08 GMT
content-encoding
gzip
last-modified
Mon, 10 May 2021 16:09:54 GMT
etag
"18431b5d583ab7507824ab63424fc76a"
x-hw
1632589988.cds132.fr8.hn,1632589988.cds107.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62012
async_usersync
ib.adnxs.com/ Frame 5C81 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:08 GMT
X-Proxy-Origin
216.131.114.73; 216.131.114.73; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
63b745b6-7819-4276-b381-24f43d87bc50
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 7298 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cff2a37cdee3d1b34383ebc36078ea081f079ece3180bdfb149706961a93ed88

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Cookie
CMID=YU9YpIvEk4ZlqQwmE-kNwgAA; CMPS=5225
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|241|39|230|3|13|111|196
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1763
Expires
Sat, 25 Sep 2021 17:13:08 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:08 GMT
Connection
keep-alive
Set-Cookie
CMID=YU9YpIvEk4ZlqQwmE-kNwgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 25 Sep 2022 17:13:08 GMT CMPS=5225;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 24 Dec 2021 17:13:08 GMT CMPRO=1104;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 24 Dec 2021 17:13:08 GMT CMRUM3=0d614f58a405a0&03614f58a405a0&e6614f58a42760&c4614f58a405a0&6f614f58a405a0&f1614f58a405a0&2d614f58a405a0&27614f58a40b40;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 25 Sep 2022 17:13:08 GMT CMST=YU9YpGFPWKQA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 26 Sep 2021 17:13:08 GMT
async_usersync
ib.adnxs.com/ Frame 1038 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:08 GMT
X-Proxy-Origin
216.131.114.73; 216.131.114.73; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
00ca6ea3-5964-4fd4-9756-5614db9e78ae
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
ad.lkqd.net/cookie-sync/ Frame F75C 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
cookie
sr59=1||1632589983; lkqdidts=1632589983; sr103=1||1632589983; sr99=1||1632589983; sr94=1|4478057778296896944|1632589983; lkqdid=FdfmZyOpPOE; sr85=1||1632589983; sr90=1|4c_083d9508-1a0d-46dd-b5b7-6e402c26ca75|1632589984; sr80=1|AAJTgk7CnrEAADbPlSHbHg|1632589984; sr102=1|8128ae9c-5111-408d-9026-95df7974a732|1632589984; sr93=1|AjWmp0epTDRp_YgNDP0agdiDckk|1632589984
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 25 Sep 2021 17:13:08 GMT
content-encoding
gzip
content-length
1868
content-type
text/html
last-modified
Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges
bytes
etag
"81f08e6987a7c8675462207e3514d72e"
cache-control
public, max-age=1209600
x-hw
1632589988.cds132.fr8.hn,1632589988.cds226.fr8.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fdimpleleaf174&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=49225472&m=&rtv=1&thost=ask.fm
Protocol
H2
Server
146.20.132.69 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 25 Sep 2021 17:13:08 GMT
content-length
0
access-control-allow-origin
https://ask.fm
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
ad
v.lkqd.net/ Frame 98B5 		77 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fdimpleleaf174&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=49225472&m=&rtv=1&thost=ask.fm
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.69 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
4a230fb87b8553133ee7a3bf10d8c6b5ad62ec9b03332c93a705eed2d557a50d

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 25 Sep 2021 17:13:08 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
4921
1
sync-eu.connectad.io/syncer/ Frame 7813 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/syncer/1
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.55.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
sync-eu.connectad.io
:scheme
https
:path
/syncer/1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cdn.connectad.io/
accept-encoding
gzip, deflate, br
cookie
uid=lf7Jjxsaz10WY2Cq7tg7Dvs8kEKBgHljC9MdDV9z; cadsync
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.connectad.io/

Response headers

date
Sat, 25 Sep 2021 17:13:08 GMT
set-cookie
id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None uid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
cache-control
no-cache, private
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6945e1a2eefe5b8c-FRA
match
ads.betweendigital.com/ Frame BDBE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dbetween%26expires%3D30%26user_group%3D%24%...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=c37676ff-beca-530c-89de-a8a6e891f007&ssp=between&expires=30&user_group=1
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=89dc79c7-90a1-4ae7-969f-c85fa43b5b52
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=89dc79c7-90a1-4ae7-969f-c85fa43b5b52
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=89dc79c7-90a1-4ae7-969f-c85fa43b5b52
Date
Sat, 25 Sep 2021 17:13:08 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
match
ads.betweendigital.com/ Frame BDBE
Redirect Chain
  • https://px.adhigh.net/p/cm/btw
  • https://px.adhigh.net/p/cm/btw?bounced=1
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=uM5CpJZ75d6m.AikABlF8HfJCpQ
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=uM5CpJZ75d6m.AikABlF8HfJCpQ
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 25 Sep 2021 17:13:08 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f2-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=uM5CpJZ75d6m.AikABlF8HfJCpQ
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
match
ads.betweendigital.com/ Frame BDBE
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID
  • https://ads.betweendigital.com/match?bidder_id=114&external_user_id=3cb4b388af008b1e3c1679e3
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=3cb4b388af008b1e3c1679e3
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Date
Sat, 25 Sep 2021 17:13:08 GMT
Server
nginx
Location
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=3cb4b388af008b1e3c1679e3
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
match
ads.betweendigital.com/ Frame BDBE
Redirect Chain
  • https://sync.bumlam.com/?src=bw1&uid=c37676ff-beca-530c-89de-a8a6e891f007
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiksb2KBlIFvp7KygpiJGMzNzY3NmZmLWJlY2EtNTMwYy04OWRlLWE4YTZlODkxZjAwNw**
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiksb2KBlIFvp7KygpiJGMzNzY3NmZmLWJlY2EtNTMwYy04OWRlLWE4YTZlODkxZjAwN6IBENrK6koeIxHspukAJZDIJDc*
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQABiksb2KBmIkYzM3Njc2ZmYtYmVjYS01MzBjLTg5ZGUtYThhNmU4OTFmMDA3ogEQ2srqSh4jEeym6QAlkMgkNw**
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQARiksb2KBmIkYzM3Njc2ZmYtYmVjYS01MzBjLTg5ZGUtYThhNmU4OTFmMDA3ogEQ2srqSh4jEeym6QAlkMgkNw**
  • https://ads.betweendigital.com/match?bidder_id=18&external_user_id=dacaea4a-1e23-11ec-a6e9-002590c82437
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=dacaea4a-1e23-11ec-a6e9-002590c82437
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Date
Sat, 25 Sep 2021 17:13:08 GMT
Server
nginx
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=dacaea4a-1e23-11ec-a6e9-002590c82437
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
bidder_18.html
cache.betweendigital.com/code/ Frame 2C3E 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cache.betweendigital.com/code/bidder_18.html?USER_ID=c37676ff-beca-530c-89de-a8a6e891f007&CACHEBUSTER=182228
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.236.71.82 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software
nginx /
Resource Hash
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad

Request headers

:method
GET
:authority
cache.betweendigital.com
:scheme
https
:path
/code/bidder_18.html?USER_ID=c37676ff-beca-530c-89de-a8a6e891f007&CACHEBUSTER=182228
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.betweendigital.com/
accept-encoding
gzip, deflate, br
cookie
dc=was1; tuuid=c37676ff-beca-530c-89de-a8a6e891f007; ut=YU9YoQABBbhNorOdvZisqIJkuoBLsbR0eh4XAw==; ss=1; unm=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/

Response headers

server
nginx
date
Sat, 25 Sep 2021 17:13:08 GMT
content-type
text/html
last-modified
Tue, 08 Jun 2021 15:45:03 GMT
etag
W/"60bf907f-ee9"
content-encoding
gzip
cm
p.rfihub.com/ Frame F75C 		42 B
614 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?pub=35678&in=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 17:13:08 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
p-E357uSpKxfQzx.gif
cms.quantserve.com/pixel/ Frame F75C 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/pixel/p-E357uSpKxfQzx.gif?idmatch=0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.133 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 17:13:08 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
CookieSyncLKQD
rtb.adentifi.com/ Frame F75C 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncLKQD
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.36.131 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
464986.gif
idsync.rlcdn.com/ Frame F75C
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
  • https://idsync.rlcdn.com/464986.gif?partner_uid=FdfmZyOpPOE
0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/464986.gif?partner_uid=FdfmZyOpPOE
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:08 GMT
via
1.1 google
alt-svc
clear
content-length
0

Redirect headers

date
Sat, 25 Sep 2021 17:13:08 GMT
server
nginx
location
https://idsync.rlcdn.com/464986.gif?partner_uid=FdfmZyOpPOE
access-control-max-age
0
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
cs
cs.lkqd.net/ Frame F75C
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=561322&ev=1&rurl=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D53%26partnerUserId%3D%25%25VGUID%25%25
  • https://cs.lkqd.net/cs?partnerId=53&partnerUserId=O9K7oVeklgg5&ev=1&pid=561322
43 B
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=53&partnerUserId=O9K7oVeklgg5&ev=1&pid=561322
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.78 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:08 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
de-DE
location
https://cs.lkqd.net/cs?partnerId=53&partnerUserId=O9K7oVeklgg5&ev=1&pid=561322
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7cfb485474-bj5sl
expires
-1
Cookie set dimpleleaf174
ask.fm/ 		13 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ask.fm/dimpleleaf174
Requested by
Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/optad360.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.138.77.144 , Latvia, ASN395754 (ASK-FM, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
becd7b0a899d583d345d3fd5c18927fe52f330e586cc55379e8c16832726cc2c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://ask.fm/dimpleleaf174
Cookie
locale=de; uuid=f70b640c-d4b3-4314-885e-4324846407d7; country=DE; _ym_uid=1632589983784394973; _ym_d=1632589983; _ym_isad=2; _ym_visorc=w; _awl=2.1632589984.0.4-49e9ded7-8ec9b471fd7e9a557c1418b58e3c25c8-6763652d6575726f70652d7765737431-614f58a0-0; _ga=GA1.2.830168045.1632589985; _gid=GA1.2.697122398.1632589985; _gat_UA-12308109-15=1; _pbjs_userid_consent_data=6683316680106290; cto_bidid=5xC11V9iSlVMOTVFTEtQUDhtQ1JDMGd1SktoTk9xQ3NCd1JFVU83MldYc053S0U4YlpaVGdTWTQyTkJuZ0ZhR2RTdVZtYVJMS0RQcnFVSkM1dkhXbCUyRm9QRHFBJTNEJTNE; cto_bundle=yGeSPF9za2lEWWdxclBORyUyQkJLaG5TbU0lMkZIRVU1TW03MFJBc09FNyUyQjd2eGdyaGY5QXVXWkhQejZSZHpvOGs0MDlUOCUyRmVocWMyNW82d2lDVHNVREpzUnhTeHJFS1A4dTRRZXJpc0hPZ2JCb3h4U09ZJTNE; _m_ask_fm_session=Q2tPckl2YWlnbHZMeHV1K3UvaHlwR09jaGFlbVBPemY5SDJBN3c3MWk2WlQwVVpUTWlDNUtLV0hFRkdrK3l6cUJiUm4rcXVTQmZiWC9tQVNacjlOOTVOV1dJQmtObm82RVl4Q2Q2eDUrQ0JUdnlGcFA3N3dhanc1eFpGN0ptTHFVM0dMblh6dnFSNW4waUUwV1EzL08wZ2FZQjQ0S1UzOEFkZmdicjVGQ0dCbElhaDVoQklsTmMwemk3Vyszbm9la3FFNDFtTVE0SXFKNWU4SnQ1U0JFWnFZNHQxS2FQMG1ZM1ptbGtGcXUxbDBWODVvbjlXbUErbmltWWdRc0d6aS0tMlNadDFyNkVMeElWRnI3Mkg0L2Z6dz09--44650755cc598a7c256d47751f354eba01f1e72e
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/dimpleleaf174
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 17:13:08 GMT
X-Content-Type-Options
nosniff
Server
Ask.FM Web Service
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=63072000
Content-Type
text/html; charset=utf-8
Status
410 Gone
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Security-Policy
frame-ancestors 'self' https://askfm.adspirit.de
Set-Cookie
locale=de; path=/; expires=Sun, 25 Sep 2022 23:13:08 GMT _m_ask_fm_session=OG9jVGJSamJ5RHFOcmxEMHdlaEhDNmtncU9ieWhoc2FxWSs0UkpZNjZVei9EZmtuU2ZyUTVkM1B2b1g3ZjBiTThib3E5OGZsZWtNUHluSkF4YmVNR1MwTWU3ZTQwdWZSaC94NzFqS3drZ255NkRTcndDNFExRzJoVUEvckt5VjdVbDVvQ2JSdmk4WVZNKzNYVEpaMUZ6YnZCUzBaQ2piN25wcXQzVjIvT3MzSUJiQllYUE1GNGNuV014U2MzM0dTbmN0YXhaQW1DS0xSaVNuQTFFemd0MXltaXpvYUE3OXl0V1lqSG1Rb1krRzVCdXBUMXhkQkJobmpDVUxOWmRVSC0tekx1S3ZSMHc2YnRMVzQ2MHVIZ0M4dz09--8b17136651755a3cc6659823d27052829af8e5d4; path=/; expires=Tue, 28 Sep 2021 17:13:08 GMT; secure; HttpOnly
X-XSS-Protection
1; mode=block
1
serving.stat-rock.com/v1/log/js/ 		35 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?d=1&id=1632589988048.8003&type=REQUEST&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fdimpleleaf174&t=385&v=96&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.6989537488369593
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.217.114.174 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap10.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 25 Sep 2021 17:13:08 GMT
srvf
95.217.114.174
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 7298
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YU9YpIvEk4ZlqQwmE-kNwgAA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YU9YpIvEk4ZlqQwmE-kNwgAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 17:13:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:08 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YU9YpIvEk4ZlqQwmE-kNwgAA
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
325
Expires
Sat, 25 Sep 2021 17:13:08 GMT
dcm
s.amazon-adsystem.com/ Frame 7298
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YU9YpIvEk4ZlqQwmE_kNwgAABFAAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YU9YpIvEk4ZlqQwmE_kNwgAABFAAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YU9YpIvEk4ZlqQwmE_kNwgAABFAAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:08 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
DZBVRZJVMYEQBDZNBSEC
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:08 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
SEPD3MCP7S2DKQJXDJ6B
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YU9YpIvEk4ZlqQwmE_kNwgAABFAAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 7298 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 17:13:08 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 7298 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YU9YpIvEk4ZlqQwmE_kNwgAABFAAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 17:13:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 7298
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=21cd614f-58a1-4d00-a8ef-28ac81915f69&gdpr=1&gdpr_consent=
43 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=21cd614f-58a1-4d00-a8ef-28ac81915f69&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:08 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 25 Sep 2021 17:13:08 GMT

Redirect headers

Date
Sat, 25 Sep 2021 17:13:08 GMT
Server
MT3 4033 f73cd20 master cdg-pixel-x28 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=21cd614f-58a1-4d00-a8ef-28ac81915f69&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 25 Sep 2021 17:13:07 GMT
crum
dsum-sec.casalemedia.com/ Frame 7298
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06c0220407d4428ba6c6ea9a&expiration=[EXPIRATION]&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06c0220407d4428ba6c6ea9a&expiration=[EXPIRATION]&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:08 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 25 Sep 2021 17:13:08 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06c0220407d4428ba6c6ea9a&expiration=[EXPIRATION]&gdpr=1
Date
Sat, 25 Sep 2021 17:13:08 GMT
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Content-Length
0
Vary
Origin
match
c1.adform.net/serving/cookie/ Frame 7298 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 17:13:08 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame 7298
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:08 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 25 Sep 2021 17:13:08 GMT

Redirect headers

date
Sat, 25 Sep 2021 17:13:08 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 7298 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YU9YpIvEk4ZlqQwmE-kNwgAA%261104
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 17:13:08 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"761e21-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1481
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sat, 25 Sep 2021 17:37:49 GMT
us
sync.go.sonobi.com/ Frame E0C0 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:08 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame E0C0
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1866752352706313644
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1866752352706313644
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.57.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:08 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6945e1a34f2e2c22-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:08 GMT
X-Proxy-Origin
216.131.114.73; 216.131.114.73; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
28eb1ef6-b617-48c5-b925-f6366ce0a2c7
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1866752352706313644
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame E0C0
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-gmvdP49E2uE0sucQEQAhFVLcklrWRsUcT9rRUeQ-~A
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-gmvdP49E2uE0sucQEQAhFVLcklrWRsUcT9rRUeQ-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.57.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:08 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6945e1a35f672c22-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Sat, 25 Sep 2021 17:13:08 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-gmvdP49E2uE0sucQEQAhFVLcklrWRsUcT9rRUeQ-~A
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame E0C0
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-0eea9e51-22c6-41b2-bbbe-0e1def4616e0-003&rndcb=3036468328
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=89dc79c7-90a1-4ae7-969f-c85fa43b5b52&google_hm=ODlkYzc5YzctOTBhMS00YWU3LTk2OWYtYzg1ZmE0M2I1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=89dc79c7-90a1-4ae7-969f-c85fa43b5b52&google_hm=ODlkYzc5YzctOTBhMS00YWU3LTk2OWYtYzg1ZmE0M2I1YjUy
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 17:13:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=89dc79c7-90a1-4ae7-969f-c85fa43b5b52&google_hm=ODlkYzc5YzctOTBhMS00YWU3LTk2OWYtYzg1ZmE0M2I1YjUy
Date
Sat, 25 Sep 2021 17:13:08 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame E0C0
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=VAd81eb05f-1e23-11ec-a14e-02b90c27b1e5
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=VAd81eb05f-1e23-11ec-a14e-02b90c27b1e5
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=VAd81eb05f-1e23-11ec-a14e-02b90c27b1e5
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.57.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:08 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6945e1a36f892c22-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Sat, 25 Sep 2021 17:13:08 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=VAd81eb05f-1e23-11ec-a14e-02b90c27b1e5
Connection
keep-alive
Content-Length
0
1.gif
id5-sync.com/c/495/0/0/ Frame E0C0
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.42.88 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p27.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 17:13:04 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

Location
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Date
Sat, 25 Sep 2021 17:13:04 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame E0C0
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=8d8899d3-ef1c-4916-ad6b-cf121f740e63
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=8d8899d3-ef1c-4916-ad6b-cf121f740e63
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.57.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:08 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6945e1a37f942c22-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=8d8899d3-ef1c-4916-ad6b-cf121f740e63
date
Sat, 25 Sep 2021 17:13:08 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame E0C0
Redirect Chain
  • https://ms.quantumdex.io/user/sync/quantumdex
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=21b813cb-0f6f-4612-b7e1-03f8bde89cbd
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=21b813cb-0f6f-4612-b7e1-03f8bde89cbd
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.57.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:08 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6945e1a4893d2c22-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=21b813cb-0f6f-4612-b7e1-03f8bde89cbd
date
Sat, 25 Sep 2021 17:13:08 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6945e1a35f692c22-FRA
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
setuid
sync.quantumdex.io/ Frame E0C0
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=1866752352706313644
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=1866752352706313644
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.57.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:08 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6945e1a36f8c2c22-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:08 GMT
X-Proxy-Origin
216.131.114.73; 216.131.114.73; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
b07d11a1-13c3-47a2-b760-948ee76cf0cc
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=1866752352706313644
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame E0C0
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=3cb4b388af008b1e3c1679e3
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=3cb4b388af008b1e3c1679e3
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.57.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:08 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6945e1a36f7b2c22-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Sat, 25 Sep 2021 17:13:08 GMT
Server
nginx
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=3cb4b388af008b1e3c1679e3
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
Cookie set uc.html
sync.go.sonobi.com/ Frame 3700 		43 B
551 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Date
Sat, 25 Sep 2021 17:13:08 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s579|YU9Yp; path=/; domain=.go.sonobi.com
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 6E91 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f926c5bfc9bf3d9c9b00bc3b47d67b5d00f06326f6c47ec3e11a3235d5e5e17c

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Cookie
CMID=YU9YpIvEk4ZlqQwmE-kNwgAA; CMPS=5225; CMPRO=1104; CMST=YU9YpGFPWKQA; CMRUM3=2d614f58a405a0&f1614f58a405a0&27614f58a40b40&6f614f58a405a0&c4614f58a405a0&e6614f58a42760&03614f58a405a0&0d614f58a405a0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
73|46|206|4|221|195|218|156
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1678
Expires
Sat, 25 Sep 2021 17:13:08 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:08 GMT
Connection
keep-alive
Set-Cookie
CMID=YU9YpIvEk4ZlqQwmE-kNwgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 25 Sep 2022 17:13:08 GMT CMPS=5225;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 24 Dec 2021 17:13:08 GMT CMPRO=1104;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 24 Dec 2021 17:13:08 GMT CMRUM3=6f614f58a405a0&27614f58a40b40&49614f58a405a0&03614f58a405a0&04614f58a405a0&e6614f58a42760&2e614f58a405a0&dd614f58a42760&c4614f58a405a0&f1614f58a405a0&2d614f58a405a0&da614f58a42760&ce614f58a405a0&9c614f58a405a00&c3614f58a405a00&0d614f58a405a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 25 Sep 2022 17:13:08 GMT
/
onetag-sys.com/usync/ Frame 3763 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 22C5 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=D99664AA-4F47-4114-BAAE-E70B620016F6; chkChromeAb67Sec=1; DPSync3=1633737600%3A201_197_219%7C1632614400%3A174; SyncRTB3=1633737600%3A54_161_3_8_220_13_7_21_56%7C1633824000%3A35; PUBMDCID=3; KRTBCOOKIE_57=22776-1866752352706313644; PugT=1632589985; KRTBCOOKIE_153=19420-AsyL5AHF3rMZxIfkUs-SslbPh-AZyoy1VZzZ-V_w&KRTB&22979-AsyL5AHF3rMZxIfkUs-SslbPh-AZyoy1VZzZ-V_w; KRTBCOOKIE_27=16735-uid:21cd614f-58a1-4d00-a8ef-28ac81915f69&KRTB&16736-uid:21cd614f-58a1-4d00-a8ef-28ac81915f69&KRTB&23019-uid:21cd614f-58a1-4d00-a8ef-28ac81915f69&KRTB&23114-uid:21cd614f-58a1-4d00-a8ef-28ac81915f69; KRTBCOOKIE_377=6810-55b3b496-f579-440a-904c-cb231f86d3bc&KRTB&22918-55b3b496-f579-440a-904c-cb231f86d3bc&KRTB&23031-55b3b496-f579-440a-904c-cb231f86d3bc; KRTBCOOKIE_336=5844-1518085779537032752; KRTBCOOKIE_391=22924-368486660504022358&KRTB&23263-368486660504022358; SPugT=1632589984; pp=156498; PMDTSHR=cat:
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=160783
expires
Mon, 27 Sep 2021 13:52:51 GMT
date
Sat, 25 Sep 2021 17:13:08 GMT
vary
Accept-Encoding
1
serving.stat-rock.com/v1/log/js/ 		35 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1632589988048.8003&type=OPPORTUNITY&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fdimpleleaf174&t=529&v=96&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.0055537690090443625
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.217.114.174 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap10.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 25 Sep 2021 17:13:08 GMT
srvf
95.217.114.174
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
1
serving.stat-rock.com/v1/log/js/ 		35 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?d=1&id=1632589988048.8003&type=OPPORTUNITY&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fdimpleleaf174&t=530&v=96&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.005987607898336522
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.217.114.174 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap10.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 25 Sep 2021 17:13:08 GMT
srvf
95.217.114.174
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
t
t.lkqd.net/ Frame 7C7B 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.94 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 25 Sep 2021 17:13:08 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.94 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 25 Sep 2021 17:13:08 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
p
sb.scorecardresearch.com/ 		64 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=13052&ns_st_ec=1&ns_st_cn=1&ns_st_ev=end&ns_st_ct=va&ns_st_cl=0&ns_st_pt=0&c3=vidoomynet&c4=&c6=&ns_ts=1632589988
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-125.fra50.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:08 GMT
via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
IvfuA0Dy5ujxTATFVYde-2d1v4vwdDHWsSUjay44bpKkEnEN2Nw8VA==
PugMaster
image6.pubmatic.com/AdServer/ Frame 22C5 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=37397417&p=156498&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
9a5e7d6e9ec052c67ffc31136753a0fbd285014f0277d5e46fd29a6cf628c50d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:07 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
YU9YpIvEk4ZlqQwmE_kNwgAABFAAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 6E91 		43 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YU9YpIvEk4ZlqQwmE_kNwgAABFAAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.176 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
pr-bh-ing.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:08 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
getuid
secure.adnxs.com/ Frame 6E91 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sync
ups.analytics.yahoo.com/ups/55940/ Frame 6E91 		0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YU9YpIvEk4ZlqQwmE_kNwgAABFAAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 17:13:08 GMT
Server
ATS/7.1.2.138
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame 6E91
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4550115372334824880
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4550115372334824880
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:08 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 25 Sep 2021 17:13:08 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4550115372334824880
pragma
no-cache
date
Sat, 25 Sep 2021 17:13:07 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
tpid=YU9YpIvEk4ZlqQwmE-kNwgAA%261104
bcp.crwdcntrl.net/map/c=6725/tp=INDX/ Frame 6E91 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YU9YpIvEk4ZlqQwmE-kNwgAA%261104?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.12.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-12-237.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 17:13:08 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.0.227
content-type
image/gif
content-length
49
expires
0
crum
dsum-sec.casalemedia.com/ Frame 6E91
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-8996f02a-9307-4d1a-b164-45ffc2d8afe8
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-8996f02a-9307-4d1a-b164-45ffc2d8afe8
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:08 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 25 Sep 2021 17:13:08 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-8996f02a-9307-4d1a-b164-45ffc2d8afe8
date
Sat, 25 Sep 2021 17:13:08 GMT
server
Apache-Coyote/1.1
content-length
0
ibs:dpid=23728&dpuuid=YU9YpIvEk4ZlqQwmE-kNwgAA%261104
dpm.demdex.net/ Frame 6E91 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YU9YpIvEk4ZlqQwmE-kNwgAA%261104?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.200.197 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
cookiesync
bttrack.com/pixel/ Frame 6E91 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName
Track001-dc3
Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:00 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
setuid
sync.quantumdex.io/ Frame 6E91 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YU9YpIvEk4ZlqQwmE_kNwgAABFAAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.57.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:08 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6945e1a428a42c22-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
Pug
simage2.pubmatic.com/AdServer/ Frame D7E7
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7011920606247319691
42 B
211 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7011920606247319691
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7011920606247319691
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=D99664AA-4F47-4114-BAAE-E70B620016F6; PUBMDCID=3; KRTBCOOKIE_57=22776-1866752352706313644; KRTBCOOKIE_153=19420-AsyL5AHF3rMZxIfkUs-SslbPh-AZyoy1VZzZ-V_w&KRTB&22979-AsyL5AHF3rMZxIfkUs-SslbPh-AZyoy1VZzZ-V_w; KRTBCOOKIE_27=16735-uid:21cd614f-58a1-4d00-a8ef-28ac81915f69&KRTB&16736-uid:21cd614f-58a1-4d00-a8ef-28ac81915f69&KRTB&23019-uid:21cd614f-58a1-4d00-a8ef-28ac81915f69&KRTB&23114-uid:21cd614f-58a1-4d00-a8ef-28ac81915f69; KRTBCOOKIE_377=6810-55b3b496-f579-440a-904c-cb231f86d3bc&KRTB&22918-55b3b496-f579-440a-904c-cb231f86d3bc&KRTB&23031-55b3b496-f579-440a-904c-cb231f86d3bc; KRTBCOOKIE_336=5844-1518085779537032752; KRTBCOOKIE_391=22924-368486660504022358&KRTB&23263-368486660504022358; pp=156498; PMDTSHR=cat:; chkChromeAb67Sec=2; DPSync3=1632614400%3A174%7C1633737600%3A221_226_227_235_201_197_219; SyncRTB3=1633737600%3A54_161_8_7_56_81_220_13_21_55_3_71_22_166%7C1633824000%3A35%7C1633132800%3A223_15_2%7C1635120000%3A203%7C1633392000%3A63; SPugT=1632589987; KRTBCOOKIE_22=14911-4550115372334824880; PugT=1632589988
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 25 Sep 2021 17:13:08 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_1101=23040-7011920606247319691; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 25-Oct-2021 17:13:08 GMT; path=/ PugT=1632589988; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 25-Oct-2021 17:13:08 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 24-Dec-2021 17:13:08 GMT; path=/
x-lat
lhrpug015:0:456
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Sat, 25 Sep 2021 17:13:08 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=7011920606247319691; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7011920606247319691
redir
rtb-csync.smartadserver.com/ Frame C4BF
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFKVGdrN0NuckVBQURiUGxTSGJIZw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAJTgk7CnrEAADbPlSHbHg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_curre...
43 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAJTgk7CnrEAADbPlSHbHg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Host
rtb-csync.smartadserver.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Cookie
pbw=%24b%3d16890%3b%24o%3d11100; vs=259837=4593193; TestIfCookie=ok; TestIfCookieP=ok; sasd2=q=%24qc%3D1309657985%3B%24ql%3DHigh%3B%24qpc%3D60311%3B%24qt%3D25_1045_42811t%3B%24dma%3D0&c=1&l=1881784456&lo=-721590141&lt=637681939849221626&o=1; sasd=%24qc%3D1309657985%3B%24ql%3DHigh%3B%24qpc%3D60311%3B%24qt%3D25_1045_42811t%3B%24dma%3D0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Sat, 25 Sep 2021 17:13:08 GMT
content-type
image/gif
transfer-encoding
chunked

Redirect headers

Date
Sat, 25 Sep 2021 17:13:08 GMT
location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAJTgk7CnrEAADbPlSHbHg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
setuid
sync.quantumdex.io/ Frame 728B 		43 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=D99664AA-4F47-4114-BAAE-E70B620016F6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.57.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/setuid?bidder=pubmatic&uid=D99664AA-4F47-4114-BAAE-E70B620016F6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
uid=15c037f3-11a6-4dce-aac3-04f782ee5a2e
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Sat, 25 Sep 2021 17:13:08 GMT
content-type
image/gif
content-length
43
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6945e1a4691c2c22-FRA
Artemis
aud.pubmatic.com/AdServer/ Frame 22C5
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=D99664AA-4F47-4114-BAAE-E70B620016F6&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=D99664AA-4F47-4114-BAAE-E70B620016F6&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=D99664AA-4F47-4114-BAAE-E70B620016F6&addseg=10,33,39
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=D99664AA-4F47-4114-BAAE-E70B620016F6&addseg=10,33,39
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.229 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:08 GMT
content-length
43
content-type
text/plain; charset=utf-8

Redirect headers

date
Sat, 25 Sep 2021 17:13:08 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=D99664AA-4F47-4114-BAAE-E70B620016F6&addseg=10,33,39
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame 22C5
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=D99664AA-4F47-4114-BAAE-E70B620016F6&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=D99664AA-4F47-4114-BAAE-E70B620016F6&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=D99664AA-4F47-4114-BAAE-E70B620016F6&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 17:13:06 GMT
frontend-id
11
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 25 Sep 2021 17:13:06 GMT
frontend-id
11
location
/pubmatic/1/info2?sType=sync&sExtCookieId=D99664AA-4F47-4114-BAAE-E70B620016F6&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 22C5 		95 B
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=D99664AA-4F47-4114-BAAE-E70B620016F6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.25.87 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:08 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6945e1a4bdf45c2c-FRA
access-control-allow-headers
*
content-length
95
p
a.audrte.com/ Frame 22C5
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=D99664AA-4F47-4114-BAAE-E70B620016F6
  • https://a.audrte.com/p
68 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.248.174 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 17:13:09 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sat, 25 Sep 2021 17:13:08 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
SPug
image4.pubmatic.com/AdServer/ Frame 22C5
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=D99664AA-4F47-4114-BAAE-E70B620016F6&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.TnqWsVE2uUuBVBL6gPhyu_Mdlr_08I-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.TnqWsVE2uUuBVBL6gPhyu_Mdlr_08I-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:07 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 25 Sep 2021 17:13:08 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.TnqWsVE2uUuBVBL6gPhyu_Mdlr_08I-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
D99664AA-4F47-4114-BAAE-E70B620016F6
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 22C5 		43 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/D99664AA-4F47-4114-BAAE-E70B620016F6?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.176 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
pr-bh-ing.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:08 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 22C5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=89dc79c7-90a1-4ae7-969f-c85fa43b5b52
  • https://x.bidswitch.net/sync?dsp_id=257&user_id=mk443a738d-1ad1-422e-a79a-39b221135c2d&expires=7&user_group=5&ssp=pubmatic&bsw_param=89dc79c7-90a1-4ae7-969f-c85fa43b5b52
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=89dc79c7-90a1-4ae7-969f-c85fa43b5b52&gdpr=&gdpr_consent=&gdpr_pd=
1 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=89dc79c7-90a1-4ae7-969f-c85fa43b5b52&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:08 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug004:0:475
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=89dc79c7-90a1-4ae7-969f-c85fa43b5b52&gdpr=&gdpr_consent=&gdpr_pd=
Date
Sat, 25 Sep 2021 17:13:08 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 22C5 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=D99664AA-4F47-4114-BAAE-E70B620016F6&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.215.202.137 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
ams01-usadmm.dotomi.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 17:13:08 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 22C5
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YU9YpAAAAma1QAA6&gdpr=0&gdpr_consent=&_test=YU9YpAAAAma1QAA6
1 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YU9YpAAAAma1QAA6&gdpr=0&gdpr_consent=&_test=YU9YpAAAAma1QAA6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:08 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug014:0:623
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 25 Sep 2021 17:13:08 GMT
via
1.1 varnish
server
Varnish
x-timer
S1632589989.644963,VS0,VE0
x-served-by
cache-hhn4075-HHN
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YU9YpAAAAma1QAA6&gdpr=0&gdpr_consent=&_test=YU9YpAAAAma1QAA6
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame 22C5
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4550115372334824880&gdpr=0&gdpr_consent=&us_privacy=
1 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4550115372334824880&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:08 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug009:0:494
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4550115372334824880&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 25 Sep 2021 17:13:07 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
image2.pubmatic.com/AdServer/ Frame 22C5
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=f21d3a9e-a4a1-4873-84f6-b16245ceb721-614f589f-5553&gdpr=0&gdpr_consent=
42 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=f21d3a9e-a4a1-4873-84f6-b16245ceb721-614f589f-5553&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:08 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug020:0:587
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 25 Sep 2021 17:13:08 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=f21d3a9e-a4a1-4873-84f6-b16245ceb721-614f589f-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 22C5
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:e8166378-8448-4f2d-9281-67e6a837ec4e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:e8166378-8448-4f2d-9281-67e6a837ec4e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:08 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug002:0:550
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:e8166378-8448-4f2d-9281-67e6a837ec4e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sat, 25 Sep 2021 17:13:08 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
match
ads.betweendigital.com/ Frame 2C3E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=between&bsw_custom_parameter=89dc79c7-90a1-4ae7-969f-c85fa43b5b52
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=between&expires=10&bsw_param=89dc79c7-90a1-4ae7-969f-c85fa43b5b52
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=89dc79c7-90a1-4ae7-969f-c85fa43b5b52
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=89dc79c7-90a1-4ae7-969f-c85fa43b5b52
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=89dc79c7-90a1-4ae7-969f-c85fa43b5b52
Date
Sat, 25 Sep 2021 17:13:08 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
/
adx.adform.net/adx/ 		65 B
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fask.fm%2Fdimpleleaf174
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:08 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
av
vidoomy-d.openx.net/v/1.0/ 		48 B
252 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fask.fm%2Fdimpleleaf174&cb=1570272622&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C1742852659819523282653898561,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.3 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 17:13:08 GMT
content-encoding
gzip
server
OXGW/16.216.3
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ask.fm
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
218945
search.spotxchange.com/vast/2.0/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=https%3A%2F%2Fask.fm%2Fdimpleleaf174&cb=1312443584&player_width=400&player_height=225&regs[gdpr]=&user[consent]=&device[geo][lat]=&device[geo][lon]=&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C1742852659819523282947868803%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 17:13:08 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000416
X-SpotX-Timing-SpotMarket
0.009920
X-SpotX-Timing-Page-Mux
0.001012
X-SpotX-Timing-Page-Require
0.000504
X-fe
105
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000021
Content-Length
77
X-SpotX-Timing-Page
0.015381
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000406
Last-Modified
Sat, 25 Sep 2021 17:13:08 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.009920
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://ask.fm
X-SpotX-Timing-Page-Misc
0.003091
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000010
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
adx.adform.net/adx/ 		65 B
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&url=https%3A%2F%2Fask.fm%2Fdimpleleaf174&t=2
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:08 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=978240434&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fdimpleleaf174&eov=eov&pi.width=400&pi...
  • https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=978240434&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fdimpleleaf174&eov=eov&pi.width=400&pi.hei...
249 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=978240434&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fdimpleleaf174&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=d37006ff-0c1f-4d6e-bb7b-a30d0e77164a&a.is_yahoo=3&redirect_y=dHM9MTYzMjU4OTk4ODY2MC42OTY3Nzc6dXVpZD0iNzAyNDI4MjEyODIwNzcyMTE1Ml9fVElNRV9fMjAyMS0wOS0yNSsxMCUzQTEzJTNBMDQiOmFwaWQ9VkFkODFlYjA1Zi0xZTIzLTExZWMtYTE0ZS0wMmI5MGMyN2IxZTU6cmVxdWVzdF9pZD1kMzcwMDZmZi0wYzFmLTRkNmUtYmI3Yi1hMzBkMGU3NzE2NGE=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.198.224 -, , ASN (),
Reverse DNS
Software
ATS/7.1.2.138 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:08 GMT
content-encoding
gzip
server
ATS/7.1.2.138
Age
0
content-type
text/xml
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0

Redirect headers

strict-transport-security
max-age=31536000
server
adaptv/1.0
access-control-allow-origin
https://ask.fm
content-type
text/plain
location
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=978240434&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fdimpleleaf174&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=d37006ff-0c1f-4d6e-bb7b-a30d0e77164a&a.is_yahoo=3&redirect_y=dHM9MTYzMjU4OTk4ODY2MC42OTY3Nzc6dXVpZD0iNzAyNDI4MjEyODIwNzcyMTE1Ml9fVElNRV9fMjAyMS0wOS0yNSsxMCUzQTEzJTNBMDQiOmFwaWQ9VkFkODFlYjA1Zi0xZTIzLTExZWMtYTE0ZS0wMmI5MGMyN2IxZTU6cmVxdWVzdF9pZD1kMzcwMDZmZi0wYzFmLTRkNmUtYmI3Yi1hMzBkMGU3NzE2NGE=
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
0
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C14085431011742852659819523282,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
34dbae2f7118d38b7f42d2da246deeb9420ab48011e405895e3e955e94bda93b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:08 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1158
x-sticky-vk
1632589988561049-416
Expires
Sat, 25 Sep 2021 17:13:08 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C19767281501742852659819523282,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
380434c67f43de9cc6c4e761829b5eded90ecad2d8bde9a893ba2bf029821ffb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:08 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1158
x-sticky-vk
1632589988668000-368
Expires
Sat, 25 Sep 2021 17:13:08 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C1742852659819523282462323965%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9de7e88cc8138dccce265887d1d0f32ccdf2cc000d7e159b1545f9fc8d26eb26

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:08 GMT
Server
nginx
Cache-Control
max-age=0, no-cache, no-store
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://ask.fm
Cneonction
close
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1188
x-sticky-vk
1632589988632019-406
Expires
Sat, 25 Sep 2021 17:13:08 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C17428526598195232821518883893%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a7d39ee6e42a4b15f217892bd42b51b7085e37aef56196308451f25444161119

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:08 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1190
x-sticky-vk
1632589988656011-426
Expires
Sat, 25 Sep 2021 17:13:08 GMT
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=321486151&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fdimpleleaf174&eov=eov&pi.width=400&pi...
  • https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=321486151&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fdimpleleaf174&eov=eov&pi.width=400&pi.hei...
249 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=321486151&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fdimpleleaf174&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=d894cbe4-d21c-4f2a-a72f-c3c578569c12&a.is_yahoo=3&redirect_y=dHM9MTYzMjU4OTk4NzkxOS40MTUyODM6dXVpZD0iNzAyNDI4MjEyODIwNzcyMTE1Ml9fVElNRV9fMjAyMS0wOS0yNSsxMCUzQTEzJTNBMDQiOmFwaWQ9VkFkODFlYjA1Zi0xZTIzLTExZWMtYTE0ZS0wMmI5MGMyN2IxZTU6cmVxdWVzdF9pZD1kODk0Y2JlNC1kMjFjLTRmMmEtYTcyZi1jM2M1Nzg1NjljMTI=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.198.224 -, , ASN (),
Reverse DNS
Software
ATS/7.1.2.138 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:09 GMT
content-encoding
gzip
server
ATS/7.1.2.138
Age
1
content-type
text/xml
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0

Redirect headers

strict-transport-security
max-age=31536000
server
adaptv/1.0
access-control-allow-origin
https://ask.fm
content-type
text/plain
location
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=321486151&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fdimpleleaf174&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=d894cbe4-d21c-4f2a-a72f-c3c578569c12&a.is_yahoo=3&redirect_y=dHM9MTYzMjU4OTk4NzkxOS40MTUyODM6dXVpZD0iNzAyNDI4MjEyODIwNzcyMTE1Ml9fVElNRV9fMjAyMS0wOS0yNSsxMCUzQTEzJTNBMDQiOmFwaWQ9VkFkODFlYjA1Zi0xZTIzLTExZWMtYTE0ZS0wMmI5MGMyN2IxZTU6cmVxdWVzdF9pZD1kODk0Y2JlNC1kMjFjLTRmMmEtYTcyZi1jM2M1Nzg1NjljMTI=
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
0
/
sync.bumlam.com/ Frame 2C3E
Redirect Chain
  • https://sync.bumlam.com/?src=aid0
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=dacaea4a-1e23-11ec-a6e9-002590c82437
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=dacaea4a-1e23-11ec-a6e9-002590c82437&bounce=1
  • https://sync.bumlam.com/?src=aid1&uid=hz3GvpdAk1NuoXGyK4k48g&
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=hz3GvpdAk1NuoXGyK4k48g&extra2=aidata
  • https://sync3.sniperlog.ru/?src=ggl&extra1=hz3GvpdAk1NuoXGyK4k48g&extra2=aidata&google_error=15
  • https://sync.bumlam.com/?src=ggl&extra1=hz3GvpdAk1NuoXGyK4k48g&extra2=aidata&google_error=15
43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bumlam.com/?src=ggl&extra1=hz3GvpdAk1NuoXGyK4k48g&extra2=aidata&google_error=15
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
31.172.81.160 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 17:13:09 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://sync.bumlam.com/?src=ggl&extra1=hz3GvpdAk1NuoXGyK4k48g&extra2=aidata&google_error=15
Date
Sat, 25 Sep 2021 17:13:09 GMT
Server
nginx
Connection
keep-alive
Content-Length
162
Content-Type
text/html
usync.html
eus.rubiconproject.com/ Frame E9A3
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=c37676ff-beca-530c-89de-a8a6e891f007&CACHEBUSTER=182228
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://cache.betweendigital.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 25 Sep 2021 17:13:09 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Date
Sat, 25 Sep 2021 17:13:09 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.94 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 25 Sep 2021 17:13:09 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame 7C7B 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.94 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 25 Sep 2021 17:13:09 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
truncated
/ Frame 98B5 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame F5FB 		337 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
473f9af2c2b3673ff53946714c6fa377298cdfd1b440b76f672d54c47653b9ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 17:13:09 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Sep 2021 12:45:27 GMT
ETag
"1632401127"
X-HW
1632589986.dop205.fr8.t,1632589989.cds143.fr8.shn,1632589989.cds143.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
116229
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame F5FB 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1632589989189
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 17:13:09 GMT
Last-Modified
Thu, 23 Sep 2021 12:45:27 GMT
ETag
"1632401127"
X-HW
1632589987.dop205.fr8.t,1632589989.cds055.fr8.shn,1632589989.cds055.fr8.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
auto-user-sync
ads.stickyadstv.com/ Frame F5FB 		0
0
generic
sync.ipredictive.com/d/sync/cookie/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=null&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&gdp...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YU9YpAAAAma1QAA6&gdpr=0&gdpr_consent=null
  • https://ad.turn.com/r/cs?pid=34&gdpr=0&gdpr_consent=null&gdpr=0&gdpr_consent=null
  • https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=4550115372334824880
  • https://sync.adotmob.com/cookie/stickyads?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=257&userId=06c0220407d4428ba6c6ea9a&gdpr=0&gdprConsent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NzRiZmI1OTNjNGE3Y2M2ZmI2ODg1NjU3NThlZDczYg==&gdpr=0&gdpr_consent=&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=&google_error=15&gdpr=0&gdpr_consent=&gdpr=0
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=5599088&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=0&gd...
0
0
/
ads.stickyadstv.com/additional-scripts/ Frame F5FB 		301 B
846 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fask.fm%2Fdimpleleaf174
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:09 GMT
Server
nginx
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1632589989048082-373
Expires
Sat, 25 Sep 2021 17:13:09 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame F5FB 		67 B
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&schain=1.0%2C1!vidoomy.com%2C54345%2C1%2C14085431011742852659819523282%2C%2C&vav=63322deee964463796903bb11dc28725&vaviv=f3dab8f44f6cde6e2ff0d4b4c4b64ce4&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.0.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fask.fm%2Fdimpleleaf174&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:09 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1632589989220006-381
Expires
Sat, 25 Sep 2021 17:13:09 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRiZmI1OTNjNGE3Y2M2ZmI2ODg1NjU3NThlZDczYg==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRiZmI1OTNjNGE3Y2M2ZmI2ODg1NjU3NThlZDczYg==&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 17:13:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:09 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NzRiZmI1OTNjNGE3Y2M2ZmI2ODg1NjU3NThlZDczYg==&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1632589989114061-417
Expires
Sat, 25 Sep 2021 17:13:09 GMT
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=74bfb593c4a7cc6fb688565758ed73b&ex=freewheel.tv&gdpr=0&gdpr_consent=
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=74bfb593c4a7cc6fb688565758ed73b&ex=freewheel.tv&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:09 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
AYYSX1WRVMX2CADHGP8W
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:09 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=74bfb593c4a7cc6fb688565758ed73b&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1632589989117060-406
Expires
Sat, 25 Sep 2021 17:13:09 GMT
async_usersync
ib.adnxs.com/ Frame 5C81 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:09 GMT
X-Proxy-Origin
216.131.114.73; 216.131.114.73; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
dff58c3f-253d-471f-b976-9148c9a8e662
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame E9A3 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8151be9a0a1ffee7f424832cd1fae0be070493c007895b0e9d8478da1a1e6869

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 17:13:09 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Sep 2021 16:02:32 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=40731
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9354
Expires
Sun, 26 Sep 2021 04:32:00 GMT
khaos.jpg
token.rubiconproject.com/ Frame E9A3 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/jpg
async_usersync
ib.adnxs.com/ Frame 1038 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Sep 2021 17:13:09 GMT
X-Proxy-Origin
216.131.114.73; 216.131.114.73; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
0ffc1b38-6b13-4611-8228-b453a7a0f176
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
t
t.lkqd.net/ Frame 7C7B 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.94 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 25 Sep 2021 17:13:09 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.94 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 25 Sep 2021 17:13:09 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
182228
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 2C3E
Redirect Chain
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/182228
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/182228
43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/182228
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.226.130.227 -, , ASN (),
Reverse DNS
Software
ms-counter-3.2.12/1.20.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 17:13:09 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
ms-counter-3.2.12/1.20.1
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma
no-cache
date
Sat, 25 Sep 2021 17:13:09 GMT
server
ms-counter-3.2.12/1.20.1
strict-transport-security
max-age=2678400
content-type
image/gif
location
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/182228
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.94 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sat, 25 Sep 2021 17:13:09 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame 7C7B 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.94 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 25 Sep 2021 17:13:09 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
1
sync-eu.connectad.io/pixel/ Frame 2C3E
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=c37676ff-beca-530c-89de-a8a6e891f007&expires=60
  • https://sync-eu.connectad.io/pixel/1?dataid=data3&uuid=89dc79c7-90a1-4ae7-969f-c85fa43b5b52
0
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-eu.connectad.io/pixel/1?dataid=data3&uuid=89dc79c7-90a1-4ae7-969f-c85fa43b5b52
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.8.174 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 17:13:09 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
cf-ray
6945e1aaab075be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Location
//sync-eu.connectad.io/pixel/1?dataid=data3&uuid=89dc79c7-90a1-4ae7-969f-c85fa43b5b52
Date
Sat, 25 Sep 2021 17:13:09 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
/
onetag-sys.com/usync/ Frame FFF2 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Domain
pixel.onaudience.com
URL
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=f3f0d732b0050e1fe8041a07f4420091
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
Domain
sync.ipredictive.com
URL
https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=5599088&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=0&gdpr_consent=
Domain
onetag-sys.com
URL
https://onetag-sys.com/usync/?pubId=5d1628750185ace

Verdicts & Comments Add Verdict or Comment

137 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| onbeforexrselect boolean| originAgentCluster function| logError function| $ function| jQuery function| PerfectScrollbar object| Turbolinks function| Cursores object| Utils object| Events object| Browser object| Turbolinkz function| Actions object| Ajax object| Mutex function| Pages object| AjaxUI object| ScrollBar object| AnswerCard object| ProfileTabCounters object| ThreadCounters object| Pager object| Config object| Answers undefined| AskfmAd undefined| Atcomplete undefined| Autofocus object| Flash object| Uploads object| Avatar object| Background object| Form object| Button object| Captcha function| Recaptcha2onLoad object| Checkbox object| ConfirmDialog function| Log object| PositionFixedFocus object| FacebookSharing object| Lightbox object| Yandex object| TrackingGoals object| FormXHR object| Gdpr object| GoogleAnalytics undefined| HoverToActive object| LoginCheck object| MassAsk object| Media object| Notifications object| Offers undefined| Optad360 object| PhotoAnswer object| Photopoll object| PopupCallback object| Pymk object| Pyml object| Questions object| SecretAnswers undefined| ServiceWorkerRemoval object| Stream undefined| Tagcomplete object| Toggle object| Tracking undefined| Viads object| Viewport function| admiral object| googletag string| esSdk function| es function| ym function| 4dm1r11545242527 object| __es_sdk string| f object| Ya object| yaCounter48953915 function| eHost string| va string| vb string| vc string| vd string| ve string| vf string| vg string| vh string| vi string| vj string| vk string| vl string| vm string| vn string| url function| firePixel function| loadVidPlayers object| lkqdSettings object| vpaidLoader object| lkqd object| mobile_blocked_mfs function| lkqd_http_response function| fbAsyncInit object| dataLayer object| FB object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| AdSlotCollection object| regeneratorRuntime object| pbjs325474 object| gaplugins object| gaGlobal object| gaData object| __oa360ScriptsState boolean| __isGoogleAllowed function| pbjs325474Chunk object| _pbjsGlobals function| JSEncrypt object| ADAGIO object| sas object| apntag object| _ADAGIO function| AdPlayerPro object| DMVAST function| playerPro

182 Cookies

Domain/Path Name / Value
ask.fm/ Name: locale
Value: de
ask.fm/ Name: uuid
Value: f70b640c-d4b3-4314-885e-4324846407d7
ask.fm/ Name: country
Value: DE
.ask.fm/ Name: _ym_uid
Value: 1632589983784394973
.ask.fm/ Name: _ym_d
Value: 1632589983
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 2224994575fake
.ask.fm/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 4005287629fake
.yandex.com/ Name: yandexuid
Value: 6120598741632589983
.yandex.com/ Name: yuidss
Value: 6120598741632589983
mc.yandex.com/ Name: yabs-sid
Value: 304036781632589983
.yandex.com/ Name: i
Value: PX2ACNAX+SlcQBQVMC8D6QeV/x9FQPH9DJSRndLduJnldCBdc7sXfy78dauYnfEcbvlCDBzClHGnhSW3xgiay6OhaKU=
.yandex.com/ Name: ymex
Value: 1664125983.yrts.1632589983#1664125983.yrtsi.1632589983
.scorecardresearch.com/ Name: UID
Value: 1ZU0TKBLQWZHPANLTVSZ8Pg1632589984
.bidswitch.net/ Name: tuuid
Value: 89dc79c7-90a1-4ae7-969f-c85fa43b5b52
.bidswitch.net/ Name: c
Value: 1632589983
.bidswitch.net/ Name: tuuid_lu
Value: 1632589983
.ask.fm/ Name: _ym_visorc
Value: w
.sitescout.com/ Name: ssi
Value: f21d3a9e-a4a1-4873-84f6-b16245ceb721#1632589983549
.turn.com/ Name: uid
Value: 4550115372334824880
ads.stickyadstv.com/ Name: UID
Value: 74bfb593c4a7cc6fb688565758ed73b
ads.stickyadstv.com/ Name: sessionId
Value: cbd491e8ad63303cf5c5aae685ad953
.adsrvr.org/ Name: TDID
Value: 55b3b496-f579-440a-904c-cb231f86d3bc
.tapad.com/ Name: TapAd_TS
Value: 1632589983730
.tapad.com/ Name: TapAd_DID
Value: 25e22c99-6acc-4f03-a6c8-63e1754dbe1f
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-0eea9e51-22c6-41b2-bbbe-0e1def4616e0-003%22%7D
pool.admedo.com/ Name: tuuid
Value: 6344ec75-1c56-4788-8567-344c623af1d1
pool.admedo.com/ Name: c
Value: 1632589983
pool.admedo.com/ Name: tuuid_lu
Value: 1632589983
.vidoomy.com/ Name: vidoomy-uids
Value: eyJ1aWRzIjp7IkJTIjp7InVpZCI6Ijg5ZGM3OWM3LTkwYTEtNGFlNy05NjlmLWM4NWZhNDNiNWI1MiIsImV4cGlyZXMiOjE2MzUxODE5ODN9LCJVTiI6eyJ1aWQiOiJSWC0wZWVhOWU1MS0yMmM2LTQxYjItYmJiZS0wZTFkZWY0NjE2ZTAtMDAzIiwiZXhwaXJlcyI6MTYzNTE4MTk4M319fQ==
.lkqd.net/ Name: sr59
Value: 1||1632589983
.lkqd.net/ Name: lkqdidts
Value: 1632589983
.lkqd.net/ Name: sr103
Value: 1||1632589983
.lkqd.net/ Name: sr99
Value: 1||1632589983
.lkqd.net/ Name: sr94
Value: 1|4478057778296896944|1632589983
.lkqd.net/ Name: lkqdid
Value: FdfmZyOpPOE
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjI0tbQwMrcwNzEwM7IwNDe0MBLiM9T1CPRM9SzzdA0vs_SU4jU0MzYytbC0tDAxMDQAAAy5HuY0AAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjI0tbQwMrcwNzEwM7IwNDe0MBLiM9T1CPRM9SzzdA0vs_QEACe2PfUlAAAA
c.deployads.com/ Name: d7s_dc
Value: 44NXSTCFdfmZyOpPOEi
.lkqd.net/ Name: sr85
Value: 1||1632589983
.adhaven.com/ Name: uid
Value: 4c_083d9508-1a0d-46dd-b5b7-6e402c26ca75
.bidr.io/ Name: bito
Value: AAJTgk7CnrEAADbPlSHbHg
.bidr.io/ Name: bitoIsSecure
Value: ok
.lkqd.net/ Name: sr90
Value: 1|4c_083d9508-1a0d-46dd-b5b7-6e402c26ca75|1632589984
.krushmedia.com/ Name: krm_r
Value: 57
.krushmedia.com/ Name: krm_usr
Value: 8128ae9c-5111-408d-9026-95df7974a732
event.clientgear.com/ Name: mkuuid
Value: mk443a738d-1ad1-422e-a79a-39b221135c2d
.lkqd.net/ Name: sr80
Value: 1|AAJTgk7CnrEAADbPlSHbHg|1632589984
.lkqd.net/ Name: sr102
Value: 1|8128ae9c-5111-408d-9026-95df7974a732|1632589984
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-0235a6a7-47a9-4c34-69fd-880d0cfd1a81.Cs%2BvVdSufEydRNjkq0aXMDo5IUq977K3u5wWL5WbPMk
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0-0235a6a7-47a9-4c34-69fd-880d0cfd1a81%24ip%24216.131.114.73.UQfB0%2F8uWc0MnP7lD%2BGZFICwMr8S8RB14JL7aRlOEAM
.tribalfusion.com/ Name: ANON_ID
Value: aVnr6ipyXagbqiVREF6qfnhZc7Yt6G0M6CW4GN0Jd16rxQBWQ2myyW5WSjJS7DZbPYbfFW9ZaNf
.openx.net/ Name: i
Value: 60bf67b5-862f-0718-1d3f-9b2acaeff743|1632589984
.lkqd.net/ Name: sr93
Value: 1|AjWmp0epTDRp_YgNDP0agdiDckk|1632589984
.openx.net/ Name: v
Value: 1
.openx.net/ Name: pd
Value: v2|1632589984|gu
.spotxchange.com/ Name: audience
Value: d862a7af-1e23-11ec-b51f-1e588e900006
.ask.fm/ Name: _awl
Value: 2.1632589984.0.4-49e9ded7-8ec9b471fd7e9a557c1418b58e3c25c8-6763652d6575726f70652d7765737431-614f58a0-0
.ask.fm/ Name: _ga
Value: GA1.2.830168045.1632589985
.ask.fm/ Name: _gid
Value: GA1.2.697122398.1632589985
.ask.fm/ Name: _gat_UA-12308109-15
Value: 1
.advertising.com/ Name: APID
Value: VAd81eb05f-1e23-11ec-a14e-02b90c27b1e5
.adaptv.advertising.com/ Name: adaptv_unique_user_cookie
Value: "7024282128207721152__TIME__2021-09-25+10%3A13%3A04"
ask.fm/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.yahoo.com/ Name: APID
Value: VAd81eb05f-1e23-11ec-a14e-02b90c27b1e5
.yahoo.com/ Name: A3
Value: d=AQABBKBYT2ECEB_I6jvpGjcUaJc1G7XcpUsFEgEBAQGqUGFZYQAAAAAA_eMAAA&S=AQAAAq34mCr-4wrI4CahMyMZsxs
ask.fm/ Name: cto_bidid
Value: 5xC11V9iSlVMOTVFTEtQUDhtQ1JDMGd1SktoTk9xQ3NCd1JFVU83MldYc053S0U4YlpaVGdTWTQyTkJuZ0ZhR2RTdVZtYVJMS0RQcnFVSkM1dkhXbCUyRm9QRHFBJTNEJTNE
ask.fm/ Name: cto_bundle
Value: yGeSPF9za2lEWWdxclBORyUyQkJLaG5TbU0lMkZIRVU1TW03MFJBc09FNyUyQjd2eGdyaGY5QXVXWkhQejZSZHpvOGs0MDlUOCUyRmVocWMyNW82d2lDVHNVREpzUnhTeHJFS1A4dTRRZXJpc0hPZ2JCb3h4U09ZJTNE
.smartadserver.com/ Name: pbw
Value: %24b%3d16890%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 259837=4593193
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1309657985%3B%24ql%3DHigh%3B%24qpc%3D60311%3B%24qt%3D25_1045_42811t%3B%24dma%3D0&c=1&l=1881784456&lo=-721590141&lt=637681939849221626&o=1
.smartadserver.com/ Name: sasd
Value: %24qc%3D1309657985%3B%24ql%3DHigh%3B%24qpc%3D60311%3B%24qt%3D25_1045_42811t%3B%24dma%3D0
.quantumdex.io/ Name: uid
Value: 15c037f3-11a6-4dce-aac3-04f782ee5a2e
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: c37676ff-beca-530c-89de-a8a6e891f007
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: unm
Value: 1
prebid.a-mo.net/ Name: __amc
Value: 1_1632589985_1632589985
.a-mo.net/ Name: amuid2
Value: 7aad1080-f1f2-48c4-a69f-25c9683790df
.adnxs.com/ Name: uuid2
Value: 1866752352706313644
.pubmatic.com/ Name: KADUSERCOOKIE
Value: D99664AA-4F47-4114-BAAE-E70B620016F6
.doubleclick.net/ Name: IDE
Value: AHWqTUmpmB-AuIUntUUgiTRDd9w9J4UfsbHI8I50h75Djs9Ri9UkmdgZGKkA7mYVU9k
.quantserve.com/ Name: d
Value: EM4BCwGqJPijAA
.quantserve.com/ Name: mc
Value: 614f58a1-98ff2-0b28b-737aa
.mathtag.com/ Name: uuid
Value: 21cd614f-58a1-4d00-a8ef-28ac81915f69
.simpli.fi/ Name: suid
Value: 47A5829E7E6946C5B7C405976CB6E826
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-1866752352706313644
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 19420-AsyL5AHF3rMZxIfkUs-SslbPh-AZyoy1VZzZ-V_w&KRTB&22979-AsyL5AHF3rMZxIfkUs-SslbPh-AZyoy1VZzZ-V_w
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:21cd614f-58a1-4d00-a8ef-28ac81915f69&KRTB&16736-uid:21cd614f-58a1-4d00-a8ef-28ac81915f69&KRTB&23019-uid:21cd614f-58a1-4d00-a8ef-28ac81915f69&KRTB&23114-uid:21cd614f-58a1-4d00-a8ef-28ac81915f69
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-55b3b496-f579-440a-904c-cb231f86d3bc&KRTB&22918-55b3b496-f579-440a-904c-cb231f86d3bc&KRTB&23031-55b3b496-f579-440a-904c-cb231f86d3bc
.de17a.com/ Name: guid2
Value: 1.1518085779537032752
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 8284600391802137550
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-1518085779537032752
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-368486660504022358&KRTB&23263-368486660504022358
.onaudience.com/ Name: cookie
Value: 346d20b87c2dc46f
.onaudience.com/ Name: done_redirects104
Value: 1
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: f3f0d732b0050e1fe8041a07f4420091
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSDNOM0gxNzZKMjAwNUg1TEu1MDAxTDQwTzMxMTIwsDRkAIJE%2F4hFIBoKAELoCeE%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBI9I9YBKSgAAAUeQGr"
.pubmatic.com/ Name: pp
Value: 156498
.pubmatic.com/ Name: PMDTSHR
Value: cat:
ads.stickyadstv.com/ Name: pxId
Value: 7169
ads.stickyadstv.com/ Name: uid-bp-30833
Value: 1
.fwmrm.net/ Name: _uid
Value: "g015_7011920601942695000"
ads.stickyadstv.com/ Name: uid-bp-36033
Value: g015_7011920601942695000
ads.stickyadstv.com/ Name: MRM_UID
Value: g015_7011920601942695000
ads.stickyadstv.com/ Name: uid-bp-159
Value: RETRY
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwisye_YuJSAOhAFGAEgASgCMgsIyO_fmc-UgDoQBTgBWglzdGlja3lhZHNgAg..
ads.stickyadstv.com/ Name: uid-bp-892
Value: 55b3b496-f579-440a-904c-cb231f86d3bc
.adnxs.com/ Name: icu
Value: ChgI_t1aEAoYAiACKAIwo7G9igY4AkACSAIQo7G9igYYAQ..
ads.stickyadstv.com/ Name: uid-bp-717
Value: y-olKPHKpE2oP_ql61nxOhdoVwxzJFMeIG4BPlcIji~A
ads.stickyadstv.com/ Name: uid-bp-951
Value: 1866752352706313644
ads.stickyadstv.com/ Name: uid-bp-529
Value: 21cd614f-58a1-4d00-a8ef-28ac81915f69
ads.stickyadstv.com/ Name: uid-bp-26913
Value: AAJTgk7CnrEAADbPlSHbHg
ads.stickyadstv.com/ Name: uid-bp-617
Value: 8284600391802137550
.w55c.net/ Name: wfivefivec
Value: UXhVP50d1MubeA5
.w55c.net/ Name: matchfreewheel
Value: 5
ads.stickyadstv.com/ Name: uid-bp-23329
Value: UXhVP50d1MubeA5
.yahoo.com/ Name: APIDTS
Value: 1632589988
.casalemedia.com/ Name: CMID
Value: YU9YpIvEk4ZlqQwmE-kNwgAA
.casalemedia.com/ Name: CMPS
Value: 5225
.lijit.com/ Name: ljt_reader
Value: 3cb4b388af008b1e3c1679e3
.casalemedia.com/ Name: CMPRO
Value: 1104
.casalemedia.com/ Name: CMST
Value: YU9YpGFPWKQA
.connectad.io/ Name:
Value: cadsync
.prebid.a-mo.net/ Name: plur_sv2_0
Value: 1632589988
.prebid.a-mo.net/ Name: plur_sv2_pubmatic
Value: 1632589988
.prebid.a-mo.net/ Name: plur_sv2_verizon_video
Value: 1632589988
.prebid.a-mo.net/ Name: plur_sv2_2
Value: 1632589988
.prebid.a-mo.net/ Name: plur_sv2_3
Value: 1632589988
.sharethrough.com/ Name: stx_user_id
Value: 8d8899d3-ef1c-4916-ad6b-cf121f740e63
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-0eea9e51-22c6-41b2-bbbe-0e1def4616e0-003%22%2C%22zdxidn%22%3A%222064%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D%22%7D
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.lkqd.net/ Name: sr55
Value: 1||1632589988
.id5-sync.com/ Name: id5
Value: 90ae2401-fe58-4175-8501-28b7348e2de0#1632589984741#2
.id5-sync.com/ Name: 3pi
Value:
.id5-sync.com/ Name: callback
Value:
.adotmob.com/ Name: uid
Value: 06c0220407d4428ba6c6ea9a
.adotmob.com/ Name: uuid
Value: 06c0220407d4428ba6c6ea9a
.adotmob.com/ Name: partners
Value: IX%3A1632589988403
ask.fm/ Name: _m_ask_fm_session
Value: OG9jVGJSamJ5RHFOcmxEMHdlaEhDNmtncU9ieWhoc2FxWSs0UkpZNjZVei9EZmtuU2ZyUTVkM1B2b1g3ZjBiTThib3E5OGZsZWtNUHluSkF4YmVNR1MwTWU3ZTQwdWZSaC94NzFqS3drZ255NkRTcndDNFExRzJoVUEvckt5VjdVbDVvQ2JSdmk4WVZNKzNYVEpaMUZ6YnZCUzBaQ2piN25wcXQzVjIvT3MzSUJiQllYUE1GNGNuV014U2MzM0dTbmN0YXhaQW1DS0xSaVNuQTFFemd0MXltaXpvYUE3OXl0V1lqSG1Rb1krRzVCdXBUMXhkQkJobmpDVUxOWmRVSC0tekx1S3ZSMHc2YnRMVzQ2MHVIZ0M4dz09--8b17136651755a3cc6659823d27052829af8e5d4
.ads.pubmatic.com/ Name: KCCH
Value: YES
.adsniper.ru/ Name: uuid3
Value: IiRkYWNhZWE0YS0xZTIzLTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: DPSync3
Value: 1632614400%3A174%7C1633737600%3A221_226_227_235_201_197_219
.pubmatic.com/ Name: SyncRTB3
Value: 1633737600%3A54_161_8_7_56_81_220_13_21_55_3_71_22_166%7C1633824000%3A35%7C1633132800%3A223_15_2%7C1635120000%3A203%7C1633392000%3A63
.bumlam.com/ Name: suuid3
Value: IiRkYWNhZWE0YS0xZTIzLTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
.adhigh.net/ Name: gi_u
Value: uM5CpJZ75d6m.AikABlF8HfJCpQ
.casalemedia.com/ Name: CMRUM3
Value: 0d614f58a4276006c0220407d4428ba6c6ea9a&c3614f58a405a00&c4614f58a405a0&2e614f58a405a0&dd614f58a42760&da614f58a42760&ce614f58a405a0&9c614f58a405a00&f1614f58a405a0&2d614f58a405a0&e6614f58a42760&03614f58a405a0&04614f58a427604550115372334824880&6f614f58a405a0&49614f58a405a0&27614f58a40b40
.analytics.yahoo.com/ Name: IDSYNC
Value: "17kh~20lt:194a~20lt:192w~20lt:192x~20lt:18z8~20lt"
ms.quantumdex.io/ Name: qdsp_uid
Value: 21b813cb-0f6f-4612-b7e1-03f8bde89cbd
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTYzMjU4OTk4ODU2MSwiNCI6MTYzMjU4OTk4MzU5NywiMzkiOjE2MzI1ODk5ODM1OTd9
.adfarm1.adition.com/ Name: UserID1
Value: 7011920606247319691
.pubmatic.com/ Name: SPugT
Value: 1632589987
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4550115372334824880
.pubmatic.com/ Name: PugT
Value: 1632589988
.adhigh.net/ Name: btw_sync
Value: IcE
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7011920606247319691
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-f21d3a9e-a4a1-4873-84f6-b16245ceb721-614f589f-5553
.zeotap.com/ Name: zc
Value: b105eca0-1d99-4ed2-692a-f2d81db3a820
.fiftyt.com/ Name: fifid
Value: fc263962-29fe-4e0c-7364-3d6d40717600
.fiftyt.com/ Name: cs
Value: MTYzMjU4OTk4OHxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fElubeDG-A3wf6745CKfTKcou4nctxBXGNz5inPK-7eD
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: cd7a1744fc35e2d7
.adsby.bidtheatre.com/ Name: __kuid
Value: e8166378-8448-4f2d-9281-67e6a837ec4e.401803988
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YU9YpAAAAma1QAA6
.fiftyt.com/ Name: fppm
Value: 20210925171308
.semasio.net/ Name: SEUNCY
Value: B1F922306DCB1631
.adaptv.advertising.com/ Name: migrated2y
Value: "1"
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 22978-YU9YpAAAAma1QAA6&KRTB&23194-YU9YpAAAAma1QAA6&KRTB&23209-YU9YpAAAAma1QAA6&KRTB&23244-YU9YpAAAAma1QAA6
.betweendigital.com/ Name: ut
Value: YU9YpAAJx-hVYlmsiMcfq3PQOmZIca67UE6aQg==
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-89dc79c7-90a1-4ae7-969f-c85fa43b5b52
.lkqd.net/ Name: sr53
Value: 1|O9K7oVeklgg5|1632589988

10 Console Messages

Source Level URL
Text
network error URL: https://ask.fm/dimpleleaf174
Message:
Failed to load resource: the server responded with a status of 410 (Gone)
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9407.1ej8TCR1I7ow3r-cB_U6dcPdadM5l7Ec1ipKSpeb7T6Te9IP53tbZ0Ds7RuMW6CR-q2LkeOJ6UdesJfjxHBoqQ%2C%2C.zsZIzaQCWTy1ipMUUoTlWUJgM90%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript error URL: https://ask.fm/dimpleleaf174
Message:
Access to XMLHttpRequest at 'https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc' (redirected from 'https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fask.fm%2Fdimpleleaf174&cb=52711983&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C63087268440557889392067577428,,') from origin 'https://ask.fm' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662308853187965
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://ask.fm/dimpleleaf174
Message:
Failed to load resource: the server responded with a status of 410 (Gone)
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://ask.fm/dimpleleaf174
Message:
Failed to load resource: the server responded with a status of 410 (Gone)
network error URL: https://idsync.rlcdn.com/464986.gif?partner_uid=FdfmZyOpPOE
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.tribalfusion.com
a.vidoomy.com
acdn.adnxs.com
ad.lkqd.net
ad.turn.com
ads-eu.v.ssp.yahoo.com
ads.adaptv.advertising.com
ads.betweendigital.com
ads.pubmatic.com
ads.stickyadstv.com
ads.vidoomy.com
adx.adform.net
aktrack.pubmatic.com
ap.lijit.com
ask.fm
aud.pubmatic.com
bcp.crwdcntrl.net
bh.contextweb.com
bidswitch-eu.splicky.com
bttrack.com
c.deployads.com
c1.adform.net
cache.betweendigital.com
cdn.connectad.io
cdn.jsdelivr.net
cdn.stickyadstv.com
cm.g.doubleclick.net
cmp.optad360.io
cms.quantserve.com
colossalcoat.com
connect.facebook.net
cs.krushmedia.com
cs.lkqd.net
d16vsmxl4d5tw1.cloudfront.net
d3r6ceqp4shltl.cloudfront.net
d5p.de17a.com
dbq8hrmshvuto.cloudfront.net
dis.criteo.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
esputnik.com
eus.rubiconproject.com
event.clientgear.com
get.optad360.io
gu.dyntrk.com
gum.criteo.com
htlb.casalemedia.com
i.connectad.io
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
js-sec.indexww.com
loadm.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mc.yandex.com
mc.yandex.ru
ms.quantumdex.io
mwzeom.zeotap.com
nep.advangelists.com
nxd.adhaven.com
onetag-sys.com
p.rfihub.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.tapad.com
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prg.smartadserver.com
pubmatic-match.dotomi.com
px.adhigh.net
rtb-csync.smartadserver.com
rtb.adentifi.com
s.amazon-adsystem.com
s.tribalfusion.com
sb.scorecardresearch.com
script.4dex.io
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
serving.stat-rock.com
simage2.pubmatic.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.adsafeprotected.com
stats.g.doubleclick.net
sync-eu.connectad.io
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.bumlam.com
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.quantumdex.io
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync3.adsniper.ru
sync3.sniperlog.ru
t.lkqd.net
token.rubiconproject.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
useast.quantumdex.io
v.lkqd.net
vid-io-cle.springserve.com
vid.pubmatic.com
vidoomy-d.openx.net
visitor.fiftyt.com
vpaid.pubmatic.com
vpaid.springserve.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.tns-counter.ru
x.bidswitch.net
x01.aidata.io
ads.stickyadstv.com
cm.g.doubleclick.net
onetag-sys.com
pixel.onaudience.com
sync-tm.everesttech.net
sync.ipredictive.com
104.109.78.125
104.16.86.20
104.18.12.5
104.18.15.161
104.22.25.87
104.22.55.206
104.22.57.126
13.248.242.197
135.125.160.160
142.250.184.200
142.250.184.226
142.250.184.238
143.204.101.165
143.204.101.224
143.204.101.57
143.204.98.119
143.204.98.125
143.204.98.6
143.204.98.82
146.20.128.78
146.20.132.69
146.20.132.94
147.75.38.124
151.101.2.49
151.139.128.11
151.236.71.82
159.65.197.210
169.50.137.190
172.253.120.154
172.67.8.174
178.162.133.149
178.250.0.157
178.250.0.163
18.158.198.224
18.194.4.47
184.31.84.150
185.183.112.148
185.29.134.248
185.64.189.114
185.64.189.229
185.64.190.75
185.64.190.78
185.64.190.80
185.86.137.133
185.86.138.32
185.94.180.124
192.132.33.46
193.0.160.128
193.138.77.144
193.232.148.141
194.226.130.227
198.148.27.140
2.18.232.130
2.18.233.180
2.18.234.21
2.18.234.233
2.19.35.65
205.185.216.10
212.82.100.176
213.155.156.182
213.19.147.44
3.123.90.134
3.126.56.137
3.128.15.210
3.129.250.65
3.213.248.174
31.13.92.14
31.13.92.36
31.172.81.160
31.172.81.172
34.107.184.81
34.246.212.58
34.254.143.3
34.98.64.218
35.158.223.21
35.159.45.88
35.171.36.131
35.201.96.126
35.201.96.133
35.210.53.219
35.227.248.159
35.244.174.68
37.157.2.239
37.157.6.252
37.252.173.215
37.252.173.27
46.228.164.11
47.252.78.131
49.12.13.182
51.89.42.88
51.89.9.254
52.17.150.98
52.18.12.237
52.19.174.220
52.205.151.180
52.30.200.197
52.46.154.242
54.209.16.83
54.93.133.131
63.215.202.137
63.33.134.133
66.155.71.25
69.173.144.165
72.251.249.13
77.243.60.138
77.88.21.119
8.2.110.134
85.114.159.93
89.108.119.43
91.228.74.133
95.217.114.174
96.46.186.57
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540
06483660f222ef21090d6268205b0e1722a78ddf48b44178a596cdd1e3db058f
07937a6c164e07a866ffebb0075c63cd59abaf51d7d7ec8288e989bcaa92e4ad
07f075bf5d549cbb4e0e14658ebdabe82db4a027f5a2d349581d7f00f77e7ef1
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
0a6a088ce88b703a49e8fb5f0d3096ce6f66491080477080d17f9727f9394268
0a76103406e7e58113441df8f2771a0f85544abb8f4abbf2ada5639b7326b659
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0df33bbf056c61ab7c3c2d0bbfe612a27d73899ff4e9379a65592d3894209531
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10f3c8534fa774caffa3cb82d97cc822c03a1a9f1cf5ff33b42dbaec87e5485d
126f70bb2559a1cc9e0ba41830e7d5e4e84abb8789409cfa6d89bf5020fd7655
183f6540981cc2cff9cef46b0b44c71f7c99156a7840de786f453c220dc6890a
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1accd948bfc40e8ec6a71d60ae55686814df618a225d665d892e2d5c459e4869
1c6d933e229c0d6b58c2198cafb0fd0e669a4f30a97876df6a251bd6ea3be5ba
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
26de30b34acac82a854c76a16e83cdc62cc9ee830353b33c6a0a7e0a6af3afb3
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b4f605742ba56e6a2bbaab92fb08a0532d7d690dcfa9770b225fa4ac4b65a5c
2d917facccaa2e9b926dc0e03d9cd5fb9799a38616b1fd921c249049215b1b41
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fb26debd1b0dc2ad4470e5ce5d13cf32333cc653b2c6ebcdfb707af465f52fb
318bb84d6256390bea784862600a5e1d1f432d627c550edc599eeb46641d6e0d
34dbae2f7118d38b7f42d2da246deeb9420ab48011e405895e3e955e94bda93b
3577c44d0ec4a3f5bb93919343bf66936d9471d28a9dd11c333615f9f3408a50
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
380434c67f43de9cc6c4e761829b5eded90ecad2d8bde9a893ba2bf029821ffb
3b952b3f1e0a77611474b4d168a3ba3c72b4be7ad57a071f8ef5061b2eab7ad3
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
445d4a7744f802bf1d563fe6e8be791375da23d50a6e69815fbe54f22b0320de
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
473f9af2c2b3673ff53946714c6fa377298cdfd1b440b76f672d54c47653b9ef
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a230fb87b8553133ee7a3bf10d8c6b5ad62ec9b03332c93a705eed2d557a50d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50b369f49129738f9a30ccc0362c956ce4667f1f00460b6233b8a2fbcde3a1f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
58327b25b09d7009b99da85bdc1852039781d9ca7c94358309083bb4c53900d1
6115ecfeca892ffef4dab2e54d40f4d840c008b65d43ef257a0184f9a4573e38
63b3a2f91e35bbb0b0d27dcf4c99fbc09e87ff92e52545c68a8b84d0c549301d
641ea53674cdccf36fc3f7a90a5756ba9ade81aa05f73f6544682e090176cd55
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
677dbd144709b39776555be63083a7789315b41255335fc423014eedc26c04d8
68bbd771eecb76f98639a65674facba6df78abad6550a712aff0d30fefe11c71
68e680e7fc29162479ceea99fd8ec1b384d534593b9ec4dc6c1101543dcc7e64
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
7b52ca49948dd8e72f792b1d2e6576bef0a7eae1ee8d9ce09707cbadc24563e5
7cb7054f41df4688162c9d762db001850e8b66dc54666797e197478f6d9887bb
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
8151be9a0a1ffee7f424832cd1fae0be070493c007895b0e9d8478da1a1e6869
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
86a90b183aecfa70018125329bdc860971b2f20123c0f40e68bac0a1dcb58645
87f061a51a572a2acf5fae1148e6f4cd90a06860c751d1c2615041481f431ac8
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ce174fc34969d02274382ec6da5a274b254802c3814de6971de6ec349c7dd6c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d766a9a8cba29e030ed823e1cb7797fe855542c31cfa6e8786738cc4ee9172c
8dce90c8d06a68d557afc87d1783527292438bda3950121393107dcb663dae07
8f6b753276fb19689d62bc8faa080e61d670c5be241c973bf261f8825821d584
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
922c64eafab3446ab36a749ac1e93e8dcbd637161988107a58cab903ab752c3e
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99cb29b730d22aa7c59a9fbfbe46c8d187f8319a852e4dbfcc04bd89a0cd43d0
9a5e7d6e9ec052c67ffc31136753a0fbd285014f0277d5e46fd29a6cf628c50d
9de7e88cc8138dccce265887d1d0f32ccdf2cc000d7e159b1545f9fc8d26eb26
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a4fee7a4e35dc68ef0339d5962e1af8cc483c2fdea70def97fb97a6cc075b5f3
a54b6501010a2a11a342b7f1459a10336ce2b96a98c523c015de676203f1e282
a7d39ee6e42a4b15f217892bd42b51b7085e37aef56196308451f25444161119
a93424c9abbb8dfbf54ab7ac46a0e4233a11f53e2b0a5fcea0264abc13e7aca8
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac243b23762e4a07032d021b32c1c8b457ffe8f3974bead1ae294ea15898291e
b10616760c90d4e265f25a7f3ff89851887f0ae4d91e11071a940788b151ef08
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b227f56a43511b6e86555660ea43ab1a46930545071c2e333f0465759ce63074
b477b579664c48d0b2e4446db03763a18ab4c22ff01a0a4eeea5049f7ac94900
b570d38ee9fb9d3c62cdd3395021b23cf0c1b8d6e55aa0f4c31496723a30c202
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2
b7639da768591a740c6b58bc9ddcc9631a1590a3fed56e061969897364096130
b85deb1925e6bcf2ef7d26b0c9623f4079317315c7c17a6042473813b1b35663
bb5fc650e66e1c93747a1c71b5d8328f780f3d0ba93eb7faff49eeb1c1d9b542
bc48ed93567fdd17b88530b500a6e8f04fc3060039be1f962c399e15c75c990c
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
becd7b0a899d583d345d3fd5c18927fe52f330e586cc55379e8c16832726cc2c
c142157c7fc3dc229fe700ecc5e9f3d581724d87bc3a95cdda2caef457199b8f
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c29bd940605257a5f5e6b8384831bb5affd018a2ec1665e10a687ad51c5669fa
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff2a37cdee3d1b34383ebc36078ea081f079ece3180bdfb149706961a93ed88
d508bc23e69e65b2773b660dc0c1664f0e08097c2375af9a6b80ffe05fa296a2
d730a56c524dd0fcc585ee044ff1e9263faab484c62d326aceb4e379fc781457
d7d631acec0e103fd3b9eeb25251cbf8a0a34a46042355426e2574333f2ebe6d
d82666f848091c41f833bd9697431fec9583909027d27f5d69306654db1461d4
d9bca32135f63f5e09efbeb495dfc732532423f195c5a3983dc4d044c51b1f02
dc74086fac0cf6f439243db9950cc8f1404a1b70e7722af16075864b1592db77
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dec9b1658814521902f86d8ba736b2e32de4fc3642069815e0a7d852f0ca9383
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e72e1f546abddf9871f231c92d6ed1d1ae30b67e2e86f18af763ee2f791c7434
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8
f3555f5b3c03b8c7f12bf4d9415a72f99adbd5b58fc4130c3c5fc2a434be6e3a
f35eb63af5172e2882f9880d0668b3517869ae1dcf15cec3b5b4ebd506ffb544
f5c8a792a541db5340839cc1cedbe0a3c90b6779fb4c7b38093103bf14a445c1
f5fd425fc2c941865be5b770d6a6ab2bd4bb2e41d2988104447132e7aa678a62
f81547002f4fd33e9755a9f6f2adff853fad8d331d995e9ab268744baa7c4f16
f8ea138521526c7cce3a5014c2198678efe300eef2415583a8768bedbde1dd0e
f926c5bfc9bf3d9c9b00bc3b47d67b5d00f06326f6c47ec3e11a3235d5e5e17c
fc35b6a76bb702a8e0aa388cf7382965c14420dbe7399dbddab0941b33c4eb82
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe944f0c391a7973c3f4e1a999ff5d5f7bc2a85dc97c5ef9598073ca4e4449f9