urlscan.io logo urlscan.io
SecurityTrails logo

ask.fm Open in urlscan Pro
193.138.77.147  Public Scan

Go To Rescan Add Verdict Report
URL: https://ask.fm/joinsleet68438
Submission: On May 22 via manual from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 77 IPs in 12 countries across 59 domains to perform 287 HTTP transactions. The main IP is 193.138.77.147, located in Latvia and belongs to ASK-FM, US. The main domain is ask.fm.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on July 30th 2020. Valid for: a year.
This is the only time ask.fm was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 193.138.77.147 395754 (ASK-FM)
10 2600:9000:218... 16509 (AMAZON-02)
6 29 2a02:6b8::1:119 13238 (YANDEX)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:21f... 16509 (AMAZON-02)
2 2600:9000:21f... 16509 (AMAZON-02)
4 23.111.211.20 7979 (SERVERS-COM)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f12... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 173.237.60.36 7979 (SERVERS-COM)
17 23.111.115.244 7979 (SERVERS-COM)
2 23.111.115.172 7979 (SERVERS-COM)
3 2a04:4e42:3::621 54113 (FASTLY)
2 23.111.115.236 7979 (SERVERS-COM)
2 176.99.5.169 49352 (LOGOL-AS)
4 195.209.108.46 52007 (ADRIVER-AS)
37 35.186.238.232 15169 (GOOGLE)
12 92.38.138.76 199524 (GCORE)
1 2 185.15.175.159 43226 (SAFEDATA ...)
4 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
5 2a02:6b8::90 13238 (YANDEX)
1 6 168.119.149.178 24940 (HETZNER-AS)
1 3 185.86.137.114 201081 (SMARTADSE...)
2 2a04:4e42:200... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a04:4e42::621 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
2 2.18.234.233 16625 (AKAMAI-AS)
5 37.157.4.25 198622 (ADFORM)
2 2 52.49.40.147 16509 (AMAZON-02)
4 8 37.252.173.62 29990 (ASN-APPNEX)
2 6 34.98.64.218 15169 (GOOGLE)
2 185.86.139.58 201081 (SMARTADSE...)
2 185.64.189.112 62713 (AS-PUBMATIC)
3 2a02:6b8:20::215 13238 (YANDEX)
2 92.223.103.253 199524 (GCORE)
2 92.223.103.107 199524 (GCORE)
2 83.229.25.63 199524 (GCORE)
2 92.223.103.191 199524 (GCORE)
2 11 167.233.6.13 24940 (HETZNER-AS)
10 205.185.216.10 20446 (HIGHWINDS3)
2 92.223.106.11 199524 (GCORE)
2 178.63.30.201 24940 (HETZNER-AS)
2 2 34.246.243.212 16509 (AMAZON-02)
4 52.209.54.187 16509 (AMAZON-02)
8 2a00:1148:db0... 47764 (MAILRU-AS...)
2 83.222.14.222 25532 (MASTERHOS...)
2 2600:9000:20e... 16509 (AMAZON-02)
2 2a00:1148:db0... 47764 (MAILRU-AS...)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
6 78.140.185.32 35415 (WEBZILLA)
2 178.250.2.146 44788 (ASN-CRITE...)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
3 51.89.9.252 16276 (OVH)
1 23.37.38.181 16625 (AKAMAI-AS)
1 136.144.59.88 54825 (PACKET)
2 10 2.18.234.21 16625 (AKAMAI-AS)
1 2.18.232.130 16625 (AKAMAI-AS)
2 3 13.248.242.197 16509 (AMAZON-02)
7 7 142.250.186.162 15169 (GOOGLE)
1 2 52.46.130.13 16509 (AMAZON-02)
1 1 185.183.112.155 60350 (VP)
2 2 151.101.114.49 54113 (FASTLY)
1 1 2001:678:cb4:... 56396 (TURN)
1 54.72.89.232 16509 (AMAZON-02)
1 52.29.9.114 16509 (AMAZON-02)
1 168.119.145.245 24940 (HETZNER-AS)
1 185.94.180.124 35220 (SPOTX-AMS)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 185.33.220.243 29990 (ASN-APPNEX)
5 2.18.233.180 16625 (AKAMAI-AS)
1 185.64.190.78 62713 (AS-PUBMATIC)
3 4 37.157.3.30 198622 (ADFORM)
2 2 213.155.156.169 1299 (TELIANET ...)
7 185.64.190.80 62713 (AS-PUBMATIC)
1 178.250.2.151 44788 (ASN-CRITE...)
2 2 185.29.133.58 30419 (MEDIAMATH...)
1 185.64.190.81 62713 (AS-PUBMATIC)
1 159.253.128.188 36351 (SOFTLAYER)
1 2a00:1288:110... 34010 (YAHOO-IRD)
1 185.64.190.75 62713 (AS-PUBMATIC)
1 184.30.20.198 16625 (AKAMAI-AS)
287 77
4    193.138.77.147 (Latvia)

ASN395754 (ASK-FM, US)
ask.fm
10    2600:9000:218e:a200:11:3771:2e40:21 (United States)

ASN16509 (AMAZON-02, US)
d3r6ceqp4shltl.cloudfront.net
29    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:21f3:4000:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.optad360.io
2    2600:9000:21f3:fe00:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)
get.optad360.io
4    23.111.211.20 (Russian Federation)

ASN7979 (SERVERS-COM, US)
viadata.store
pl.viadata.store
4    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    173.237.60.36 (United States)

ASN7979 (SERVERS-COM, US)
uscdn.viadata.store
17    23.111.115.244 (Russian Federation)

ASN7979 (SERVERS-COM, US)
logs.viadata.store
2    23.111.115.172 (Russian Federation)

ASN7979 (SERVERS-COM, US)
cdn.viadata.store
3    2a04:4e42:3::621 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    23.111.115.236 (Russian Federation)

ASN7979 (SERVERS-COM, US)
rtb-msk-2.viadata.store
2    176.99.5.169 (Russian Federation)

ASN49352 (LOGOL-AS, RU)
PTR: d41257.acod.regrucolo.ru
vtg1.rktch.com
4    195.209.108.46 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)
ad.adriver.ru
37    35.186.238.232 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 232.238.186.35.bc.googleusercontent.com
ads.viralize.tv
12    92.38.138.76 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
PTR: f9.moevideo.net
moevideo.biz
2    185.15.175.159 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)
dmg.digitaltarget.ru
4    2a02:26f0:6c00::210:ba28 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
static.viralize.tv
5    2a02:6b8::90 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
an.yandex.ru
6    168.119.149.178 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.178.149.119.168.clients.your-server.de
sync.richaudience.com
3    185.86.137.114 (France)

ASN201081 (SMARTADSERVER, FR)
www8.smartadserver.com
2    2a04:4e42:200::729 (United States)

ASN54113 (FASTLY, US)
cdn.ravenjs.com
2    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    2a04:4e42::621 (United States)

ASN54113 (FASTLY, US)
polyfill.io
2    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
5    37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
adx.adform.net
2    52.49.40.147 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.prod.bidr.io
8    37.252.173.62 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
6    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
viralize-d.openx.net
2    185.86.139.58 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
3    2a02:6b8:20::215 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
yastatic.net
2    92.223.103.253 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
playreplay.me
2    92.223.103.107 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
PTR: f45.moevideo.net
thesame.tv
2    83.229.25.63 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
cs-0.moevideo.biz
2    92.223.103.191 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
PTR: f31.moevideo.net
playreplay.net
11    167.233.6.13 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
video-library.showheroes.com
sync.showheroes.com
receiver-hetzner.showheroes.com
10    205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net
static.showheroes.com
2    92.223.106.11 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
moe.video
2    178.63.30.201 (Germany)

ASN24940 (HETZNER-AS, DE)
arv2.showheroes.com
2    34.246.243.212 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
dyn.emetriq.de
4    52.209.54.187 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-54-187.eu-west-1.compute.amazonaws.com
ups.xplosion.de
8    2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
ad.mail.ru
2    83.222.14.222 (Russian Federation)

ASN25532 (MASTERHOST-AS Moscow, Russia, RU)
content.adriver.ru
2    2600:9000:20eb:4400:e:29d5:db00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.xplosion.de
2    2a00:1148:db00::28 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
r.mradx.net
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
6    78.140.185.32 (Netherlands)

ASN35415 (WEBZILLA, NL)
PTR: ap8.adplayer.pro
serving.stat-rock.com
2    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
3    2606:4700:10::ac43:8ae (United States)

ASN13335 (CLOUDFLARENET, US)
i.connectad.io
cdn.connectad.io
sync-eu.connectad.io
3    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
1    23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
1    136.144.59.88 (Secaucus, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
10    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
1    2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com
acdn.adnxs.com
3    13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
7    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
2    52.46.130.13 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    185.183.112.155 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
2    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
1    54.72.89.232 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
dpm.demdex.net
1    52.29.9.114 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ice.360yield.com
1    168.119.145.245 (Germany)

ASN24940 (HETZNER-AS, DE)
s.richaudience.com
1    185.94.180.124 (United States)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
1    2a02:26f0:6c00::210:ba29 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
creatives.sascdn.com
1    185.33.220.243 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
secure.adnxs.com
5    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
vpaid.pubmatic.com
ads.pubmatic.com
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    213.155.156.169 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
d5p.de17a.com
7    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    185.29.133.58 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
1    159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
1    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
1    185.64.190.75 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
vid.pubmatic.com
1    184.30.20.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-198.deploy.static.akamaitechnologies.com
aktrack.pubmatic.com
Apex Domain
Subdomains		 Transfer
41 viralize.tv
ads.viralize.tv
static.viralize.tv
407 KB
26 viadata.store
viadata.store
uscdn.viadata.store
logs.viadata.store
cdn.viadata.store
pl.viadata.store
rtb-msk-2.viadata.store
197 KB
25 yandex.com
mc.yandex.com
5 KB
23 showheroes.com
video-library.showheroes.com
static.showheroes.com
arv2.showheroes.com
sync.showheroes.com
receiver-hetzner.showheroes.com
510 KB
18 pubmatic.com
hbopenbid.pubmatic.com
vpaid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
simage2.pubmatic.com
vid.pubmatic.com
aktrack.pubmatic.com Failed
78 KB
14 moevideo.biz
moevideo.biz
cs-0.moevideo.biz
390 KB
10 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
32 KB
10 cloudfront.net
d3r6ceqp4shltl.cloudfront.net
237 KB
9 casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
9 KB
9 adform.net
track.adform.net
adx.adform.net
c1.adform.net
4 KB
9 yandex.ru
mc.yandex.ru
an.yandex.ru
146 KB
8 mail.ru
ad.mail.ru
3 KB
8 doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
1 KB
7 richaudience.com
sync.richaudience.com
s.richaudience.com
3 KB
6 stat-rock.com
serving.stat-rock.com
96 KB
6 xplosion.de
ups.xplosion.de
cdn.xplosion.de
10 KB
6 openx.net
viralize-d.openx.net
2 KB
6 adriver.ru
ad.adriver.ru
content.adriver.ru
33 KB
5 criteo.com
gum.criteo.com
mug.criteo.com
dis.criteo.com
2 KB
5 smartadserver.com
www8.smartadserver.com
prg.smartadserver.com
3 KB
4 googleapis.com
ajax.googleapis.com
imasdk.googleapis.com
296 KB
4 google-analytics.com
www.google-analytics.com
58 KB
4 ask.fm
ask.fm
22 KB
3 adsrvr.org
match.adsrvr.org
1 KB
3 onetag-sys.com
onetag-sys.com
4 KB
3 connectad.io
i.connectad.io
cdn.connectad.io
sync-eu.connectad.io
1 KB
3 yastatic.net
yastatic.net
135 KB
3 polyfill.io
polyfill.io
823 B
3 jsdelivr.net
cdn.jsdelivr.net
3 KB
3 optad360.io
cmp.optad360.io
get.optad360.io
532 KB
2 mathtag.com
sync.mathtag.com
1 KB
2 de17a.com
d5p.de17a.com
634 B
2 everesttech.net
sync-tm.everesttech.net
644 B
2 amazon-adsystem.com
s.amazon-adsystem.com
961 B
2 indexww.com
js-sec.indexww.com
2 KB
2 mradx.net
r.mradx.net
78 KB
2 emetriq.de
dyn.emetriq.de
459 B
2 moe.video
moe.video
14 KB
2 playreplay.net
playreplay.net
664 B
2 thesame.tv
thesame.tv
664 B
2 playreplay.me
playreplay.me
664 B
2 bidr.io
match.prod.bidr.io
1 KB
2 stickyadstv.com
ads.stickyadstv.com
1 KB
2 ravenjs.com
cdn.ravenjs.com
19 KB
2 digitaltarget.ru
dmg.digitaltarget.ru
1 KB
2 rktch.com
vtg1.rktch.com
834 B
2 facebook.net
connect.facebook.net
66 KB
1 yahoo.com
pr-bh.ybp.yahoo.com
839 B
1 simpli.fi
um.simpli.fi
611 B
1 sascdn.com
creatives.sascdn.com
378 B
1 spotxchange.com
search.spotxchange.com
1 KB
1 360yield.com
ice.360yield.com
437 B
1 demdex.net
dpm.demdex.net
1 turn.com
ad.turn.com
425 B
1 adotmob.com
sync.adotmob.com
689 B
1 a-mo.net
prebid.a-mo.net
360 B
1 facebook.com
www.facebook.com
297 B
1 googletagmanager.com
www.googletagmanager.com
32 KB
0 exelator.com Failed
loada.exelator.com Failed
287 59
Domain Requested by
37 ads.viralize.tv ask.fm
static.viralize.tv
cdn.ravenjs.com
25 mc.yandex.com 4 redirects ask.fm
mc.yandex.ru
17 logs.viadata.store
12 moevideo.biz ask.fm
moevideo.biz
10 static.showheroes.com static.viralize.tv
static.showheroes.com
10 d3r6ceqp4shltl.cloudfront.net ask.fm
d3r6ceqp4shltl.cloudfront.net
8 ad.mail.ru moevideo.biz
r.mradx.net
8 ib.adnxs.com 4 redirects get.optad360.io
acdn.adnxs.com
7 cm.g.doubleclick.net 7 redirects
6 serving.stat-rock.com get.optad360.io
6 viralize-d.openx.net 2 redirects cdn.ravenjs.com
6 sync.richaudience.com 1 redirects ask.fm
sync.richaudience.com
5 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
5 an.yandex.ru ask.fm
an.yandex.ru
4 image2.pubmatic.com ads.pubmatic.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 adx.adform.net static.showheroes.com
get.optad360.io
cdn.ravenjs.com
4 ups.xplosion.de ask.fm
cdn.xplosion.de
4 sync.showheroes.com 2 redirects ask.fm
4 video-library.showheroes.com cdn.ravenjs.com
static.showheroes.com
4 static.viralize.tv ask.fm
static.viralize.tv
4 ad.adriver.ru ask.fm
content.adriver.ru
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
moevideo.biz
4 mc.yandex.ru 2 redirects d3r6ceqp4shltl.cloudfront.net
4 ask.fm d3r6ceqp4shltl.cloudfront.net
serving.stat-rock.com
3 simage2.pubmatic.com ads.pubmatic.com
3 ads.pubmatic.com vpaid.pubmatic.com
ads.pubmatic.com
3 match.adsrvr.org 2 redirects ssum-sec.casalemedia.com
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
3 onetag-sys.com get.optad360.io
3 receiver-hetzner.showheroes.com ask.fm
3 yastatic.net an.yandex.ru
3 polyfill.io static.viralize.tv
ask.fm
3 www8.smartadserver.com 1 redirects ask.fm
3 cdn.jsdelivr.net get.optad360.io
static.showheroes.com
2 sync.mathtag.com 2 redirects
2 d5p.de17a.com 2 redirects
2 vpaid.pubmatic.com cdn.ravenjs.com
static.viralize.tv
2 sync-tm.everesttech.net 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 js-sec.indexww.com get.optad360.io
ssum-sec.casalemedia.com
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 r.mradx.net ad.mail.ru
2 cdn.xplosion.de dyn.emetriq.de
2 content.adriver.ru moevideo.biz
2 dyn.emetriq.de 2 redirects
2 arv2.showheroes.com video-library.showheroes.com
2 moe.video moevideo.biz
2 playreplay.net moevideo.biz
2 cs-0.moevideo.biz moevideo.biz
2 thesame.tv moevideo.biz
2 playreplay.me moevideo.biz
2 hbopenbid.pubmatic.com cdn.ravenjs.com
2 prg.smartadserver.com cdn.ravenjs.com
2 match.prod.bidr.io 2 redirects
2 ads.stickyadstv.com cdn.ravenjs.com
2 imasdk.googleapis.com static.viralize.tv
2 ajax.googleapis.com static.viralize.tv
2 cdn.ravenjs.com static.viralize.tv
2 dmg.digitaltarget.ru 1 redirects
2 vtg1.rktch.com ask.fm
2 rtb-msk-2.viadata.store ask.fm
2 pl.viadata.store ask.fm
2 cdn.viadata.store ask.fm
2 viadata.store d3r6ceqp4shltl.cloudfront.net
ask.fm
2 get.optad360.io d3r6ceqp4shltl.cloudfront.net
get.optad360.io
2 connect.facebook.net d3r6ceqp4shltl.cloudfront.net
connect.facebook.net
1 aktrack.pubmatic.com
1 vid.pubmatic.com vpaid.pubmatic.com
1 pr-bh.ybp.yahoo.com ads.pubmatic.com
1 um.simpli.fi ads.pubmatic.com
1 image4.pubmatic.com ads.pubmatic.com
1 dis.criteo.com ads.pubmatic.com
1 image6.pubmatic.com ads.pubmatic.com
1 secure.adnxs.com cdn.ravenjs.com
1 creatives.sascdn.com
1 search.spotxchange.com cdn.ravenjs.com
1 s.richaudience.com cdn.ravenjs.com
1 ice.360yield.com cdn.ravenjs.com
1 dpm.demdex.net ssum-sec.casalemedia.com
1 ad.turn.com 1 redirects
1 sync.adotmob.com 1 redirects
1 sync-eu.connectad.io cdn.connectad.io
1 cdn.connectad.io get.optad360.io
1 acdn.adnxs.com get.optad360.io
1 prebid.a-mo.net get.optad360.io
1 htlb.casalemedia.com get.optad360.io
1 i.connectad.io get.optad360.io
1 track.adform.net sync.richaudience.com
1 uscdn.viadata.store ask.fm
1 stats.g.doubleclick.net www.google-analytics.com
1 www.facebook.com
1 cmp.optad360.io d3r6ceqp4shltl.cloudfront.net
1 www.googletagmanager.com d3r6ceqp4shltl.cloudfront.net
0 loada.exelator.com Failed ads.pubmatic.com
287 96

This site contains links to these domains. Also see Links.

Domain
about.ask.fm
lap78.ask.fm
safety.ask.fm
support.ask.fm
www.facebook.com
instagram.com
twitter.com
vk.com
Subject Issuer Validity Valid
*.ask.fm
AlphaSSL CA - SHA256 - G2		 2020-07-30 -
2021-09-27		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2021-02-22 -
2022-02-21		 a year crt.sh
mc.yandex.ru
Yandex CA		 2021-02-27 -
2021-08-09		 5 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-04-06 -
2021-07-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.optad360.io
Amazon		 2020-12-17 -
2022-01-15		 a year crt.sh
*.viadata.store
Sectigo RSA Domain Validation Secure Server CA		 2020-11-17 -
2021-11-27		 a year crt.sh
*.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-05-18 -
2022-03-26		 10 months crt.sh
vtg1.rktch.com
R3		 2021-05-20 -
2021-08-18		 3 months crt.sh
*.adriver.ru
RapidSSL RSA CA 2018		 2020-04-03 -
2022-04-24		 2 years crt.sh
*.viralize.tv
Sectigo RSA Domain Validation Secure Server CA		 2019-10-21 -
2021-11-18		 2 years crt.sh
*.moevideo.biz
AlphaSSL CA - SHA256 - G2		 2021-04-27 -
2022-05-29		 a year crt.sh
dmg.digitaltarget.ru
R3		 2021-03-24 -
2021-06-22		 3 months crt.sh
cdn.viralize.tv
R3		 2021-03-24 -
2021-06-22		 3 months crt.sh
bs.yandex.ru
Yandex CA		 2020-12-17 -
2021-06-17		 6 months crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-17 -
2022-03-16		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
cdn.ravenjs.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-02-22 -
2022-03-26		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-11-17		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.yastatic.net
Yandex CA		 2021-03-03 -
2021-09-01		 6 months crt.sh
*.playreplay.me
AlphaSSL CA - SHA256 - G2		 2021-02-11 -
2022-03-15		 a year crt.sh
*.thesame.tv
AlphaSSL CA - SHA256 - G2		 2020-07-02 -
2021-07-03		 a year crt.sh
*.playreplay.net
AlphaSSL CA - SHA256 - G2		 2020-10-01 -
2021-11-02		 a year crt.sh
*.showheroes.com
Go Daddy Secure Certificate Authority - G2		 2020-05-18 -
2021-06-16		 a year crt.sh
*.moe.video
AlphaSSL CA - SHA256 - G2		 2021-01-15 -
2022-02-16		 a year crt.sh
*.xplosion.de
R3		 2021-04-06 -
2021-07-05		 3 months crt.sh
*.mail.ru
GeoTrust ECC CA 2018		 2020-11-13 -
2021-11-17		 a year crt.sh
*.mradx.net
GeoTrust RSA CA 2018		 2019-07-17 -
2021-08-15		 2 years crt.sh
serving.stat-rock.com
R3		 2021-04-18 -
2021-07-17		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2021-05-16 -
2022-05-15		 a year crt.sh
onetag-sys.com
R3		 2021-05-02 -
2021-07-31		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.a-mo.net
R3		 2021-05-11 -
2021-08-09		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh
*.360yield.com
Amazon		 2020-08-26 -
2021-09-26		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2021-03-10 -
2022-03-29		 a year crt.sh
*.sascdn.com
DigiCert Secure Site ECC CA-1		 2020-10-14 -
2021-11-11		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-29 -
2021-09-22		 6 months crt.sh

This page contains 30 frames:

Primary Page: https://ask.fm/joinsleet68438
Frame ID: 6117E96EC038D4B4E525A9096E90C600
Requests: 89 HTTP requests in this frame

Frame: https://cdn.viadata.store/js/player/210323.js
Frame ID: DAB9382F93CE68A55F05235D234BCA59
Requests: 30 HTTP requests in this frame

Frame: https://static.viralize.tv/viralize_vpaid.min.d7315bd0.js?e=ops
Frame ID: 88B9A5A8558E1F6E0CCCB5D1FBA835DE
Requests: 2 HTTP requests in this frame

Frame: https://moevideo.biz/embed/player/1661/vpaid/vpaid.min.js
Frame ID: 56B99AE2FC41C560FC776E7D48F2F2F0
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ravenjs.com/3.17.0/raven.min.js
Frame ID: 6665DC33452C06332CA9DC34C735F990
Requests: 50 HTTP requests in this frame

Frame: https://moevideo.biz/embed/vpaid?token=23Vi%2Fovg%2FvKGA9q%2BAhLwWkk9WFZ0xjZqE5y6hDQGG9MGvkK%2BWxYx7zdhIpCnl4N5&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fjoinsleet68438&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
Frame ID: 22377B9E8EB22AEF359905E93790B1F8
Requests: 17 HTTP requests in this frame

Frame: https://sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/?rnd=82793291&rd=1
Frame ID: 79465BD30B3F08E76613639F74C5162F
Requests: 5 HTTP requests in this frame

Frame: https://static.showheroes.com/vpaid-shplayer.js
Frame ID: 487DDCD33BE0FEEA941227111F9A05BA
Requests: 1 HTTP requests in this frame

Frame: https://static.showheroes.com/publishertag.js
Frame ID: D7A9624673F828343878C5B2D3CA024F
Requests: 6 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: 1EEFE1FAE4B142B423215828B2A22265
Requests: 1 HTTP requests in this frame

Frame: https://video-library.showheroes.com/spot/iframe?pageurl=https%3A%2F%2Fask.fm&player=eb49cfb1-fe01-4d2d-bafe-5433cfc9ddac&player_type=publisher&debug=0&spsize=0x0&vpaid=1&footer=0&cmacros=%7B%22rpageurl%22%3A%22https%3A%2F%2Fask.fm%22%2C%22gdpr_applies%22%3A%221%22%2C%22user_consent_string%22%3A%22BO56w_lO56xKLAHABBENDW-AAAAyOAYAAqAB4AEEAJwAoABaADIAGkARABGACYAE8AKQAWwAxABvADmAH6AQABAgCGgFIAUoA4QCKAEdAKyAXUA%22%7D&native=true&consentData=BO56w_lO56xKLAHABBENDW-AAAAyOAYAAqAB4AEEAJwAoABaADIAGkARABGACYAE8AKQAWwAxABvADmAH6AQABAgCGgFIAUoA4QCKAEdAKyAXUA&gdprApplies=1
Frame ID: B1EAC514F3E61AFFC9DAE734D1292811
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: F9E40CACA91068ED354BF8920B84A222
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1BAE61B8000027FA039FF6213A6503A4
Requests: 3 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: B11AA0960A0C8D230EF245220CA4DCD4
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1621655096652
Frame ID: AA2524E738F0BCB5E97FF1DFB0EDB6FA
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 84F6D8CA10E4BB17E8736FF591D8255B
Requests: 10 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1
Frame ID: B074F36902A035AE2B5AE973BFBEEDCD
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621655094
Frame ID: DA8F05F234292E2C9F00648D26A87A4D
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: B435C4CDB388E711261755F94925628B
Requests: 13 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=0EDF2059-C159-48CF-B531-C28544A48CAF
Frame ID: 295A57183D4E863E0C9C7C1A997B26FB
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=629191319307479954
Frame ID: 4B124379CE600F4FC86EE6B4C315CDB2
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: CA0D471FF956E4EE07BAABEF08D7BE77
Requests: 1 HTTP requests in this frame

Frame: https://static.viralize.tv/viralize_vpaid.min.d7315bd0.js?e=ops
Frame ID: 6CE38BA0FE32E7E89299204884A97D28
Requests: 2 HTTP requests in this frame

Frame: https://moevideo.biz/embed/player/1661/vpaid/vpaid.min.js
Frame ID: 26FA9F770085DDCFDDE5AED82F357174
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ravenjs.com/3.17.0/raven.min.js
Frame ID: B6F11575E847BFD00451B64C9F59A2A5
Requests: 16 HTTP requests in this frame

Frame: https://moevideo.biz/embed/vpaid?token=iE8CiE0DpaibJX5Fp%2FSYIeO3kKjLfV3WROYHOVgRDGHVS1bSVgIRDoinAt%2BsKjjU&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fjoinsleet68438&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
Frame ID: E67B65757A5C8E2F1125ED5A114453C3
Requests: 17 HTTP requests in this frame

Frame: https://static.showheroes.com/vpaid-shplayer.js
Frame ID: D44A62BD28249A6C1864C3B793959C5D
Requests: 1 HTTP requests in this frame

Frame: https://static.showheroes.com/publishertag.js
Frame ID: 7FAA73509948EE83798902B1D55AB296
Requests: 6 HTTP requests in this frame

Frame: https://video-library.showheroes.com/spot/iframe?pageurl=https%3A%2F%2Fask.fm&player=eb49cfb1-fe01-4d2d-bafe-5433cfc9ddac&player_type=publisher&debug=0&spsize=0x0&vpaid=1&footer=0&cmacros=%7B%22rpageurl%22%3A%22https%3A%2F%2Fask.fm%22%2C%22gdpr_applies%22%3A%221%22%2C%22user_consent_string%22%3A%22BO56w_lO56xKLAHABBENDW-AAAAyOAYAAqAB4AEEAJwAoABaADIAGkARABGACYAE8AKQAWwAxABvADmAH6AQABAgCGgFIAUoA4QCKAEdAKyAXUA%22%7D&native=true&consentData=BO56w_lO56xKLAHABBENDW-AAAAyOAYAAqAB4AEEAJwAoABaADIAGkARABGACYAE8AKQAWwAxABvADmAH6AQABAgCGgFIAUoA4QCKAEdAKyAXUA&gdprApplies=1
Frame ID: 1A50EF766F7E882B71FF049E3DE064C5
Requests: 7 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: A6299D30E2EAAD3B729BA3EA16D1058B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

287
Requests

99 %
HTTPS

30 %
IPv6

59
Domains

96
Subdomains

77
IPs

12
Countries

3424 kB
Transfer

9811 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9280.SC7kil_FI2ShBsJSE9Jc0DNLPeMOb45S690ewCz3ODmcvqZEO5voDZy5IKjAMILr.HjpMDF2QGG-4mwp7rApHPmFYxYE%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9280.Y1WShN8WTv2dCy6FhL5lOvz1mLgzw8i4SThME9HNfzAzHf02j0yaYo8czajmvGQUuq84xtGewPGybONlEZASWw%2C%2C.k4I8xH6oEtQ6aud9WzQ1eEB0eQI%2C
Request Chain 15
  • https://mc.yandex.com/watch/48953915?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fjoinsleet68438&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A733%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A1249609047383%3Ahid%3A816800526%3Az%3A120%3Ai%3A20210522054453%3Aet%3A1621655093%3Ac%3A1%3Arn%3A1898372%3Au%3A1621655093990692247%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1621655092436%3Ads%3A1%2C292%2C188%2C1%2C0%2C0%2C%2C139%2C96%2C%2C%2C%2C624%3Adsn%3A1%2C293%2C187%2C1%2C0%2C0%2C%2C142%2C95%2C%2C%2C%2C625%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621655093%3At%3Amayervfxarsenault%20(%40joinsleet68438)%20%E2%80%94%20Ask%20me%20anything%20%7C%20ASKfm HTTP 302
  • https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fjoinsleet68438&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A733%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A1249609047383%3Ahid%3A816800526%3Az%3A120%3Ai%3A20210522054453%3Aet%3A1621655093%3Ac%3A1%3Arn%3A1898372%3Au%3A1621655093990692247%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1621655092436%3Ads%3A1%2C292%2C188%2C1%2C0%2C0%2C%2C139%2C96%2C%2C%2C%2C624%3Adsn%3A1%2C293%2C187%2C1%2C0%2C0%2C%2C142%2C95%2C%2C%2C%2C625%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621655093%3At%3Amayervfxarsenault%20%28%40joinsleet68438%29%20%E2%80%94%20Ask%20me%20anything%20%7C%20ASKfm
Request Chain 43
  • https://dmg.digitaltarget.ru/1/7205/i/i?a=945&e=e9fd838d-c0f5-46b4-8842-9a6e3059d410&i=1621655093 HTTP 307
  • https://dmg.digitaltarget.ru/awg/custom/7205/i/i?call_source=awg&a=945&e=e9fd838d-c0f5-46b4-8842-9a6e3059d410&i=1621655093
Request Chain 65
  • https://sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/?rnd=82793291 HTTP 302
  • https://sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/?rnd=82793291&rd=1
Request Chain 67
  • https://match.prod.bidr.io/cookie-sync/richaudience HTTP 303
  • https://match.prod.bidr.io/cookie-sync/richaudience?_bee_ppp=1 HTTP 303
  • https://sync.richaudience.com/5cabe097b3ebe2daf96e0f4655657171/?uid=AADlOk7BUPwAACzI4_pZWQ
Request Chain 68
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.richaudience.com%2Fa939d25b950298d0a5d324cea4fcd3d1%2F%3Fuid%3D$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.richaudience.com%252Fa939d25b950298d0a5d324cea4fcd3d1%252F%253Fuid%253D%24UID HTTP 302
  • https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=2041951535173767810
Request Chain 95
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9280.yT3N2nPx70bTT1H40nklBS6u8_MUr6yD2KugNwaSF7VYP8JnLkVTGfu6U91-m9oA.aq7vIXTiYkMkANKA21P8FmNw55o%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9280.UvcgVZmLBYNwsNLrSdq5zQLGyHZEKPapi9YPVXxdbrr_3kjKqkL4vgW4ayov_wg7I96KoN4cxJnH1IsVNHpJWKnyrb9OxIEZ5i3eKTjHOsk%2C.JIrDsdtCHlUFN8XHAwyIqxdrv-M%2C HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=9280.Jjqd4fkGYv4eSS_83Odo0Edju9zr9xkEWlDhQazCMRNHaf_fe8n-EmTfzBNDumQ7mpma4TisuKX_b7Yk1O4ItQ%2C%2C.9eFUQtP-9Xlg_JyedRyCfciNtuk%2C
Request Chain 104
  • https://sync.showheroes.com/getuid?gdpr=1&gdpr_consent=BO56w_lO56xKLAHABBENDW-AAAAyOAYAAqAB4AEEAJwAoABaADIAGkARABGACYAE8AKQAWwAxABvADmAH6AQABAgCGgFIAUoA4QCKAEdAKyAXUA HTTP 302
  • https://sync.showheroes.com/getuid?gdpr=1&gdpr_consent=BO56w_lO56xKLAHABBENDW-AAAAyOAYAAqAB4AEEAJwAoABaADIAGkARABGACYAE8AKQAWwAxABvADmAH6AQABAgCGgFIAUoA4QCKAEdAKyAXUA&q=%2Fgetuid&cvrd=1
Request Chain 105
  • https://dyn.emetriq.de/loader/44907/default.js?vendorId=213&vendorRestr=1,9&gdpr_consent=BO56w_lO56xKLAHABBENDW-AAAAyOAYAAqAB4AEEAJwAoABaADIAGkARABGACYAE8AKQAWwAxABvADmAH6AQABAgCGgFIAUoA4QCKAEdAKyAXUA&gdpr=1 HTTP 302
  • https://ups.xplosion.de/loader/44907/default.js?vendorId=213&vendorRestr=1,9&gdpr_consent=BO56w_lO56xKLAHABBENDW-AAAAyOAYAAqAB4AEEAJwAoABaADIAGkARABGACYAE8AKQAWwAxABvADmAH6AQABAgCGgFIAUoA4QCKAEdAKyAXUA&gdpr=1
Request Chain 132
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=tp6YGXxPY2JubFd0eHBMZjlXd1hHNGhVL3hUYTJObHA2VmhTVU9OaTBSbGgvM015OTN6dHBzdDVqRVdMSVd4bllFcmxWejAyUi84Rkxja1htc051WnRWNnpiVVJMalNoUDJwczVva1FMaDVvWm1acVhrTzBDeFQ3ZWk1Z0NBd1BZT2NQNk1SRTBvaUdpcmJ0a2FnQW52cUllcG5JcnVkbC9YcW04TWxFUmp1a3pLcjViRkdhQTJFVEZ4WGs5TG5KZ0UyNi94TjhaTjdwWWFEZTBzTHlHY2tuYlhRPT18&cppv=2
Request Chain 158
  • https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 161
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YKh.O0WQ3lzt3xAvGjy3nAAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YKh.O0WQ3lzt3xAvGjy3nAAA&google_tc= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDk99pbDmNNSxVLcBbKrrAw&google_cver=1&gdpr=1&google_hm=2
Request Chain 162
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YKh-O0WQ3lzt3xAvGjy3nAAABKQAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YKh-O0WQ3lzt3xAvGjy3nAAABKQAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDz23OXEe2uQgy18rqFaPyI&google_cver=1
Request Chain 163
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YKh-O0WQ3lzt3xAvGjy3nAAABKQAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YKh-O0WQ3lzt3xAvGjy3nAAABKQAAAAB&dcc=t
Request Chain 164
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06422204078cf73627701e08&expiration=[EXPIRATION]&gdpr=1
Request Chain 165
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YKh_PAABNgiMfQA4 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YKh_PAABNgiMfQA4&gdpr=1&_test=YKh_PAABNgiMfQA4
Request Chain 166
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3477389406791442099
Request Chain 185
  • https://www8.smartadserver.com/ac?siteid=115779&pgid=1238067&fmtid=43957&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1621655094&vpw=432&vph=243&pgDomain=ask.fm&gdpr_consent=&gdpr=1&schain=1.0,1!viralize.com,4704,1,,, HTTP 302
  • https://www8.smartadserver.com/ac?siteid=115779&pgid=1238067&fmtid=43957&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1621655094&vpw=432&vph=243&pgDomain=ask.fm&gdpr_consent=&gdpr=1&schain=1.0%2C1!viralize.com%2C4704%2C1%2C%2C%2C&cklb=1
Request Chain 193
  • https://viralize-d.openx.net/v/1.0/av?auid=541171639&url=ask.fm&cb=1621655094&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,, HTTP 302
  • https://viralize-d.openx.net/v/1.0/av?cc=1&auid=541171639&url=ask.fm&cb=1621655094&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,, HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Request Chain 196
  • https://viralize-d.openx.net/v/1.0/av?auid=541171639&url=ask.fm&cb=1621655094&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,, HTTP 302
  • https://viralize-d.openx.net/v/1.0/av?cc=1&auid=541171639&url=ask.fm&cb=1621655094&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,
Request Chain 197
  • https://viralize-d.openx.net/v/1.0/av?auid=541171639&url=ask.fm&cb=1621655094&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,, HTTP 302
  • https://viralize-d.openx.net/v/1.0/av?cc=1&auid=541171639&url=ask.fm&cb=1621655094&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,
Request Chain 210
  • https://c1.adform.net/serving/cookie/match?party=14&cid=0EDF2059-C159-48CF-B531-C28544A48CAF HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=0EDF2059-C159-48CF-B531-C28544A48CAF
Request Chain 211
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=629191319307479954
Request Chain 213
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Dt8gWcFZSM-1McKFRKSMrw%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 214
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=acd860a8-7e41-4200-858c-ada160ba32d6
Request Chain 215
  • https://pixel.onaudience.com/?partner=214&mapped=0EDF2059-C159-48CF-B531-C28544A48CAF HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=cc462e86-5c6f-479e-9845-7dcb8591d3fa&icm HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
Request Chain 216
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MEVERjIwNTktQzE1OS00OENGLUI1MzEtQzI4NTQ0QTQ4Q0FG&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 217
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAuDSojg_ZAxuLGlKcQoLNs&google_cver=1
Request Chain 219
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:401060a8-7e41-4c00-b75f-df13eaaddae6&gdpr=0&gdpr_consent=
Request Chain 220
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7903723858986152323
Request Chain 221
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=cc462e86-5c6f-479e-9845-7dcb8591d3fa
Request Chain 222
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1996824514442346772&gdpr=0&gdpr_consent=
Request Chain 277
  • https://sync.showheroes.com/getuid?gdpr=1&gdpr_consent=BO56w_lO56xKLAHABBENDW-AAAAyOAYAAqAB4AEEAJwAoABaADIAGkARABGACYAE8AKQAWwAxABvADmAH6AQABAgCGgFIAUoA4QCKAEdAKyAXUA HTTP 302
  • https://sync.showheroes.com/getuid?gdpr=1&gdpr_consent=BO56w_lO56xKLAHABBENDW-AAAAyOAYAAqAB4AEEAJwAoABaADIAGkARABGACYAE8AKQAWwAxABvADmAH6AQABAgCGgFIAUoA4QCKAEdAKyAXUA&q=%2Fgetuid&cvrd=1
Request Chain 278
  • https://dyn.emetriq.de/loader/44907/default.js?vendorId=213&vendorRestr=1,9&gdpr_consent=BO56w_lO56xKLAHABBENDW-AAAAyOAYAAqAB4AEEAJwAoABaADIAGkARABGACYAE8AKQAWwAxABvADmAH6AQABAgCGgFIAUoA4QCKAEdAKyAXUA&gdpr=1 HTTP 302
  • https://ups.xplosion.de/loader/44907/default.js?vendorId=213&vendorRestr=1,9&gdpr_consent=BO56w_lO56xKLAHABBENDW-AAAAyOAYAAqAB4AEEAJwAoABaADIAGkARABGACYAE8AKQAWwAxABvADmAH6AQABAgCGgFIAUoA4QCKAEdAKyAXUA&gdpr=1

287 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set joinsleet68438
ask.fm/ 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ask.fm/joinsleet68438
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.138.77.147 , Latvia, ASN395754 (ASK-FM, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
8d4b212e02c8d93800e3d0e88bf9b6fa100e3114a3eaff2b4404b6c32e15cc0f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
ask.fm
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Status
200 OK
Cache-Control
max-age=0, private, must-revalidate
ETag
W/"7dd8d8e65a8e7a91b92e974d2ff1cdb2"
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Date
Sat, 22 May 2021 03:44:52 GMT
Set-Cookie
locale=en; path=/; expires=Sun, 22 May 2022 09:44:52 -0000 uuid=c80b9fb9-eb36-40af-8162-fd1f3bc66f97; path=/; expires=Sun, 22 May 2022 09:44:52 -0000; secure; HttpOnly country=DE; path=/; expires=Sun, 22 May 2022 09:44:52 -0000 traffic_source=organic; path=/; expires=Mon, 24 May 2021 03:44:52 -0000 _m_ask_fm_session=Rk9WYWRld1FDN0haaUlQUk1KSEh1K0VIQVVUNlZ4U2NPcll0eXl4RHlZQ21teW5QVWlRSm5qRmUvY2RGOFA5UFNjV1daVGlNT3kyN0dKRHlKYXVma0dtVjhTT09uM05hU2RWREI0Z3BzTTAxeC9SR0E2Zm05b0x3cDArUmFGME5yck1weGhtc2R0K09iajNaVGRubE40dFo3RE1Ub09DWHlSQ0FvWVJ6N3VKZ0hjdzVIbUxLaVd1emlhY1R4b1JxckpzTnE5NW1ZU1VaRHRSR25mWHVpdjhRK3RPZStlTklZOVBFb0liNU9RQ2hWZ2hRb1dQYWdxTlR5Z1UxaXd6bS0tR2NQNk5NZFBad2Y0NXJYblBwb1VrUT09--eea450c0bb8e85acf0a3c370c11266272b6b46f2; path=/; expires=Tue, 25 May 2021 03:44:52 -0000; secure; HttpOnly
Server
Ask.FM Web Service
Content-Encoding
gzip
Content-Security-Policy
frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security
max-age=63072000
application_ltr-5e741ad5d513642f03d801fd3b9b6f1e0b160a8caa532481a4b3726d2c31b638.css
d3r6ceqp4shltl.cloudfront.net/assets/ 		186 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-5e741ad5d513642f03d801fd3b9b6f1e0b160a8caa532481a4b3726d2c31b638.css
Requested by
Host: ask.fm
URL: https://ask.fm/joinsleet68438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218e:a200:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
13be9605e71b444b62fa3d78780ea07b8d585696cb3afa8196adb89d17ee26fc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 07:03:24 GMT
content-encoding
gzip
age
1975288
x-cache
Hit from cloudfront
access-control-max-age
3000
content-length
40564
access-control-allow-origin
https://ask.fm
last-modified
Thu, 29 Apr 2021 05:41:49 GMT
server
Ask.FM Web Service
etag
"608a471d-9e74"
strict-transport-security
max-age=63072000
access-control-allow-methods
GET
content-type
text/css
via
1.1 ba7789e51500bb7b69a0c33a90aec411.cloudfront.net (CloudFront)
cache-control
public, max-age=315360000, immutable
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
CDG52-P1
x-amz-cf-id
5TUj_zvgHV55kilZaOpBWVB7QhTZMoG-J0vqVFn51PTmAE7NKxxkzg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
application-25cdb27fab782e5ee837664296143f732b96d09cad09968e25ca99f1b163ae9d.js
d3r6ceqp4shltl.cloudfront.net/assets/ 		218 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3r6ceqp4shltl.cloudfront.net/assets/application-25cdb27fab782e5ee837664296143f732b96d09cad09968e25ca99f1b163ae9d.js
Requested by
Host: ask.fm
URL: https://ask.fm/joinsleet68438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218e:a200:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
25cdb27fab782e5ee837664296143f732b96d09cad09968e25ca99f1b163ae9d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 07:03:23 GMT
content-encoding
gzip
age
1975289
x-cache
Hit from cloudfront
access-control-max-age
3000
content-length
69351
access-control-allow-origin
https://ask.fm
last-modified
Thu, 29 Apr 2021 05:41:49 GMT
server
Ask.FM Web Service
etag
"608a471d-10ee7"
strict-transport-security
max-age=63072000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 ba7789e51500bb7b69a0c33a90aec411.cloudfront.net (CloudFront)
cache-control
public, max-age=315360000, immutable
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
CDG52-P1
x-amz-cf-id
V4xY3NGQYJIk8tjEqV3IC6vN0oY3QlGKh5k7EmttdB-ijpybW-ArzA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
profile-bg-853324ad1cb1a0bbc62244f1854403cfe21ddb5bd45fd2595d018734c80daac7.png
d3r6ceqp4shltl.cloudfront.net/assets/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3r6ceqp4shltl.cloudfront.net/assets/profile-bg-853324ad1cb1a0bbc62244f1854403cfe21ddb5bd45fd2595d018734c80daac7.png
Requested by
Host: ask.fm
URL: https://ask.fm/joinsleet68438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218e:a200:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
853324ad1cb1a0bbc62244f1854403cfe21ddb5bd45fd2595d018734c80daac7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 11:14:48 GMT
via
1.1 ba7789e51500bb7b69a0c33a90aec411.cloudfront.net (CloudFront)
age
7403405
x-cache
Hit from cloudfront
access-control-max-age
3000
content-length
24239
last-modified
Wed, 27 Sep 2017 12:11:28 GMT
server
Ask.FM Web Service
etag
"59cb9570-5eaf"
strict-transport-security
max-age=63072000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
https://ask.fm
cache-control
public, max-age=315360000, immutable
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
CDG52-P1
accept-ranges
bytes
x-amz-cf-id
JKkTzqnFJ6rkc7rMhQM0Gm1mCjq7-BySsjP5B9qUCdwE8APsR0jM1g==
expires
Thu, 31 Dec 2037 23:55:55 GMT
tag.js
mc.yandex.ru/metrika/ 		215 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-25cdb27fab782e5ee837664296143f732b96d09cad09968e25ca99f1b163ae9d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
1234d3283f11235deeaa9c66ea51b7f5177161ab47278594372972092b587f25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:44:53 GMT
content-encoding
br
last-modified
Thu, 20 May 2021 19:10:33 GMT
etag
"609e8948-11068"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
69736
expires
Sat, 22 May 2021 04:44:53 GMT
noAvatar-c233d6098087425dfeea8f690fd936de6b3cb2dc9fda991b0a5051169d334399.png
d3r6ceqp4shltl.cloudfront.net/assets/ 		956 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3r6ceqp4shltl.cloudfront.net/assets/noAvatar-c233d6098087425dfeea8f690fd936de6b3cb2dc9fda991b0a5051169d334399.png
Requested by
Host: ask.fm
URL: https://ask.fm/joinsleet68438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218e:a200:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
c233d6098087425dfeea8f690fd936de6b3cb2dc9fda991b0a5051169d334399
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 11:15:13 GMT
via
1.1 ba7789e51500bb7b69a0c33a90aec411.cloudfront.net (CloudFront)
age
7403380
x-cache
Hit from cloudfront
access-control-max-age
3000
content-length
956
last-modified
Wed, 06 Sep 2017 12:36:34 GMT
server
Ask.FM Web Service
etag
"59afebd2-3bc"
strict-transport-security
max-age=63072000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
https://ask.fm
cache-control
public, max-age=315360000, immutable
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
CDG52-P1
accept-ranges
bytes
x-amz-cf-id
k9dTnGq5LEXIisQkfhixf82OdRz28Jb7yBgenbC8vsvrvy_CDECaYQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
fontello-4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316.woff2
d3r6ceqp4shltl.cloudfront.net/assets/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3r6ceqp4shltl.cloudfront.net/assets/fontello-4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316.woff2
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-5e741ad5d513642f03d801fd3b9b6f1e0b160a8caa532481a4b3726d2c31b638.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218e:a200:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Origin
https://ask.fm
Referer
https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-5e741ad5d513642f03d801fd3b9b6f1e0b160a8caa532481a4b3726d2c31b638.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 07:03:25 GMT
via
1.1 25ad1b0937f8931040e6831f872b7399.cloudfront.net (CloudFront)
vary
Accept-Encoding,Origin
age
1975288
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000
content-length
17880
last-modified
Thu, 29 Apr 2021 05:41:49 GMT
server
Ask.FM Web Service
etag
"608a471d-45d8"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
https://ask.fm
cache-control
public, max-age=315360000, immutable
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
CDG52-P1
accept-ranges
bytes
x-amz-cf-id
6N8dgC_Y1Cdvndfj1RjzV3G-gE-C-uBctoQjkI52lGL-z-FFs-d4ww==
expires
Thu, 31 Dec 2037 23:55:55 GMT
proximanova-semibold-41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401.woff2
d3r6ceqp4shltl.cloudfront.net/assets/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3r6ceqp4shltl.cloudfront.net/assets/proximanova-semibold-41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401.woff2
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-5e741ad5d513642f03d801fd3b9b6f1e0b160a8caa532481a4b3726d2c31b638.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218e:a200:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Origin
https://ask.fm
Referer
https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-5e741ad5d513642f03d801fd3b9b6f1e0b160a8caa532481a4b3726d2c31b638.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 11:14:43 GMT
via
1.1 25ad1b0937f8931040e6831f872b7399.cloudfront.net (CloudFront)
vary
Accept-Encoding,Origin
age
7403410
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000
content-length
25400
last-modified
Wed, 06 Sep 2017 12:36:34 GMT
server
Ask.FM Web Service
etag
"59afebd2-6338"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
https://ask.fm
cache-control
public, max-age=315360000, immutable
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
CDG52-P1
accept-ranges
bytes
x-amz-cf-id
gfkmk7eHD9HDISLM4CzuUw9L5xpjP-0tHU5noChCi1mMjMHWI__OEQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
proximanovareg-98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f.woff2
d3r6ceqp4shltl.cloudfront.net/assets/ 		51 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3r6ceqp4shltl.cloudfront.net/assets/proximanovareg-98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f.woff2
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-5e741ad5d513642f03d801fd3b9b6f1e0b160a8caa532481a4b3726d2c31b638.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218e:a200:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Origin
https://ask.fm
Referer
https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-5e741ad5d513642f03d801fd3b9b6f1e0b160a8caa532481a4b3726d2c31b638.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 07:55:47 GMT
via
1.1 25ad1b0937f8931040e6831f872b7399.cloudfront.net (CloudFront)
vary
Accept-Encoding,Origin
age
3008946
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000
content-length
52204
last-modified
Wed, 02 Aug 2017 08:00:22 GMT
server
Ask.FM Web Service
etag
"59818696-cbec"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
https://ask.fm
cache-control
public, max-age=315360000, immutable
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
CDG52-P1
accept-ranges
bytes
x-amz-cf-id
PboKXlLcU3S_hzGp0daHts4B6vTp0c2_boOpyZcXucJR5DAvWMNNtQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9280.SC7kil_FI2ShBsJSE9Jc0DNLPeMOb45S690ewCz3ODmcvqZEO5voDZy5IKjAMILr.HjpMDF2QGG-4mwp7rApHPmFYxYE%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9280.Y1WShN8WTv2dCy6FhL5lOvz1mLgzw8i4SThME9HNfzAzHf02j0yaYo8czajmvGQUuq84xtGewPGybONlEZASWw%2C%2C.k4I8xH6oEtQ6aud9WzQ1eEB0eQI%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9280.Y1WShN8WTv2dCy6FhL5lOvz1mLgzw8i4SThME9HNfzAzHf02j0yaYo8czajmvGQUuq84xtGewPGybONlEZASWw%2C%2C.k4I8xH6oEtQ6aud9WzQ1eEB0eQI%2C
Requested by
Host: ask.fm
URL: https://ask.fm/joinsleet68438
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:44:53 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9280.Y1WShN8WTv2dCy6FhL5lOvz1mLgzw8i4SThME9HNfzAzHf02j0yaYo8czajmvGQUuq84xtGewPGybONlEZASWw%2C%2C.k4I8xH6oEtQ6aud9WzQ1eEB0eQI%2C
date
Sat, 22 May 2021 03:44:53 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: ask.fm
URL: https://ask.fm/joinsleet68438
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:44:53 GMT
last-modified
Thu, 20 May 2021 19:10:33 GMT
etag
"609e8948-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sat, 22 May 2021 04:44:53 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-25cdb27fab782e5ee837664296143f732b96d09cad09968e25ca99f1b163ae9d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
edfcb536924e7dd1bfa230aa145bedae6eac0da0561def602d2109a9607a1ccf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
EPxAd08sHBBN9t+cwY8hlg==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1780
x-fb-rlafr
0
x-fb-debug
7fZ2Jrr0DIuPY86/MDz8JtNFwqXyB+896fMGhIv44W4xnl6QGaq5JBepGrNLeqnePk2erfDm++x2Wp8dkW5hjA==
x-fb-trip-id
917726464
x-fb-content-md5
f9930780ada72741b8c811812545c734
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sat, 22 May 2021 03:44:53 GMT
vary
Accept-Encoding
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"201d77446d6b6a1c5373a50a2910afd4"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 22 May 2021 04:02:31 GMT
gtm.js
www.googletagmanager.com/ 		81 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NDJVZHZ
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-25cdb27fab782e5ee837664296143f732b96d09cad09968e25ca99f1b163ae9d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fde6941198bb8c69106c9e8ad54a18c4f4f807ee4535b1a256bee3ffbaa80252
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:44:53 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32306
x-xss-protection
0
last-modified
Sat, 22 May 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 22 May 2021 03:44:53 GMT
3eb3366e-65c3-4a24-90f5-0026136a4131.min.js
cmp.optad360.io/items/ 		2 B
360 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.optad360.io/items/3eb3366e-65c3-4a24-90f5-0026136a4131.min.js
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-25cdb27fab782e5ee837664296143f732b96d09cad09968e25ca99f1b163ae9d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:4000:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 02:58:28 GMT
via
1.1 ec9e3bc729d9c6d55ed32446408ad62f.cloudfront.net (CloudFront)
last-modified
Wed, 28 Apr 2021 09:49:58 GMT
server
AmazonS3
age
2786
etag
"99914b932bd37a50b983c5e7c90ae93b"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
2
x-amz-cf-id
kufL5WQgmn8VAjIgLiBwTV26CAhCtCfTyDUw-QxDs4gnX78tw6k6mQ==
plugin.min.js
get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/ 		255 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-25cdb27fab782e5ee837664296143f732b96d09cad09968e25ca99f1b163ae9d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:fe00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9e0941532e70d706aef15f35e1432835cd264136dd148bf3802eaff5003d52ea

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:15:32 GMT
content-encoding
gzip
last-modified
Thu, 06 May 2021 09:54:50 GMT
server
AmazonS3
age
1762
etag
W/"c33938ad7b4d19b4a1024e88e093eb04"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
mFOz3d1HEHZJ96RCSFuLQyGSRuDG7OCyOpC4SU2tvNPOXDhc_ld2sQ==
html.js
viadata.store/slider/ 		8 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://viadata.store/slider/html.js?sid=102415
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-25cdb27fab782e5ee837664296143f732b96d09cad09968e25ca99f1b163ae9d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.211.20 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
3884bb65079b3ac4e7a345e6d5b37b5ac4df83158573810f331b3b4a1f5bb8c7

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:44:53 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
server
nginx/1.19.5
content-encoding
br
vary
Accept-Encoding
content-type
application/javascript
1
mc.yandex.com/watch/48953915/
Redirect Chain
  • https://mc.yandex.com/watch/48953915?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fjoinsleet68438&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A733%3Afu%3A0%3Aen%3Autf-8%3A...
  • https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fjoinsleet68438&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A733%3Afu%3A0%3Aen%3Autf-8%...
236 B
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fjoinsleet68438&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A733%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A1249609047383%3Ahid%3A816800526%3Az%3A120%3Ai%3A20210522054453%3Aet%3A1621655093%3Ac%3A1%3Arn%3A1898372%3Au%3A1621655093990692247%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1621655092436%3Ads%3A1%2C292%2C188%2C1%2C0%2C0%2C%2C139%2C96%2C%2C%2C%2C624%3Adsn%3A1%2C293%2C187%2C1%2C0%2C0%2C%2C142%2C95%2C%2C%2C%2C625%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621655093%3At%3Amayervfxarsenault%20%28%40joinsleet68438%29%20%E2%80%94%20Ask%20me%20anything%20%7C%20ASKfm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
da99152e855fe6ad6e826fb421e8e168df6cf7fc7f425b8c5a4604d364cb2ec3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:44:53 GMT
x-content-type-options
nosniff
last-modified
Sat, 22-May-2021 03:44:53 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
236
x-xss-protection
1; mode=block
expires
Sat, 22-May-2021 03:44:53 GMT

Redirect headers

pragma
no-cache
date
Sat, 22 May 2021 03:44:53 GMT
last-modified
Sat, 22-May-2021 03:44:53 GMT
location
/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fjoinsleet68438&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A733%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A1249609047383%3Ahid%3A816800526%3Az%3A120%3Ai%3A20210522054453%3Aet%3A1621655093%3Ac%3A1%3Arn%3A1898372%3Au%3A1621655093990692247%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1621655092436%3Ads%3A1%2C292%2C188%2C1%2C0%2C0%2C%2C139%2C96%2C%2C%2C%2C624%3Adsn%3A1%2C293%2C187%2C1%2C0%2C0%2C%2C142%2C95%2C%2C%2C%2C625%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621655093%3At%3Amayervfxarsenault%20%28%40joinsleet68438%29%20%E2%80%94%20Ask%20me%20anything%20%7C%20ASKfm
strict-transport-security
max-age=31536000
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sat, 22-May-2021 03:44:53 GMT
sdk.js
connect.facebook.net/en_US/ 		216 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=f60798d99760a7ac23d01de22b59ad93&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bc522bd7f7b67287acef41161260f73fd1164bc1dbd77665f2dd41577618547a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://ask.fm
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
gsFy8/f061xwzr2DBdXiag==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
65184
x-fb-rlafr
0
x-fb-debug
XQRfzbZvVz/B22a74Z25UemkzaFjp1u7xBkpka0CUDLhwWcaUmcreFJS30Ajf4dibSF6No7Q8oKVPQm3xLfj1A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
b7123a9c34acc06a751b672561c90f6e
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sat, 22 May 2021 03:44:53 GMT
vary
Accept-Encoding
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"f8da3ed2877f8e9ba91231451e826924"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 21 May 2022 18:33:20 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDJVZHZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
4681
date
Sat, 22 May 2021 02:26:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Sat, 22 May 2021 04:26:52 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=168930844&t=pageview&_s=1&dl=https%3A%2F%2Fask.fm%2Fjoinsleet68438&ul=en-us&de=UTF-8&dt=mayervfxarsenault%20(%40joinsleet68438)%20%E2%80%94%20Ask%20me%20anything%20%7C%20ASKfm&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=35327943&gjid=1279747464&cid=1706668700.1621655093&tid=UA-12308109-15&_gid=1637811573.1621655093&_r=1&gtm=2wg5c1NDJVZHZ&z=990247695
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:44:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=129215213762342&ev=fb_page_view&dl=https%3A%2F%2Fask.fm%2Fjoinsleet68438&rl=&if=false&ts=1621655093521&sw=1600&sh=1200&at=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:44:53 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 22 May 2021 03:44:53 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
79 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-12308109-15&cid=1706668700.1621655093&jid=35327943&gjid=1279747464&_gid=1637811573.1621655093&_u=YEBAAEAAAAAAAC~&z=793219266
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 22 May 2021 03:44:53 GMT
content-type
text/plain
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
hls.js
uscdn.viadata.store/static/js/ 		235 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uscdn.viadata.store/static/js/hls.js
Requested by
Host: ask.fm
URL: https://ask.fm/joinsleet68438
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.237.60.36 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
edb48f47d769a51a21230739ab84880f5d7b12367a72f636e33cb178b0b3d746
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:44:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 28 Dec 2020 14:11:16 GMT
server
nginx
etag
W/"5fe9e784-3ab3e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
code.js
viadata.store/tag/ 		30 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://viadata.store/tag/code.js
Requested by
Host: ask.fm
URL: https://ask.fm/joinsleet68438
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.211.20 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
9e18d136de6919f81e71cd18adbbd83a8dbbba1e5073b101f3ee35a826b7993a

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:44:53 GMT
cache-control
public
content-type
application/javascript
server
nginx/1.19.5
content-encoding
br
vary
Accept-Encoding
expires
Sun, 23 May 2021 03:44:53 GMT
site
logs.viadata.store/req/ 		43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logs.viadata.store/req/site?sid=102415&cid=0&uid=e9fd838d-c0f5-46b4-8842-9a6e3059d410&event=playerLoaded&cb=1621655093534
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:44:53 GMT
x-content-type-options
nosniff
last-modified
Sat, 22 May 2021 03:44:53 GMT
server
nginx
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT
prebid4.28.1.js
get.optad360.io/sf/ 		463 KB
464 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/prebid4.28.1.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:fe00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b1efea1ea1d5dacd4e53c4d220663ec89ebc5c91f6b99c4d7e8f3a670e901ff4

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 04:09:14 GMT
via
1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
last-modified
Tue, 02 Mar 2021 09:09:00 GMT
server
AmazonS3
age
776140
etag
"584a9977889abad1ce606050f709f6b5"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=360000000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
474184
x-amz-cf-id
F09QrlQUz5LARJGlygZUyblH8j_WKn1DXhKWDOvKE0F501tXor1WkQ==
210323.js
cdn.viadata.store/js/player/ Frame DAB9 		179 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viadata.store/js/player/210323.js
Requested by
Host: ask.fm
URL: https://ask.fm/joinsleet68438
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.172 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e1523bb7c50aeb3b7c37d26e7bd7e22977e11013b50865832a9db6b8fc19abc6

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:44:53 GMT
content-encoding
gzip
last-modified
Fri, 14 May 2021 11:26:13 GMT
server
nginx
etag
W/"609e5e55-2cdc4"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
x-continent
NA
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210522
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.28.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
629ae7ea2d3b37d20dbe091139a589730f71f03dcc7e96b26625a1186944788e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
37451
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
942
etag
W/"69c-E36ZA3rHOjYEqJ4zLEUELdsGSgU"
x-served-by
cache-fra19182-FRA
date
Sat, 22 May 2021 03:44:53 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
truncated
/ 		331 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		740 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		384 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		782 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		395 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		449 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		480 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		371 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f32ab7d466ee99b7e292e7b830b4c2ae03c2f959a0555264a01ceb892a15392

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
756b9209561d2a2a4a54f2198bf8e6ebd9b8982452f3a7607026acc259211c81

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
viads-player-logo-50.png
cdn.viadata.store/static/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.viadata.store/static/viads-player-logo-50.png
Requested by
Host: ask.fm
URL: https://ask.fm/joinsleet68438
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.172 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
c3f11ffbaaba9768b1b5b86613b1dfe237de5257be4ac0a8d477ec497e38a20c

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:44:53 GMT
last-modified
Wed, 26 Feb 2020 10:23:58 GMT
server
nginx
etag
"5e56473e-26d1"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-allow-credentials
true
x-continent
NA
accept-ranges
bytes
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
9937
tags.php
pl.viadata.store/assets/ Frame DAB9 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pl.viadata.store/assets/tags.php?secured=1&language=en&page_url=https%3A%2F%2Fask.fm%2Fjoinsleet68438&pub_sid=102415&pub_sub=0&format=json&tgt=0&VIA_SUBID=&VIA_ABT=&pce=1&npx=1&VIA_DNT=0&page_domain=ask.fm&trackdomain=logs.viadata.store&VIA_DADPOS=1&avtoken=93885&VIA_WIDTH=432&VIA_HEIGHT=243&imp=false&rc=1&cb=1621655093929
Requested by
Host: ask.fm
URL: https://ask.fm/joinsleet68438
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.211.20 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
5b511c499ee25cdc29aa5d07618dbffae447b1ae47f2af4fcbcd9413dfa68b97

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 22 May 2021 03:44:53 GMT
content-encoding
br
access-control-allow-credentials
true
server
nginx/1.19.5
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cs
rtb-msk-2.viadata.store/vast/ Frame DAB9 		71 B
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb-msk-2.viadata.store/vast/cs?zone=102415&w=432&h=243&site=https%3A%2F%2Fask.fm%2Fjoinsleet68438&vp=2&cbb=1655093995
Requested by
Host: ask.fm
URL: https://ask.fm/joinsleet68438
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.236 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
ea8c11136a7433434705f93ac9b944267b1e5b18cb713fe9817c7ca09c730cf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:44:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
age
0
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/xml; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-store
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
access-control-allow-headers
Content-Type, Accept
v0
vtg1.rktch.com/ Frame DAB9 		21 B
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vtg1.rktch.com/v0?i=11736&url=https%3A%2F%2Fask.fm%2Fjoinsleet68438&siteid=102415&cbb=1655093996
Requested by
Host: ask.fm
URL: https://ask.fm/joinsleet68438
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.5.169 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
d41257.acod.regrucolo.ru
Software
nginx/1.14.2 /
Resource Hash
64a76d85490bf923477d715fb998da7a59c66988a645d080e2436f40cb3190f6

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 03:44:54 GMT
Server
nginx/1.14.2
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST
Content-Type
text/xml; charset=UTF-8
Access-Control-Allow-Origin
https://ask.fm
Access-Control-Max-Age
0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, Authorization, x-ad4-*
rle.cgi
ad.adriver.ru/cgi-bin/ Frame DAB9 		5 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=222536&bn=1&bt=61&pz=0&w=400&h=220&vp=5&target=top&vmindn=5&vmaxdn=180&vminbtr=30&vmaxbtr=3000&tuid=1&rnd=1655093997&tail256=https%3A%2F%2Fask.fm%2F
Requested by
Host: ask.fm
URL: https://ask.fm/joinsleet68438
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.108.46 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
69944ef89de303c4cfee4014eb05fcc21048959ff60fa0fb8d6d6c2281788e65

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 22 May 2021 03:44:54 GMT
Transfer-Encoding
chunked
P3P
policyref="https://adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Access-Control-Allow-Origin
https://ask.fm
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/xml
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
ads.viralize.tv/vast/ Frame DAB9 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.viralize.tv/vast/?zid=AADPh4dFgdgbKwgH&u=ask.fm&cbb=1655093997
Requested by
Host: ask.fm
URL: https://ask.fm/joinsleet68438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
44b1579df26d0f43a8a0e4a40f6f0968ffbe115426b899d67903e549b3bffb40

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:44:54 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding, Origin
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
expires
0
vast
moevideo.biz/ Frame DAB9 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/vast?ref=viads-ask.fm&impressionAfterPaid=1&es=1&vl=1&mvis=1&referrer=https%3A%2F%2Fask.fm%2Fjoinsleet68438&cbb=1655093997
Requested by
Host: ask.fm
URL: https://ask.fm/joinsleet68438
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.76 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f9.moevideo.net
Software
nginx / PHP/5.5.38
Resource Hash
25fb399d94d9031d730acaff6eebcd380b1d43d7c738d927d52448520fa52154

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 03:44:54 GMT
Content-Encoding
gzip
X-Mv-Embed-Version
1352
X-Powered-By
PHP/5.5.38
Transfer-Encoding
chunked
Connection
keep-alive
X-My-Reqtime
0.094
Pragma
no-cache
Last-Modified
Sat, 22 May 2021 03:44:54 GMT
Server
nginx
X-My-Name
s9
Access-Control-Allow-Methods
GET, POST
Content-Type
application/xml
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
X-Mv-TryCache
0
X-My-App-Time
0.002
Access-Control-Allow-Headers
Content-Type, Accept
Expires
Thu, 19 Feb 1998 13:24:18 GMT
i
dmg.digitaltarget.ru/awg/custom/7205/i/ Frame DAB9
Redirect Chain
  • https://dmg.digitaltarget.ru/1/7205/i/i?a=945&e=e9fd838d-c0f5-46b4-8842-9a6e3059d410&i=1621655093
  • https://dmg.digitaltarget.ru/awg/custom/7205/i/i?call_source=awg&a=945&e=e9fd838d-c0f5-46b4-8842-9a6e3059d410&i=1621655093
49 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmg.digitaltarget.ru/awg/custom/7205/i/i?call_source=awg&a=945&e=e9fd838d-c0f5-46b4-8842-9a6e3059d410&i=1621655093
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.15.175.159 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 03:44:54 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Request-Time
7
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
64
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Credentials
true

Redirect headers

Date
Sat, 22 May 2021 03:44:54 GMT
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Allow-Methods
GET, POST, OPTIONS
Location
https://dmg.digitaltarget.ru/awg/custom/7205/i/i?call_source=awg&a=945&e=e9fd838d-c0f5-46b4-8842-9a6e3059d410&i=1621655093
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
master-only
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
86400
Connection
keep-alive
Request-Time
0
Content-Length
0
X-Content-Type-Options
nosniff
dsp
logs.viadata.store/event/ Frame DAB9 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logs.viadata.store/event/dsp?sid=102415&event=rtb&event2=request&cb=1621655093992&tid=2110
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:44:54 GMT
x-content-type-options
nosniff
last-modified
Sat, 22 May 2021 03:44:54 GMT
server
nginx
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT
dsp
logs.viadata.store/event/ Frame DAB9 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logs.viadata.store/event/dsp?sid=102415&event=rtb&event2=request&cb=1621655093995&tid=2106
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:44:54 GMT
x-content-type-options
nosniff
last-modified
Sat, 22 May 2021 03:44:54 GMT
server
nginx
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT
dsp
logs.viadata.store/event/ Frame DAB9 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logs.viadata.store/event/dsp?sid=102415&event=rtb&event2=request&cb=1621655093996&tid=2552
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:44:54 GMT
x-content-type-options
nosniff
last-modified
Sat, 22 May 2021 03:44:54 GMT
server
nginx
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT
dsp
logs.viadata.store/event/ Frame DAB9 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logs.viadata.store/event/dsp?sid=102415&event=rtb&event2=request&cb=1621655093996&tid=2108
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:44:54 GMT
x-content-type-options
nosniff
last-modified
Sat, 22 May 2021 03:44:54 GMT
server
nginx
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT
dsp
logs.viadata.store/event/ Frame DAB9 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logs.viadata.store/event/dsp?sid=102415&event=rtb&event2=request&cb=1621655093997&tid=4760
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:44:54 GMT
x-content-type-options
nosniff
last-modified
Sat, 22 May 2021 03:44:54 GMT
server
nginx
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT
dsp
logs.viadata.store/event/ Frame DAB9 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logs.viadata.store/event/dsp?sid=102415&event=rtb&event2=request&cb=1621655093997&tid=2111
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:44:54 GMT
x-content-type-options
nosniff
last-modified
Sat, 22 May 2021 03:44:54 GMT
server
nginx
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT
dsp
logs.viadata.store/event/ Frame DAB9 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logs.viadata.store/event/dsp?sid=102415&event=rtb&event2=request&cb=1621655093997&tid=2555
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:44:54 GMT
x-content-type-options
nosniff
last-modified
Sat, 22 May 2021 03:44:54 GMT
server
nginx
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT
dsp
logs.viadata.store/event/ Frame DAB9 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logs.viadata.store/event/dsp?sid=102415&event=rtb&event2=request&cb=1621655093997&tid=2109
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:44:54 GMT
x-content-type-options
nosniff
last-modified
Sat, 22 May 2021 03:44:54 GMT
server
nginx
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT
viralize_vpaid.min.d7315bd0.js
static.viralize.tv/ Frame 88B9 		60 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.viralize.tv/viralize_vpaid.min.d7315bd0.js?e=ops
Requested by
Host: ask.fm
URL: https://ask.fm/joinsleet68438
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
86034ce77b3a6b40a35a983344766af5d5f5321ef04e81ec86cb2332d8676d66

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:44:54 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UyxHxuxGZDgkzbQKsyqv9ajuEjm7T9MrbV8s9MKaJ3LA6_yYHidPWtOtK_po3yE6K713RoO6LTBtZfgBYSieEuI8ugKxg
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
18173
last-modified
Mon, 17 May 2021 13:15:57 GMT
server
UploadServer
etag
"d7315bd0cad47e1de22db2bcee62a5da"
vary
Accept-Encoding
x-goog-hash
crc32c=LNcUbg==, md5=1zFb0MrUfh3iLbK87mKl2g==
x-goog-generation
1621257357658649
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-goog-stored-content-length
61774
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 21 Jun 2021 03:44:54 GMT
vpaid.min.js
moevideo.biz/embed/player/1661/vpaid/ Frame 56B9 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/player/1661/vpaid/vpaid.min.js
Requested by
Host: ask.fm
URL: https://ask.fm/joinsleet68438
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.76 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f9.moevideo.net
Software
nginx /
Resource Hash
e3cedeedecd228caa058b365fd4dd4a40f1995c71bc979fe79827bb752bbe2b8

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 03:44:54 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Apr 2021 12:17:35 GMT
Server
nginx
X-My-Name
s1
ETag
W/"60758bdf-1c64"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Connection
keep-alive
X-My-Reqtime
0.000
context.js
an.yandex.ru/system/ 		136 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/system/context.js
Requested by
Host: ask.fm
URL: https://ask.fm/joinsleet68438
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
5037fb1b6f8b0435d9cfaa47d129668d9e0c9d880fdb5af6344e78030050ae6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
strict-transport-security
max-age=31536000
content-encoding
br
etag
2394048809
x-yandex-req-id
1621655094428623-993030763174580408100106-production-app-host-sas-pcode-81
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 22 May 2021 04:44:54 GMT
/
sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/js/ 		301 B
312 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/js/?r=38454897532
Requested by
Host: ask.fm
URL: https://ask.fm/joinsleet68438
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.149.178 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.178.149.119.168.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash
7ccb349a9cf90fb6fa49e4adbe0d3674e0bfd9f1b2381f5fa075aa9fd4be60e2

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:44:54 GMT
content-encoding
gzip
server
nginx/1.10.3
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
ac
www8.smartadserver.com/ 		16 B
405 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www8.smartadserver.com/ac?pgid=692816&insid=5733718&tmstp=8143910718&out=js
Requested by
Host: ask.fm
URL: https://ask.fm/joinsleet68438
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
efded6408c7e64cd48c00b10bdd63b79539c5bb13a396b9f3773f71fe2d5a606

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:44:53 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://ask.fm
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/javascript; charset=UTF-8
transfer-encoding
chunked
/
ads.viralize.tv/player/ Frame 88B9 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.viralize.tv/player/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fask.fm&cbb=1655093997&sid=01ebbab011c7648c8b2a7f0c93bfdab1&experiment=ops.v&ahd=1&enable_branding=0&player_session=%7B%22page_id%22%3A%220179922d043c7868c2b3a09b07c70f0%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22width%22%3A432%2C%22height%22%3A243%7D%2C%22pub_platform%22%3A%22%22%7D&dd=ask.fm&sc=1&gdpr=1&cs=&cmp=unavailable
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.d7315bd0.js?e=ops
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
a7438cac51e036cef83cfbf31e6d480e021a35013375e6956a3932a7373bc017

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:44:54 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
raven.min.js
cdn.ravenjs.com/3.17.0/ Frame 6665 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ravenjs.com/3.17.0/raven.min.js
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.d7315bd0.js?e=ops
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:44:54 GMT
content-encoding
gzip
last-modified
Thu, 13 Jul 2017 16:58:06 GMT
server
Fastly
age
26084
etag
"51d6eff0ea5151f41fa0e2f3310fc7c7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
9634
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.1/ Frame 6665 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.1/jquery.min.js
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.d7315bd0.js?e=ops
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 21:19:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23100
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34056
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 May 2022 21:19:54 GMT
polyfill.min.js
polyfill.io/v3/ Frame 6665 		72 B
561 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es5,es6,es7&flags=gated
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.d7315bd0.js?e=ops
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
9847545
detected-user-agent
Chrome/89.0.4389
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length
74
referrer-policy
origin-when-cross-origin
last-modified
Thu, 28 Jan 2021 00:45:25 GMT
date
Sat, 22 May 2021 03:44:54 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/89.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 6665 		334 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.d7315bd0.js?e=ops
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f70fee72f4b08b7a97e7740fc8bbc725f9877ce869b60a8e2f233327b52fb020
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:44:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117244
x-xss-protection
0
expires
Sat, 22 May 2021 03:44:54 GMT
viralize_player.min.fabab513.js
static.viralize.tv/ Frame 6665 		620 KB
180 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.viralize.tv/viralize_player.min.fabab513.js?e=ops
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.d7315bd0.js?e=ops
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
817384cf858af3b24293ea9cdce876477a4ec2e6bd1bd37ff7d0a4012f97f8f8

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:44:54 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UzZwiawvFQK0QGKXn3hbnc5nDg9xqsykLslK0I39OuMk8ImlvIoU94w4_QAxV0ZsQa7N617yhc2wPUEf8epnB3H6yuJBw
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
182957
last-modified
Fri, 21 May 2021 11:25:00 GMT
server
UploadServer
etag
"fabab513c32ae27db080ed8283cdc6d5"
vary
Accept-Encoding
x-goog-hash
crc32c=D/dkTg==, md5=+rq1E8Mq4n2wgO2Cg83G1Q==
x-goog-generation
1621596300129205
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-goog-stored-content-length
634663
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 21 Jun 2021 03:44:54 GMT
auto-user-sync
ads.stickyadstv.com/ 		43 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/auto-user-sync
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 22 May 2021 03:44:54 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1621655094057064-369
Expires
Sat, 22 May 2021 03:44:54 GMT
Cookie set vpaid
moevideo.biz/embed/ Frame 2237 		21 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/vpaid?token=23Vi%2Fovg%2FvKGA9q%2BAhLwWkk9WFZ0xjZqE5y6hDQGG9MGvkK%2BWxYx7zdhIpCnl4N5&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fjoinsleet68438&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1661/vpaid/vpaid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.76 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f9.moevideo.net
Software
nginx / PHP/5.5.38
Resource Hash
69e8c6eb354a3a62b1d19fc2020cab419b4820f6ea080463d89d47becfc070ae

Request headers

Host
moevideo.biz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ask.fm/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ask.fm/

Response headers

Server
nginx
Date
Sat, 22 May 2021 03:44:54 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.5.38
Set-Cookie
mvuid=7c1ac03fc5d0aff7f209;expires=Sun, 22-May-2022 06:44:54 GMT;Max-Age=31536000;path=/;SameSite=None mvsid=c9ec4b09-f297-4271-a6e3-456fb39d50d3;path=/;SameSite=None
X-My-Adv-Time
0.00189995765686
Expires
Thu, 19 Feb 1998 13:24:18 GMT
Last-Modified
Sat, 22 May 2021 03:44:54 GMT
Cache-Control
max-age=0
Pragma
no-cache
X-Mv-TryCache
0
X-My-App-Time
0.011
X-Mv-Embed-Version
1352
X-My-Name
s33
X-My-Reqtime
0.109
Content-Encoding
gzip
/
sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/ Frame 7946
Redirect Chain
  • https://sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/?rnd=82793291
  • https://sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/?rnd=82793291&rd=1
2 KB
949 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/?rnd=82793291&rd=1
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/js/?r=38454897532
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.149.178 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.178.149.119.168.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash
1814083bb325b29335bf9c69fd778305241678867ce6909aa3efae96c84345b7

Request headers

:method
GET
:authority
sync.richaudience.com
:scheme
https
:path
/b3adde1f4bbb31c3485562d6e3ddceb4/?rnd=82793291&rd=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ask.fm/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
pdid=35b8f4dd-e91c-4681-8ec9-1zz1621655094
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ask.fm/

Response headers

server
nginx/1.10.3
date
Sat, 22 May 2021 03:44:54 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
set-cookie
cmpsync=1; expires=Sat, 22-May-2021 03:44:59 GMT; Max-Age=5; path=/; domain=.richaudience.com; secure; HttpOnly; SameSite=None
content-encoding
gzip

Redirect headers

server
nginx/1.10.3
date
Sat, 22 May 2021 03:44:54 GMT
content-type
text/html; charset=UTF-8
location
https://sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/?rnd=82793291&rd=1
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
set-cookie
pdid=35b8f4dd-e91c-4681-8ec9-1zz1621655094; expires=Mon, 21-Jun-2021 03:44:54 GMT; Max-Age=2592000; path=/; domain=.richaudience.com; secure; HttpOnly; SameSite=None
/
track.adform.net/Serving/Cookie/ Frame 7946 		73 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Cookie/?adfaction=getjs;adfcookname=uid
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/?rnd=82793291&rd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
5d9e8cfd13ab9f3cb184ee716c93c4c007837b001ab17f762269a64b2d8958cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:44:54 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
180
expires
-1
/
sync.richaudience.com/5cabe097b3ebe2daf96e0f4655657171/ Frame 7946
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/richaudience
  • https://match.prod.bidr.io/cookie-sync/richaudience?_bee_ppp=1
  • https://sync.richaudience.com/5cabe097b3ebe2daf96e0f4655657171/?uid=AADlOk7BUPwAACzI4_pZWQ
95 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/5cabe097b3ebe2daf96e0f4655657171/?uid=AADlOk7BUPwAACzI4_pZWQ
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/?rnd=82793291&rd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.149.178 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.178.149.119.168.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:44:54 GMT
server
nginx/1.10.3
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/5cabe097b3ebe2daf96e0f4655657171/?uid=AADlOk7BUPwAACzI4_pZWQ
Date
Sat, 22 May 2021 03:44:54 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
/
sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/ Frame 7946
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.richaudience.com%2Fa939d25b950298d0a5d324cea4fcd3d1%2F%3Fuid%3D$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.richaudience.com%252Fa939d25b950298d0a5d324cea4fcd3d1%252F%253Fuid%253D%24UID
  • https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=2041951535173767810
95 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=2041951535173767810
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/?rnd=82793291&rd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.149.178 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.178.149.119.168.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:44:54 GMT
server
nginx/1.10.3
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Sat, 22 May 2021 03:44:54 GMT
X-Proxy-Origin
159.48.53.239; 159.48.53.239; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.236:80
AN-X-Request-Uuid
45f6d39c-2d54-4947-8e20-0e794583049e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=2041951535173767810
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
avjp
viralize-d.openx.net/v/1.0/ Frame 6665 		106 B
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://viralize-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fask.fm&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=590da720-c2d1-4840-b861-041bfb889433&nocache=1621655094502&gdpr_consent=&gdpr=1&schain=1.0%2C1!viralize.com%2C4704%2C1%2C%2C%2C&auid=544032750&vwd=640&vht=480
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.207.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:44:54 GMT
via
1.1 google
server
OXGW/16.207.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ask.fm
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 6665 		276 B
614 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
8637f09484addb912546f927d8a22820675942f84705510419524dc352563e06

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:44:54 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://ask.fm
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
translator
hbopenbid.pubmatic.com/ Frame 6665 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 22 May 2021 03:44:54 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
/
ads.viralize.tv/t-bid-opportunity/ Frame 6665 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ebbab011c7648c8b2a7f0c93bfdab1&item=YWRuXzY2OTIPtmNwRrKDbw%3D%3D.10.wp10sc1
Requested by
Host: ask.fm
URL: https://ask.fm/joinsleet68438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:44:54 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
ads.viralize.tv/t-bid-opportunity/ Frame 6665 		0
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ebbab011c7648c8b2a7f0c93bfdab1&item=YWRuXzY4Mzg0Shntk5pIig%3D%3D.1.wp1sc1
Requested by
Host: ask.fm
URL: https://ask.fm/joinsleet68438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:44:54 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
ads.viralize.tv/t-bid-opportunity/ Frame 6665 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ebbab011c7648c8b2a7f0c93bfdab1&item=YWRuXzY2NzY1nR1eGiRpXQ%3D%3D.13.wp13sc1
Requested by
Host: ask.fm
URL: https://ask.fm/joinsleet68438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:44:54 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
sync.richaudience.com/502e2341fac2c140295d7b3b0c915c8c/ Frame 7946 		95 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/502e2341fac2c140295d7b3b0c915c8c/?uid=
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/?rnd=82793291&rd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.149.178 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.178.149.119.168.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/?rnd=82793291&rd=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:44:54 GMT
server
nginx/1.10.3
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
65d7ca89b63ea91cc6f9.js
yastatic.net/partner-code-bundles/14704/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/14704/65d7ca89b63ea91cc6f9.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
83b9ce69a9267aa37d9fdfcbe4539fc9bae9ddafc91f82625c5e2284104203f2
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Origin
https://ask.fm
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:44:54 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
4205
last-modified
Thu, 20 May 2021 14:51:44 GMT
server
nginx/1.17.9
etag
"2068d3ea494c55128ab0864d467eea48"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 May 2051 10:18:10 GMT
5fd6f7d82a32bf9a115f.js
yastatic.net/partner-code-bundles/14704/ 		404 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/14704/5fd6f7d82a32bf9a115f.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
16fd695ea13329e84a86bff1ce2b9bc23d807ced7c4106a932521587b1dda33f
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Origin
https://ask.fm
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:44:54 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
88341
last-modified
Thu, 20 May 2021 14:51:44 GMT
server
nginx/1.17.9
etag
"6dc2a899b3e4fe6ed4b8a1b6201a9692"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 May 2051 10:18:10 GMT
c4eafe9fde631edbcfc8.js
yastatic.net/partner-code-bundles/14704/ 		252 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/14704/c4eafe9fde631edbcfc8.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
acefa93cfdc556413f965eec9bb9602e1f347c7ba5197f2b6e991c99ad65d59d
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Origin
https://ask.fm
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:44:54 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
43598
last-modified
Thu, 20 May 2021 14:51:44 GMT
server
nginx/1.17.9
etag
"99ef12c90c09e75ca2d01e8ef75bbbad"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 May 2051 10:18:10 GMT
1
mc.yandex.com/watch/48953915/ 		43 B
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/48953915/1?page-url=https%3A%2F%2Fask.fm%2Fjoinsleet68438&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A1%3Als%3A1249609047383%3Ahid%3A816800526%3Az%3A120%3Ai%3A20210522054454%3Aet%3A1621655095%3Ac%3A1%3Arn%3A869573195%3Au%3A1621655093990692247%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1621655092436%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C936%2C936%2C3%2C%3Adsn%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C936%2C936%2C3%2C%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621655095
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:44:54 GMT
last-modified
Sat, 22-May-2021 03:44:54 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 22-May-2021 03:44:54 GMT
652294
an.yandex.ru/meta/ 		141 B
747 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/meta/652294?grab=dG1heWVydmZ4YXJzZW5hdWx0IChAam9pbnNsZWV0Njg0MzgpIOKAlCBBc2sgbWUgYW55dGhpbmcgfCBBU0tmbQoxbWF5ZXJ2ZnhhcnNlbmF1bHQgCjJBYm91dCBtYXllcnZmeGFyc2VuYXVsdDogCjJtYXllcnZmeGFyc2VuYXVsdCBwaG90byBnYWxsZXJ5OiAKMiBBc2sgQGpvaW5zbGVldDY4NDM4IDogCjIgQWJvdXQgbWF5ZXJ2ZnhhcnNlbmF1bHQ6IAoyIG1heWVydmZ4YXJzZW5hdWx0IHBob3RvIGdhbGxlcnk6IAo%3D&target-ref=https%3A%2F%2Fask.fm%2Fjoinsleet68438&charset=utf-8&pcode-test-ids=363741%2C0%2C79%3B364539%2C0%2C32%3B356981%2C0%2C71%3B330396%2C0%2C96%3B351585%2C0%2C95&pcode-flags=%7B%22USE_WIDGET_FROM_PCODE%22%3Atrue%2C%22COMBO_HEADER%22%3A%22withoutHeader%22%2C%22SINGLE_CONTEXT_BLACKLIST%22%3A%5B%5D%2C%22USE_SUPERBUNDLE%22%3Atrue%2C%22USE_SMART_SSR%22%3A%221%22%2C%22SINGLE_CONTEXT%22%3Atrue%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22constructor%22%2C%22modernAdaptive%22%5D%2C%22SSR_UNIFORMAT%22%3A%221%22%2C%22SSR_PERCENT_LOGGING%22%3A0.1%2C%22ADAPTIVE_TOWER_VIDEO%22%3A%22exp%22%2C%22DEFAULT_BLACKLIST_PAGES%22%3A%5B%22419507%22%2C%22419506%22%2C%22106253%22%2C%22188382%22%2C%22189903%22%5D%2C%22COMBO_PACKSHOT_EXP%22%3A%22exp%22%2C%22LEADERBOARD_VIDEO%22%3A%22ctl%22%2C%22VIDEO_EARS_FLAGS%22%3A%22exp%22%2C%22RMP_POSTER_2%22%3A%22sticky%22%7D&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0Aconstructor%0AmodernAdaptive&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=3764775581621655094&duid=MTYyMTY1NTA5Mzk5MDY5MjI0Nw%3D%3D&imp-id=1&enable-flat-highlight=1&test-tag=202310139510786&ad-session-id=3589401621655094569&target-id=50597418&tga-with-creatives=1&pcode-version=14704&pcodever=14704&flash-ver=0&available-width=432&available-height=243&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.6%2C%22w%22%3A432%2C%22h%22%3A243%2C%22width%22%3A432%2C%22height%22%3A243%2C%22visible%22%3A1%2C%22left%22%3A584%2C%22top%22%3A802%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&uniformat=true&callback=Ya%5B1613482399891%5D
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
755423929b37a935963f16a27977257386956d30e99cbcbd37234583ca4407cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:44:54 GMT
content-encoding
gzip
last-modified
Sat, 22 May 2021 03:44:54 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1621655094613640-1060978541046413411600192-production-app-host-vla-pcode-95
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 22 May 2021 03:44:54 GMT
styles.css
moevideo.biz/embed/player/1661/skins/gray/ Frame 2237 		54 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/player/1661/skins/gray/styles.css
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=23Vi%2Fovg%2FvKGA9q%2BAhLwWkk9WFZ0xjZqE5y6hDQGG9MGvkK%2BWxYx7zdhIpCnl4N5&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fjoinsleet68438&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.76 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f9.moevideo.net
Software
nginx /
Resource Hash
8981b7634262efb2ccddde3aaf691c544eb2e2a9f95fe7f7976d6574a14999e4

Request headers

Referer
https://moevideo.biz/embed/vpaid?token=23Vi%2Fovg%2FvKGA9q%2BAhLwWkk9WFZ0xjZqE5y6hDQGG9MGvkK%2BWxYx7zdhIpCnl4N5&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fjoinsleet68438&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 03:44:54 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Apr 2021 12:16:35 GMT
Server
nginx
X-My-Name
s2
ETag
W/"60758ba3-d99f"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
X-My-Reqtime
0.000
mvplayer.min.js
moevideo.biz/embed/player/1661/ Frame 2237 		574 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/player/1661/mvplayer.min.js
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=23Vi%2Fovg%2FvKGA9q%2BAhLwWkk9WFZ0xjZqE5y6hDQGG9MGvkK%2BWxYx7zdhIpCnl4N5&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fjoinsleet68438&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.76 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f9.moevideo.net
Software
nginx /
Resource Hash
5ac8bf8a7a52ce541b0804f46220ad95e33b718a2e5c3d028bdf1434848d6731

Request headers

Referer
https://moevideo.biz/embed/vpaid?token=23Vi%2Fovg%2FvKGA9q%2BAhLwWkk9WFZ0xjZqE5y6hDQGG9MGvkK%2BWxYx7zdhIpCnl4N5&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fjoinsleet68438&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 03:44:54 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Apr 2021 12:17:46 GMT
Server
nginx
X-My-Name
s2
ETag
W/"60758bea-8f7eb"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Connection
keep-alive
X-My-Reqtime
0.000
set
playreplay.me/api/cookie/ Frame 2237 		0
332 B 		Script
General
Check archive.org
Download Go to
Full URL
https://playreplay.me/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%227c1ac03fc5d0aff7f209%22},{%22key%22:%22mvsid%22,%22value%22:%22c9ec4b09-f297-4271-a6e3-456fb39d50d3%22}]
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=23Vi%2Fovg%2FvKGA9q%2BAhLwWkk9WFZ0xjZqE5y6hDQGG9MGvkK%2BWxYx7zdhIpCnl4N5&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fjoinsleet68438&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.253 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 03:44:54 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
X-My-Reqtime
0.090
set
thesame.tv/api/cookie/ Frame 2237 		0
332 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thesame.tv/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%227c1ac03fc5d0aff7f209%22},{%22key%22:%22mvsid%22,%22value%22:%22c9ec4b09-f297-4271-a6e3-456fb39d50d3%22}]
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=23Vi%2Fovg%2FvKGA9q%2BAhLwWkk9WFZ0xjZqE5y6hDQGG9MGvkK%2BWxYx7zdhIpCnl4N5&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fjoinsleet68438&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.107 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f45.moevideo.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 03:44:55 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
X-My-Reqtime
0.089
set
moevideo.biz/api/cookie/ Frame 2237 		0
332 B 		Script
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%227c1ac03fc5d0aff7f209%22},{%22key%22:%22mvsid%22,%22value%22:%22c9ec4b09-f297-4271-a6e3-456fb39d50d3%22}]
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=23Vi%2Fovg%2FvKGA9q%2BAhLwWkk9WFZ0xjZqE5y6hDQGG9MGvkK%2BWxYx7zdhIpCnl4N5&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fjoinsleet68438&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.76 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f9.moevideo.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://moevideo.biz/embed/vpaid?token=23Vi%2Fovg%2FvKGA9q%2BAhLwWkk9WFZ0xjZqE5y6hDQGG9MGvkK%2BWxYx7zdhIpCnl4N5&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fjoinsleet68438&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 03:44:55 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
X-My-Reqtime
0.101
set
cs-0.moevideo.biz/api/cookie/ Frame 2237 		0
332 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cs-0.moevideo.biz/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%227c1ac03fc5d0aff7f209%22},{%22key%22:%22mvsid%22,%22value%22:%22c9ec4b09-f297-4271-a6e3-456fb39d50d3%22}]
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=23Vi%2Fovg%2FvKGA9q%2BAhLwWkk9WFZ0xjZqE5y6hDQGG9MGvkK%2BWxYx7zdhIpCnl4N5&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fjoinsleet68438&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
83.229.25.63 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 03:44:55 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
X-My-Reqtime
0.087
set
playreplay.net/api/cookie/ Frame 2237 		0
332 B 		Script
General
Check archive.org
Download Go to
Full URL
https://playreplay.net/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%227c1ac03fc5d0aff7f209%22},{%22key%22:%22mvsid%22,%22value%22:%22c9ec4b09-f297-4271-a6e3-456fb39d50d3%22}]
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=23Vi%2Fovg%2FvKGA9q%2BAhLwWkk9WFZ0xjZqE5y6hDQGG9MGvkK%2BWxYx7zdhIpCnl4N5&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fjoinsleet68438&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.191 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f31.moevideo.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 03:44:55 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
X-My-Reqtime
0.087
ext
video-library.showheroes.com/player/ Frame 6665 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video-library.showheroes.com/player/ext?sh_pe=publisher&player_id=eb49cfb1-fe01-4d2d-bafe-5433cfc9ddac&pageurl=https%3A%2F%2Fask.fm&rnd=1621655094&gdpr_consent=&gdpr_applies=1
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
167.233.6.13 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
253bb291bfe03dfc9067c219d650814c60d561f7adb312ae6e3bb463e4d03206

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:44:54 GMT
content-encoding
gzip
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, User-Agent, Origin
content-security-policy-report-only
report-to default
access-control-allow-methods
OPTIONS,POST,GET
pragma
no-cache
server
nginx/1.18.0
access-control-max-age
604800
report-to
{ "group": "default", "endpoints": [ { "url": "https://receiver-hetzner.showheroes.com/reports" } ], "max_age": 3600, "include_subdomains": true }
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://ask.fm
cache-control
must-revalidate, private
access-control-allow-credentials
true
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-shard-server
showheroes.com
expires
-1
/
ads.viralize.tv/t-bid-opportunity/ Frame 6665 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ebbab011c7648c8b2a7f0c93bfdab1&item=YWRuXzY4NjAurvyWUMvxHw%3D%3D.2.wp2sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:44:54 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
ads.viralize.tv/track/ Frame 6665 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebbab011c7648c8b2a7f0c93bfdab1%3A0%3AYWRuXzY4Mzg0Shntk5pIig%3D%3D~wp1sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzY4Mzg0Shntk5pIig%3D%3D~wp1sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebbab011c7648c8b2a7f0c93bfdab1%3A0%3AYWRuXzY2OTIPtmNwRrKDbw%3D%3D~wp10sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzY2OTIPtmNwRrKDbw%3D%3D~wp10sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebbab011c7648c8b2a7f0c93bfdab1%3A0%3AYWRuXzY2NzY1nR1eGiRpXQ%3D%3D~wp13sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzY2NzY1nR1eGiRpXQ%3D%3D~wp13sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:44:54 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
/
ads.viralize.tv/t-bid-done/ Frame 6665 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-done/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&item=YWRuXzY4NjAurvyWUMvxHw%3D%3D&sc=wp2sc1&l=vpaid&as=ShowHeroes%20AdHero&ct=application%2Fjavascript&sid=01ebbab011c7648c8b2a7f0c93bfdab1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:44:54 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
vpaid-shplayer.js
static.showheroes.com/ Frame 487D 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.showheroes.com/vpaid-shplayer.js
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_player.min.fabab513.js?e=ops
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
540c450b5062bc620bd54e430f6cab4f31379f9efa5bfe35b2e1829d71732a89

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:44:54 GMT
content-encoding
gzip
last-modified
Fri, 21 May 2021 09:51:32 GMT
etag
"1621590692"
x-hw
1621655094.dop122.fr8.t,1621655094.cds283.fr8.hn,1621655094.cds263.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
content-length
2718
publishertag.js
static.showheroes.com/ Frame D7A9 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.showheroes.com/publishertag.js
Requested by
Host: static.showheroes.com
URL: https://static.showheroes.com/vpaid-shplayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
cce1318e6809c9b05c308f5139b32f0bfd73a5854babcf2514f7d68b0f20f8da

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:44:54 GMT
content-encoding
gzip
last-modified
Fri, 21 May 2021 09:51:32 GMT
etag
"1621590692"
x-hw
1621655094.dop122.fr8.t,1621655094.cds283.fr8.hn,1621655094.cds147.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
content-length
3320
/
ads.viralize.tv/track/ Frame 6665 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_done%22%2C%22session_id%22%3A%2201ebbab011c7648c8b2a7f0c93bfdab1%3A0%3AYWRuXzY4NjAurvyWUMvxHw%3D%3D~wp2sc1%3A0%22%2C%22bid_done_id%22%3A%220%22%2C%22label%22%3A%22bid_selected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:44:54 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9280.yT3N2nPx70bTT1H40nklBS6u8_MUr6yD2KugNwaSF7VYP8JnLkVTGfu6U91-m9oA.aq7vIXTiYkMkANKA21P8FmNw55o%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9280.UvcgVZmLBYNwsNLrSdq5zQLGyHZEKPapi9YPVXxdbrr_3kjKqkL4vgW4ayov_wg7I96KoN4cxJnH1IsVNHpJWKnyrb9OxIEZ5i3eKTjHOsk%2C.JIrDsdtCHlUFN8XHAwyIqxdrv-M%2C
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=9280.Jjqd4fkGYv4eSS_83Odo0Edju9zr9xkEWlDhQazCMRNHaf_fe8n-EmTfzBNDumQ7mpma4TisuKX_b7Yk1O4ItQ%2C%2C.9eFUQtP-9Xlg_Jyed...
43 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=9280.Jjqd4fkGYv4eSS_83Odo0Edju9zr9xkEWlDhQazCMRNHaf_fe8n-EmTfzBNDumQ7mpma4TisuKX_b7Yk1O4ItQ%2C%2C.9eFUQtP-9Xlg_JyedRyCfciNtuk%2C
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:44:55 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=9280.Jjqd4fkGYv4eSS_83Odo0Edju9zr9xkEWlDhQazCMRNHaf_fe8n-EmTfzBNDumQ7mpma4TisuKX_b7Yk1O4ItQ%2C%2C.9eFUQtP-9Xlg_JyedRyCfciNtuk%2C
date
Sat, 22 May 2021 03:44:55 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
pubtag.js
static.showheroes.com/ Frame D7A9 		160 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.showheroes.com/pubtag.js?rnd=05834558233378395
Requested by
Host: static.showheroes.com
URL: https://static.showheroes.com/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
e14924be53155841f0773e10a9cdfa1cc672a251f807a131293e9e3c30542a0a

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:44:54 GMT
content-encoding
gzip
last-modified
Fri, 21 May 2021 09:51:32 GMT
etag
"1621590692"
x-hw
1621655094.dop122.fr8.t,1621655094.cds283.fr8.hn,1621655094.cds291.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
content-length
45455
storage.html
moe.video/ Frame 1EEF 		18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moe.video/storage.html?v=08
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1661/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.106.11 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Host
moe.video
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://moevideo.biz/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://moevideo.biz/

Response headers

Server
nginx
Date
Sat, 22 May 2021 03:44:55 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Fri, 07 May 2021 20:13:21 GMT
ETag
W/"60959f61-4783"
X-My-Name
s1
X-My-Reqtime
0.087
X-B-Name
f39
Content-Encoding
gzip
truncated
/ Frame 2237 		313 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6add357eb64adef558f956767816927de0b8be69dd7a8f50953a0f79ee20daee

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
jstracer
an.yandex.ru/ 		2 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/jstracer
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
2
x-xss-protection
1; mode=block
652294
an.yandex.ru/meta/ 		141 B
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/meta/652294?grab=dG1heWVydmZ4YXJzZW5hdWx0IChAam9pbnNsZWV0Njg0MzgpIOKAlCBBc2sgbWUgYW55dGhpbmcgfCBBU0tmbQoxbWF5ZXJ2ZnhhcnNlbmF1bHQgCjJBYm91dCBtYXllcnZmeGFyc2VuYXVsdDogCjJtYXllcnZmeGFyc2VuYXVsdCBwaG90byBnYWxsZXJ5OiAKMiBBc2sgQGpvaW5zbGVldDY4NDM4IDogCjIgQWJvdXQgbWF5ZXJ2ZnhhcnNlbmF1bHQ6IAoyIG1heWVydmZ4YXJzZW5hdWx0IHBob3RvIGdhbGxlcnk6IAo%3D&target-ref=https%3A%2F%2Fask.fm%2Fjoinsleet68438&charset=utf-8&pcode-test-ids=363741%2C0%2C79%3B364539%2C0%2C32%3B356981%2C0%2C71%3B330396%2C0%2C96%3B351585%2C0%2C95&pcode-flags=%7B%22USE_WIDGET_FROM_PCODE%22%3Atrue%2C%22COMBO_HEADER%22%3A%22withoutHeader%22%2C%22SINGLE_CONTEXT_BLACKLIST%22%3A%5B%5D%2C%22USE_SUPERBUNDLE%22%3Atrue%2C%22USE_SMART_SSR%22%3A%221%22%2C%22SINGLE_CONTEXT%22%3Atrue%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22constructor%22%2C%22modernAdaptive%22%5D%2C%22SSR_UNIFORMAT%22%3A%221%22%2C%22SSR_PERCENT_LOGGING%22%3A0.1%2C%22ADAPTIVE_TOWER_VIDEO%22%3A%22exp%22%2C%22DEFAULT_BLACKLIST_PAGES%22%3A%5B%22419507%22%2C%22419506%22%2C%22106253%22%2C%22188382%22%2C%22189903%22%5D%2C%22COMBO_PACKSHOT_EXP%22%3A%22exp%22%2C%22LEADERBOARD_VIDEO%22%3A%22ctl%22%2C%22VIDEO_EARS_FLAGS%22%3A%22exp%22%2C%22RMP_POSTER_2%22%3A%22sticky%22%7D&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0Aconstructor%0AmodernAdaptive&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=3764775581621655094&duid=MTYyMTY1NTA5Mzk5MDY5MjI0Nw%3D%3D&imp-id=2&enable-flat-highlight=1&test-tag=202310139510786&ad-session-id=3589401621655094569&target-id=96496780&tga-with-creatives=1&pcode-version=14704&pcodever=14704&flash-ver=0&available-width=432&available-height=243&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.6%2C%22w%22%3A432%2C%22h%22%3A243%2C%22width%22%3A432%2C%22height%22%3A243%2C%22visible%22%3A1%2C%22left%22%3A584%2C%22top%22%3A802%2C%22ad_no%22%3A0%2C%22req_no%22%3A1%7D&uniformat=true&callback=Ya%5B4921851558936%5D
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
7a0582f71b7fb7ca5165c2db6f3fee5377ed11db6702b9ae0fbad03f636451f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:44:55 GMT
content-encoding
gzip
last-modified
Sat, 22 May 2021 03:44:55 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1621655094966441-1766601686785300064300106-production-app-host-sas-pcode-83
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 22 May 2021 03:44:55 GMT
iframe
video-library.showheroes.com/spot/ Frame B1EA 		482 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video-library.showheroes.com/spot/iframe?pageurl=https%3A%2F%2Fask.fm&player=eb49cfb1-fe01-4d2d-bafe-5433cfc9ddac&player_type=publisher&debug=0&spsize=0x0&vpaid=1&footer=0&cmacros=%7B%22rpageurl%22%3A%22https%3A%2F%2Fask.fm%22%2C%22gdpr_applies%22%3A%221%22%2C%22user_consent_string%22%3A%22BO56w_lO56xKLAHABBENDW-AAAAyOAYAAqAB4AEEAJwAoABaADIAGkARABGACYAE8AKQAWwAxABvADmAH6AQABAgCGgFIAUoA4QCKAEdAKyAXUA%22%7D&native=true&consentData=BO56w_lO56xKLAHABBENDW-AAAAyOAYAAqAB4AEEAJwAoABaADIAGkARABGACYAE8AKQAWwAxABvADmAH6AQABAgCGgFIAUoA4QCKAEdAKyAXUA&gdprApplies=1
Requested by
Host: static.showheroes.com
URL: https://static.showheroes.com/pubtag.js?rnd=05834558233378395
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
167.233.6.13 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
fea2310ed246a95c3b4ef9f216be5b04c2e29aa4e598ef5f1393ecbfecbeea19

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:44:55 GMT
content-encoding
gzip
content-security-policy-report-only
report-to default
server
nginx/1.18.0
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{ "group": "default", "endpoints": [ { "url": "https://receiver-hetzner.showheroes.com/reports" } ], "max_age": 3600, "include_subdomains": true }
content-type
application/javascript; charset=utf-8
cache-control
private, must-revalidate
x-shard-server
showheroes.com
expires
-1
litmus.mp4
static.showheroes.com/ Frame D7A9 		3 KB
3 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.showheroes.com/litmus.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
cff86d9a03a25977318fbeef5799b8f0122cff4b763f58507cef01891d2de01a

Request headers

Referer
https://ask.fm/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Sat, 22 May 2021 03:44:54 GMT
last-modified
Tue, 08 Aug 2017 17:16:18 GMT
access-control-allow-origin
*
etag
"1502212578"
x-hw
1621655094.dop122.fr8.t,1621655094.cds283.fr8.hn,1621655094.cds270.fr8.c
content-type
video/mp4
Content-Range
bytes 0-2699/2700
cache-control
max-age=300
accept-ranges
bytes
Content-Length
2700
pcmd.js
arv2.showheroes.com/v1/ Frame B1EA 		32 B
284 B 		Script
General
Check archive.org
Download Go to
Full URL
https://arv2.showheroes.com/v1/pcmd.js?ref=https%3A%2F%2Fask.fm
Requested by
Host: video-library.showheroes.com
URL: https://video-library.showheroes.com/spot/iframe?pageurl=https%3A%2F%2Fask.fm&player=eb49cfb1-fe01-4d2d-bafe-5433cfc9ddac&player_type=publisher&debug=0&spsize=0x0&vpaid=1&footer=0&cmacros=%7B%22rpageurl%22%3A%22https%3A%2F%2Fask.fm%22%2C%22gdpr_applies%22%3A%221%22%2C%22user_consent_string%22%3A%22BO56w_lO56xKLAHABBENDW-AAAAyOAYAAqAB4AEEAJwAoABaADIAGkARABGACYAE8AKQAWwAxABvADmAH6AQABAgCGgFIAUoA4QCKAEdAKyAXUA%22%7D&native=true&consentData=BO56w_lO56xKLAHABBENDW-AAAAyOAYAAqAB4AEEAJwAoABaADIAGkARABGACYAE8AKQAWwAxABvADmAH6AQABAgCGgFIAUoA4QCKAEdAKyAXUA&gdprApplies=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.30.201 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.19.2 / PHP/7.3.22
Resource Hash
d89ffae99980c82d292faa3c4870635189ec7b4bbaf400412032a66c5a3bceba
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:44:55 GMT
content-encoding
gzip
server
nginx/1.19.2
x-powered-by
PHP/7.3.22
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
no-store, private
strict-transport-security
max-age=15724800; includeSubDomains
getuid
sync.showheroes.com/ Frame B1EA
Redirect Chain
  • https://sync.showheroes.com/getuid?gdpr=1&gdpr_consent=BO56w_lO56xKLAHABBENDW-AAAAyOAYAAqAB4AEEAJwAoABaADIAGkARABGACYAE8AKQAWwAxABvADmAH6AQABAgCGgFIAUoA4QCKAEdAKyAXUA
  • https://sync.showheroes.com/getuid?gdpr=1&gdpr_consent=BO56w_lO56xKLAHABBENDW-AAAAyOAYAAqAB4AEEAJwAoABaADIAGkARABGACYAE8AKQAWwAxABvADmAH6AQABAgCGgFIAUoA4QCKAEdAKyAXUA&q=%2Fgetuid&cvrd=1
43 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.showheroes.com/getuid?gdpr=1&gdpr_consent=BO56w_lO56xKLAHABBENDW-AAAAyOAYAAqAB4AEEAJwAoABaADIAGkARABGACYAE8AKQAWwAxABvADmAH6AQABAgCGgFIAUoA4QCKAEdAKyAXUA&q=%2Fgetuid&cvrd=1
Requested by
Host: ask.fm
URL: https://ask.fm/joinsleet68438
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
167.233.6.13 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 / PHP/7.3.22
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:44:55 GMT
server
nginx/1.18.0
x-powered-by
PHP/7.3.22
access-control-max-age
0
access-control-allow-methods
OPTIONS,POST,GET
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
access-control-allow-credentials
true
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

Redirect headers

date
Sat, 22 May 2021 03:44:55 GMT
server
nginx/1.18.0
location
http://sync.showheroes.com/getuid?gdpr=1&gdpr_consent=BO56w_lO56xKLAHABBENDW-AAAAyOAYAAqAB4AEEAJwAoABaADIAGkARABGACYAE8AKQAWwAxABvADmAH6AQABAgCGgFIAUoA4QCKAEdAKyAXUA&q=%2Fgetuid&cvrd=1
x-powered-by
PHP/7.3.22
access-control-max-age
0
access-control-allow-methods
OPTIONS,POST,GET
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, private
access-control-allow-credentials
true
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
default.js
ups.xplosion.de/loader/44907/ Frame B1EA
Redirect Chain
  • https://dyn.emetriq.de/loader/44907/default.js?vendorId=213&vendorRestr=1,9&gdpr_consent=BO56w_lO56xKLAHABBENDW-AAAAyOAYAAqAB4AEEAJwAoABaADIAGkARABGACYAE8AKQAWwAxABvADmAH6AQABAgCGgFIAUoA4QCKAEdAKyA...
  • https://ups.xplosion.de/loader/44907/default.js?vendorId=213&vendorRestr=1,9&gdpr_consent=BO56w_lO56xKLAHABBENDW-AAAAyOAYAAqAB4AEEAJwAoABaADIAGkARABGACYAE8AKQAWwAxABvADmAH6AQABAgCGgFIAUoA4QCKAEdAKy...
868 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ups.xplosion.de/loader/44907/default.js?vendorId=213&vendorRestr=1,9&gdpr_consent=BO56w_lO56xKLAHABBENDW-AAAAyOAYAAqAB4AEEAJwAoABaADIAGkARABGACYAE8AKQAWwAxABvADmAH6AQABAgCGgFIAUoA4QCKAEdAKyAXUA&gdpr=1
Requested by
Host: ask.fm
URL: https://ask.fm/joinsleet68438
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.54.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-54-187.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d658bab407fdb5b6ea79b6c3b7412199dbf00416d7b94ea46c57d5e56a9b1cca

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 22 May 2021 03:44:55 GMT
cache-control
must-revalidate,no-cache,no-store
content-type
text/javascript
content-length
868
p3p
CP="NOI DSP COR NID PSAo OUR SAMo BUS"

Redirect headers

location
https://ups.xplosion.de:443/loader/44907/default.js?vendorId=213&vendorRestr=1,9&gdpr_consent=BO56w_lO56xKLAHABBENDW-AAAAyOAYAAqAB4AEEAJwAoABaADIAGkARABGACYAE8AKQAWwAxABvADmAH6AQABAgCGgFIAUoA4QCKAEdAKyAXUA&gdpr=1
date
Sat, 22 May 2021 03:44:55 GMT
server
awselb/2.0
content-length
110
content-type
text/html
report-video
receiver-hetzner.showheroes.com/events/ Frame B1EA 		43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://receiver-hetzner.showheroes.com/events/report-video?event=loaded&rnd=11173199&player_id=eb49cfb1-fe01-4d2d-bafe-5433cfc9ddac&sh_adhsu=0&player_type=publisher&player_engine=native&device_size=small&publisherid=&gdpr=1&sh_wilt=1621655095&sh_shcn=a&sh_ss=[SH_SS]&sh_pvr=0.2&sas_ontid=[sas_ontid]&pageurl=https%3A%2F%2Fask.fm
Requested by
Host: ask.fm
URL: https://ask.fm/joinsleet68438
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
167.233.6.13 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:44:55 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
server
nginx/1.18.0
content-length
43
content-type
image/gif
prebid.v1.js
static.showheroes.com/ Frame D7A9 		272 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.showheroes.com/prebid.v1.js
Requested by
Host: static.showheroes.com
URL: https://static.showheroes.com/pubtag.js?rnd=05834558233378395
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
a4705fdb580e2e4a07465c93e15812fc8f9ba210ed3cf884a19e540348817305

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:44:55 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 10:39:39 GMT
etag
"1621507179"
x-hw
1621655095.dop122.fr8.t,1621655095.cds283.fr8.hn,1621655095.cds016.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
content-length
89493
652294
mc.yandex.com/watch/ 		148 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/652294?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fjoinsleet68438&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A2%3Adp%3A1%3Als%3A1164714648799%3Ahid%3A816800526%3Az%3A120%3Ai%3A20210522054454%3Aet%3A1621655095%3Ac%3A1%3Arn%3A655745187%3Au%3A1621655093990692247%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1621655092436%3Anp%3ATGludXggeDg2XzY0%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621655095%3At%3Amayervfxarsenault%20(%40joinsleet68438)%20%E2%80%94%20Ask%20me%20anything%20%7C%20ASKfm
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
176e4029787198a3a9f1a28252d1caaad487fa0ecc0b81c85647f243eb205c42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:44:55 GMT
x-content-type-options
nosniff
last-modified
Sat, 22-May-2021 03:44:55 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
148
x-xss-protection
1; mode=block
expires
Sat, 22-May-2021 03:44:55 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame D7A9 		2 KB
1011 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210522
Requested by
Host: static.showheroes.com
URL: https://static.showheroes.com/prebid.v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
629ae7ea2d3b37d20dbe091139a589730f71f03dcc7e96b26625a1186944788e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
37452
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
942
etag
W/"69c-E36ZA3rHOjYEqJ4zLEUELdsGSgU"
x-served-by
cache-fra19182-FRA
date
Sat, 22 May 2021 03:44:55 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
sync_cookie_image_check
mc.yandex.com/ 		43 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_check
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:44:55 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif
1
mc.yandex.com/watch/652294/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/652294/1?page-url=https%3A%2F%2Fask.fm%2Fjoinsleet68438&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A2%3Adp%3A1%3Als%3A1164714648799%3Ahid%3A816800526%3Az%3A120%3Ai%3A20210522054455%3Aet%3A1621655095%3Ac%3A1%3Arn%3A1069364224%3Au%3A1621655093990692247%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1621655092436%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621655095
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:44:55 GMT
last-modified
Sat, 22-May-2021 03:44:55 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 22-May-2021 03:44:55 GMT
652294
mc.yandex.com/watch/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/652294?page-url=https%3A%2F%2Fask.fm%2Fjoinsleet68438&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A733%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A2%3Adp%3A1%3Als%3A1164714648799%3Ahid%3A816800526%3Az%3A120%3Ai%3A20210522054455%3Aet%3A1621655095%3Ac%3A1%3Arn%3A467113488%3Au%3A1621655093990692247%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1621655092436%3Ads%3A1%2C292%2C188%2C1%2C0%2C0%2C%2C139%2C96%2C936%2C936%2C3%2C624%3Adsn%3A1%2C293%2C187%2C1%2C0%2C0%2C%2C142%2C95%2C936%2C936%2C3%2C625%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621655095%3At%3Amayervfxarsenault%20(%40joinsleet68438)%20%E2%80%94%20Ask%20me%20anything%20%7C%20ASKfm
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:44:55 GMT
last-modified
Sat, 22-May-2021 03:44:55 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 22-May-2021 03:44:55 GMT
analytics.js
www.google-analytics.com/ Frame 2237 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=23Vi%2Fovg%2FvKGA9q%2BAhLwWkk9WFZ0xjZqE5y6hDQGG9MGvkK%2BWxYx7zdhIpCnl4N5&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fjoinsleet68438&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
4683
date
Sat, 22 May 2021 02:26:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Sat, 22 May 2021 04:26:52 GMT
ads-async.js
ad.mail.ru/static/ Frame 2237 		197 B
489 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/static/ads-async.js
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=23Vi%2Fovg%2FvKGA9q%2BAhLwWkk9WFZ0xjZqE5y6hDQGG9MGvkK%2BWxYx7zdhIpCnl4N5&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fjoinsleet68438&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
66d1c7aa064387309678f78ae89291315e156ae7a6247f84b8813cd2a23d9318

Request headers

Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 03:44:55 GMT
Server
nginx
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=600
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
197
Expires
Sat, 22 May 2021 03:54:55 GMT
AdRiverFPS_MV.js
content.adriver.ru/banners/0007207/0007207973/0/ Frame 2237 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.adriver.ru/banners/0007207/0007207973/0/AdRiverFPS_MV.js?id1=7c1ac03fc5d0aff7f209
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=23Vi%2Fovg%2FvKGA9q%2BAhLwWkk9WFZ0xjZqE5y6hDQGG9MGvkK%2BWxYx7zdhIpCnl4N5&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fjoinsleet68438&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
83.222.14.222 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software
nginx /
Resource Hash
c95123ccc9890a5ac5dba9d9060abc099e1fcb9f7e1043c675188ac12942616f

Request headers

Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:44:55 GMT
last-modified
Fri, 09 Apr 2021 14:49:31 GMT
server
nginx
etag
"6070697b-26a8"
content-type
application/x-javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
9896
expires
Sat, 22 May 2021 04:44:55 GMT
389706
ad.mail.ru/vast/ Frame 2237 		0
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/389706?pr=4657049&sc=2453591051&dl=https%3A%2F%2Fmoevideo.biz%2Fembed%2Fvpaid%3Ftoken%3D23Vi%252Fovg%252FvKGA9q%252BAhLwWkk9WFZ0xjZqE5y6hDQGG9MGvkK%252BWxYx7zdhIpCnl4N5%26ref%3Dviads-ask.fm%26title%3D%26duration%3D0%26test%3D0%26proxyVars%255Breferer%255D%3Dhttps%253A%252F%252Fask.fm%252Fjoinsleet68438%26impressionAfterPaid%3D1%26muteVisibleCheck%3D1%26vl%3D1%26es%3D1%26mvver%3D1661
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1661/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 03:44:55 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
p.min.js
cdn.xplosion.de/adp/profiling/0.2.68/ Frame B1EA 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.xplosion.de/adp/profiling/0.2.68/p.min.js
Requested by
Host: dyn.emetriq.de
URL: https://dyn.emetriq.de/loader/44907/default.js?vendorId=213&vendorRestr=1,9&gdpr_consent=BO56w_lO56xKLAHABBENDW-AAAAyOAYAAqAB4AEEAJwAoABaADIAGkARABGACYAE8AKQAWwAxABvADmAH6AQABAgCGgFIAUoA4QCKAEdAKyAXUA&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:4400:e:29d5:db00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b545ba8ec738538426fee411cf45788a539a6332baea682257b1e2f371e54d

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
f253FphS_ziourJz9_bIKI1XXEOokBYM
content-encoding
gzip
last-modified
Tue, 29 Sep 2020 11:36:26 GMT
server
AmazonS3
age
40429
etag
W/"e896f28601649705582330a5315e7ab7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
cache-control
max-age=31536000, no-transform, public
date
Fri, 21 May 2021 16:31:07 GMT
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
V7qaefjYRw8UFdRGbmzLW_EmAnFm5icuQ-1px87qhZ-4hS1uTOO7VA==
data
ups.xplosion.de/ Frame B1EA 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ups.xplosion.de/data?title=&hostSiteUrl=https%3A%2F%2Fask.fm%2Fjoinsleet68438&userAgent=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&userLang=en-US&color=24&os=Linux%20x86_64&timezone=-2&screen=1200x1600&event_id=page_view&gdpr=&gdpr_consent=&gdpr_success=1&gdpr_path=d&gdpr_is_ifr=true&gdpr_cmp_loc_1=false&gdpr_cmp_loc_2=false&_rfs=1&_sid=44907&_ver=0.2.68&_seg=jsonp&_=204151903675
Requested by
Host: cdn.xplosion.de
URL: https://cdn.xplosion.de/adp/profiling/0.2.68/p.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.54.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-54-187.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
daeb0df05d7e39e586d104948b94e640325bf2317685789c20286e6838efda6c

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 22 May 2021 03:44:55 GMT
cache-control
must-revalidate,no-cache,no-store
content-type
text/javascript
content-length
1300
p3p
CP="NOI DSP COR NID PSAo OUR SAMo BUS"
Cookie set conversion
ask.fm/signup/ 		11 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ask.fm/signup/conversion
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-25cdb27fab782e5ee837664296143f732b96d09cad09968e25ca99f1b163ae9d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.138.77.147 , Latvia, ASN395754 (ASK-FM, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
9f368bc5df489c49027f1f7d8f230089da338905fdfea2133e5f2314bd25f68f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
ask.fm
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
locale=en; uuid=c80b9fb9-eb36-40af-8162-fd1f3bc66f97; country=DE; traffic_source=organic; _m_ask_fm_session=Rk9WYWRld1FDN0haaUlQUk1KSEh1K0VIQVVUNlZ4U2NPcll0eXl4RHlZQ21teW5QVWlRSm5qRmUvY2RGOFA5UFNjV1daVGlNT3kyN0dKRHlKYXVma0dtVjhTT09uM05hU2RWREI0Z3BzTTAxeC9SR0E2Zm05b0x3cDArUmFGME5yck1weGhtc2R0K09iajNaVGRubE40dFo3RE1Ub09DWHlSQ0FvWVJ6N3VKZ0hjdzVIbUxLaVd1emlhY1R4b1JxckpzTnE5NW1ZU1VaRHRSR25mWHVpdjhRK3RPZStlTklZOVBFb0liNU9RQ2hWZ2hRb1dQYWdxTlR5Z1UxaXd6bS0tR2NQNk5NZFBad2Y0NXJYblBwb1VrUT09--eea450c0bb8e85acf0a3c370c11266272b6b46f2; _ym_uid=1621655093990692247; _ym_d=1621655093; _ym_isad=2; _ga=GA1.2.1706668700.1621655093; _gid=GA1.2.1637811573.1621655093; _gat_UA-12308109-15=1; _ym_visorc=w
Connection
keep-alive
Referer
https://ask.fm/joinsleet68438
Accept
*/*
Referer
https://ask.fm/joinsleet68438
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 03:44:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Ask.FM Web Service
ETag
W/"06a55a578e9542fa61b73e7734f23050"
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=utf-8
Status
200 OK
Set-Cookie
locale=en; path=/; expires=Sun, 22 May 2022 09:44:55 -0000 tutm=utm_medium%3Dconversion_desktop_personalization_19; path=/; expires=Mon, 24 May 2021 03:44:55 -0000 _m_ask_fm_session=ekVKWjBicTNmblpvSmdzRm9vT3pHaU1nK2xKbWdQL3piS29oU1FNb0orWVNBY3R0c0ZoVjBjeTRPS0ZYclhxalhPd21pQzUwdktBZXBuOHdWWXdJaURIZjlVaGk2RUFGTlVnb21tNDFjclRORVhyOHdlRUdZK20wdTAzR0p2d3czWVNmc1VVck95ZllKaE5VNkQ2b21MNm5aT05lMnJvRjd3ZDB6dUEvNENTbGNSSHdsZjhFUDgzZ1l3cUpmVDdYekVlUlZnV2cwMlBST1ozTmF2T2ZUemp6SExocFdlQlNJUFB4cithclYvS3BWYjhDV3NyMy9BOXduUkc1Qlg5YjdVcVM4REUwZ2wyeXRjbTFEYk5Yd0E9PS0tVHR6VkNLcDNrN1FRcjZWZkh4U3FlQT09--071d9ed0a45bd272409b3f45ee8f57acba85e0bf; path=/; expires=Tue, 25 May 2021 03:44:55 -0000; secure; HttpOnly
Cache-Control
max-age=0, private, must-revalidate
Transfer-Encoding
chunked
Content-Security-Policy
frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security
max-age=63072000
X-XSS-Protection
1; mode=block
362146
ad.mail.ru/vast/ Frame 2237 		0
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/362146?rand=98648&sc=2453591051&dl=https%3A%2F%2Fask.fm%2Fjoinsleet68438
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1661/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 03:44:55 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
04C5EF.js
r.mradx.net/img/BD/ Frame 2237 		119 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r.mradx.net/img/BD/04C5EF.js
Requested by
Host: ad.mail.ru
URL: https://ad.mail.ru/static/ads-async.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a00:1148:db00::28 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
ea28e1aaa70b7a1ef1e0e6d4f64e1104742ced233b3ee7b2d131f033cca66bca

Request headers

Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 03:44:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 09:46:15 GMT
Server
nginx
ETag
W/"60892ee7-1dc47"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Connection
keep-alive
Timing-Allow-Origin
*
Expires
Thu, 31 Dec 2037 23:55:55 GMT
json.cgi
ad.adriver.ru/cgi-bin/ Frame 2237 		384 B
1022 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.adriver.ru/cgi-bin/json.cgi?sid=1&ad=719473&bt=55&pid=3198680&bid=7189165&bn=7189165&custom=300=0;301=0;302=0;303=unavail;304=0;305=7c1ac03fc5d0aff7f209;306=;307=;308=0;309=0
Requested by
Host: content.adriver.ru
URL: https://content.adriver.ru/banners/0007207/0007207973/0/AdRiverFPS_MV.js?id1=7c1ac03fc5d0aff7f209
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.108.46 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
ec023248e603b84816e2a3e33039064f1ddfcc5f6f48484205e83fabe3597f40

Request headers

Referer
https://moevideo.biz/embed/vpaid?token=23Vi%2Fovg%2FvKGA9q%2BAhLwWkk9WFZ0xjZqE5y6hDQGG9MGvkK%2BWxYx7zdhIpCnl4N5&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fjoinsleet68438&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 22 May 2021 03:44:55 GMT
Transfer-Encoding
chunked
P3P
policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Access-Control-Allow-Origin
https://moevideo.biz
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
adx.adform.net/adx/ Frame D7A9 		5 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEwNTA1ODUmY3VycmVuY3k9RVVSJnRyYW5zYWN0aW9uSWQ9YjY5NmM3MjgtZWYxOC00OWE0LThjODgtMjZiMzA1ODRmMzZkJnJjdXI9RVVS&pt=gross&stid=12a655c2-e865-4d9c-95df-0d05fd1212b2&gdpr=1&gdpr_consent=BO56w_lO56xKLAHABBENDW-AAAAyOAYAAqAB4AEEAJwAoABaADIAGkARABGACYAE8AKQAWwAxABvADmAH6AQABAgCGgFIAUoA4QCKAEdAKyAXUA&fd=1
Requested by
Host: static.showheroes.com
URL: https://static.showheroes.com/prebid.v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:44:55 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
48953915
mc.yandex.com/webvisor/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=1&wv-hit=816800526&page-url=https%3A%2F%2Fask.fm%2Fjoinsleet68438&rn=450064314&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1621655096%3Aw%3A1600x1200%3Av%3A504%3Az%3A120%3Ai%3A20210522054455%3Au%3A1621655093990692247%3Avf%3A5gv0p5rfujionf9a%3Awe%3A1%3Ati%3A2%3Ast%3A1621655096
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:44:55 GMT
last-modified
Sat, 22-May-2021 03:44:55 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 22-May-2021 03:44:55 GMT
48953915
mc.yandex.com/webvisor/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=1&wv-hit=816800526&page-url=https%3A%2F%2Fask.fm%2Fjoinsleet68438&rn=326916196&wv-type=5&browser-info=gdpr%3A14%3Aet%3A1621655096%3Aw%3A1600x1200%3Av%3A504%3Az%3A120%3Ai%3A20210522054455%3Au%3A1621655093990692247%3Avf%3A5gv0p5rfujionf9a%3Awe%3A1%3Ati%3A2%3Ast%3A1621655096
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:44:55 GMT
last-modified
Sat, 22-May-2021 03:44:55 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 22-May-2021 03:44:55 GMT
noAvatar-c233d6098087425dfeea8f690fd936de6b3cb2dc9fda991b0a5051169d334399.png
d3r6ceqp4shltl.cloudfront.net/assets/ 		956 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3r6ceqp4shltl.cloudfront.net/assets/noAvatar-c233d6098087425dfeea8f690fd936de6b3cb2dc9fda991b0a5051169d334399.png
Requested by
Host: ask.fm
URL: https://ask.fm/joinsleet68438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218e:a200:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
c233d6098087425dfeea8f690fd936de6b3cb2dc9fda991b0a5051169d334399
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 11:15:13 GMT
via
1.1 ba7789e51500bb7b69a0c33a90aec411.cloudfront.net (CloudFront)
age
7403382
x-cache
Hit from cloudfront
access-control-max-age
3000
content-length
956
last-modified
Wed, 06 Sep 2017 12:36:34 GMT
server
Ask.FM Web Service
etag
"59afebd2-3bc"
strict-transport-security
max-age=63072000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
https://ask.fm
cache-control
public, max-age=315360000, immutable
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
CDG52-P1
accept-ranges
bytes
x-amz-cf-id
W4VeM8Kxxe6QQTug5f19L_YjFL_bR1KzuqD5NlNVEcnHwCW6m8UQsQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
button_app_store-3929e571584ac404ba32c11166c577244729dbd1e4189320e124126366224f08.png
d3r6ceqp4shltl.cloudfront.net/assets/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3r6ceqp4shltl.cloudfront.net/assets/button_app_store-3929e571584ac404ba32c11166c577244729dbd1e4189320e124126366224f08.png
Requested by
Host: ask.fm
URL: https://ask.fm/joinsleet68438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218e:a200:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
3929e571584ac404ba32c11166c577244729dbd1e4189320e124126366224f08
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 17:07:55 GMT
via
1.1 ba7789e51500bb7b69a0c33a90aec411.cloudfront.net (CloudFront)
age
2543820
x-cache
Hit from cloudfront
access-control-max-age
3000
content-length
2309
last-modified
Wed, 28 Oct 2020 11:38:17 GMT
server
Ask.FM Web Service
etag
"5f995829-905"
strict-transport-security
max-age=63072000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
https://ask.fm
cache-control
public, max-age=315360000, immutable
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
CDG52-P1
accept-ranges
bytes
x-amz-cf-id
tEdYLDbkP1SY3pnCKajXxMXO8jMq2oOvaD5L06k3A5hKmsOa7ntxnA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
button_google_play-467206f00105224e1a448a4ac9950cf1ad03988d92f95a03100b64c6feb17999.png
d3r6ceqp4shltl.cloudfront.net/assets/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3r6ceqp4shltl.cloudfront.net/assets/button_google_play-467206f00105224e1a448a4ac9950cf1ad03988d92f95a03100b64c6feb17999.png
Requested by
Host: ask.fm
URL: https://ask.fm/joinsleet68438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218e:a200:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
467206f00105224e1a448a4ac9950cf1ad03988d92f95a03100b64c6feb17999
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 11:14:52 GMT
via
1.1 ba7789e51500bb7b69a0c33a90aec411.cloudfront.net (CloudFront)
age
7403403
x-cache
Hit from cloudfront
access-control-max-age
3000
content-length
3404
last-modified
Wed, 28 Oct 2020 11:38:17 GMT
server
Ask.FM Web Service
etag
"5f995829-d4c"
strict-transport-security
max-age=63072000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
https://ask.fm
cache-control
public, max-age=315360000, immutable
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
CDG52-P1
accept-ranges
bytes
x-amz-cf-id
ZZIx-cKkcwVo_K5tpx-5vGtDSERDIuqUd9Sb4-WoR-63JZ4xFhXDaQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
ad.mail.ru/adq/ Frame 2237 		83 B
450 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/adq/?callback=mailru_ad1621655095648&q=199847&_=557885267
Requested by
Host: r.mradx.net
URL: https://r.mradx.net/img/BD/04C5EF.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
481c2637eba792334c80a394cc132c5886768484adc4780725c60dd3301de183

Request headers

Referer
https://moevideo.biz/embed/vpaid?token=23Vi%2Fovg%2FvKGA9q%2BAhLwWkk9WFZ0xjZqE5y6hDQGG9MGvkK%2BWxYx7zdhIpCnl4N5&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fjoinsleet68438&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 03:44:55 GMT
Content-Encoding
gzip
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Transfer-Encoding
chunked
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
private, no-cache, no-store
Connection
keep-alive
Timing-Allow-Origin
*
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1
Protocol
H2
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://ask.fm
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1699
date
Sat, 22 May 2021 03:44:55 GMT
content-encoding
gzip
vary
Accept-Encoding
optad360.js
serving.stat-rock.com/player/ 		303 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serving.stat-rock.com/player/optad360.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
ap8.adplayer.pro
Software
nginx /
Resource Hash
37afcc50aed647983a6e055ccfdcb8ffb5edc9f759d42330a10edb6585f971f7

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:44:56 GMT
content-encoding
gzip
last-modified
Wed, 12 May 2021 07:13:31 GMT
server
nginx
etag
W/"609b801b-4bbf3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=600
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1
  • https://mug.criteo.com/sid?cpp=tp6YGXxPY2JubFd0eHBMZjlXd1hHNGhVL3hUYTJObHA2VmhTVU9OaTBSbGgvM015OTN6dHBzdDVqRVdMSVd4bllFcmxWejAyUi84Rkxja1htc051WnRWNnpiVVJMalNoUDJwczVva1FMaDVvWm1acVhrTzBDeFQ3ZWk1Z0...
312 B
602 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=tp6YGXxPY2JubFd0eHBMZjlXd1hHNGhVL3hUYTJObHA2VmhTVU9OaTBSbGgvM015OTN6dHBzdDVqRVdMSVd4bllFcmxWejAyUi84Rkxja1htc051WnRWNnpiVVJMalNoUDJwczVva1FMaDVvWm1acVhrTzBDeFQ3ZWk1Z0NBd1BZT2NQNk1SRTBvaUdpcmJ0a2FnQW52cUllcG5JcnVkbC9YcW04TWxFUmp1a3pLcjViRkdhQTJFVEZ4WGs5TG5KZ0UyNi94TjhaTjdwWWFEZTBzTHlHY2tuYlhRPT18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
292ab8ef047b7364917cd0f03edc26e84db920b18ec8d704ecc7e87e64cfdc03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sat, 22 May 2021 03:44:56 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1753
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 22 May 2021 03:44:56 GMT
location
https://mug.criteo.com/sid?cpp=tp6YGXxPY2JubFd0eHBMZjlXd1hHNGhVL3hUYTJObHA2VmhTVU9OaTBSbGgvM015OTN6dHBzdDVqRVdMSVd4bllFcmxWejAyUi84Rkxja1htc051WnRWNnpiVVJMalNoUDJwczVva1FMaDVvWm1acVhrTzBDeFQ3ZWk1Z0NBd1BZT2NQNk1SRTBvaUdpcmJ0a2FnQW52cUllcG5JcnVkbC9YcW04TWxFUmp1a3pLcjViRkdhQTJFVEZ4WGs5TG5KZ0UyNi94TjhaTjdwWWFEZTBzTHlHY2tuYlhRPT18&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2585
content-length
455
expires
0
v2
i.connectad.io/api/ 		0
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.28.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 22 May 2021 03:44:56 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://ask.fm
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
65330c81da092bca-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a33c6252400002bcaf599f000000001
/
adx.adform.net/adx/ 		10 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTg2NTI1MyZ0cmFuc2FjdGlvbklkPTQ2MGRhZDhmLWFhNmMtNDMzMy1iMThmLTRiYWQ5ZjkyYTM2NyZyY3VyPVBMTg%3D%3D&bWlkPTgwMjYyMCZ0cmFuc2FjdGlvbklkPTYzN2VmMDk3LTZkNjctNGFhMi1hNWRiLTY0OGRhOTQ0ZmMzOCZyY3VyPVBMTg%3D%3D&pt=gross&stid=a08c5de3-df0a-409c-88c6-1a21b9b53c56&gdpr=0&gdpr_consent=undefined&fd=1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.28.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
78f4a3114e3738eab1ffd31cbd3611435034197ecc40456f3ed43f82af4393d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:44:56 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
10
expires
-1
prebid-request
onetag-sys.com/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.28.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
455ff99b45ba132c5cd521e36dd4d04f77d20b0a64082605d94db568c5387dd0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://ask.fm
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
2717
cygnus
htlb.casalemedia.com/ 		24 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=425272&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%228637aeaf82f083%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fask.fm%2Fjoinsleet68438%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.28.0%22%2C%22msd%22%3A2%2C%22msi%22%3A2%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2290a6ecdf905c9b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2290a6ecdf905c9b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22750x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A750%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2290a6ecdf905c9b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.28.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d973bc3a245ab698841862508843bed6687f2b9e961bc953d08372621d6e674c

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:44:56 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[159.48.53.239], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ask.fm
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
44
x-ak-client-geo
12
expires
Sat, 22 May 2021 03:44:56 GMT
c
prebid.a-mo.net/a/ 		0
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.28.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 22 May 2021 03:44:56 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
1
vary
origin
prebid
ib.adnxs.com/ut/v3/ 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.28.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
c3489c8606f797eedd2c4bc2102fbd7ca7c17028f09c94062e25de95845ef465
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 22 May 2021 03:44:56 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
159.48.53.239; 159.48.53.239; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.15:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
d51af2d5-3e0e-4dc2-84ec-e1e02235fa6e
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		261 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.28.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
7bd27ed5450668d94d6aaf15775d2f9c6753feec722c4f922b16a4ce1da128a9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 22 May 2021 03:44:56 GMT
X-Proxy-Origin
159.48.53.239; 159.48.53.239; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.148:80
AN-X-Request-Uuid
7f480854-b425-43fb-9b17-7bf7d50eb385
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
261
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=tp6YGXxPY2JubFd0eHBMZjlXd1hHNGhVL3hUYTJObHA2VmhTVU9OaTBSbGgvM015OTN6dHBzdDVqRVdMSVd4bllFcmxWejAyUi84Rkxja1htc051WnRWNnpiVVJMalNoUDJwczVva1FMaDVvWm1acVhrTzBDeFQ3ZWk1Z0NBd1BZT2NQNk1SRTBvaUdpcmJ0a2FnQW52cUllcG5JcnVkbC9YcW04TWxFUmp1a3pLcjViRkdhQTJFVEZ4WGs5TG5KZ0UyNi94TjhaTjdwWWFEZTBzTHlHY2tuYlhRPT18&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1140
date
Sat, 22 May 2021 03:44:55 GMT
content-encoding
gzip
vary
Accept-Encoding
truncated
/ 		630 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
Cookie set joinsleet68438
ask.fm/ 		15 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ask.fm/joinsleet68438
Requested by
Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/optad360.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.138.77.147 , Latvia, ASN395754 (ASK-FM, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
48335c5615c17e3b12e1afa28a477ce237a156da94bd1342732f400956bc15b4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
ask.fm
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://ask.fm/joinsleet68438
Cookie
locale=en; uuid=c80b9fb9-eb36-40af-8162-fd1f3bc66f97; country=DE; traffic_source=organic; _ym_uid=1621655093990692247; _ym_d=1621655093; _ym_isad=2; _ga=GA1.2.1706668700.1621655093; _gid=GA1.2.1637811573.1621655093; _gat_UA-12308109-15=1; _ym_visorc=w; tutm=utm_medium%3Dconversion_desktop_personalization_19; _m_ask_fm_session=ekVKWjBicTNmblpvSmdzRm9vT3pHaU1nK2xKbWdQL3piS29oU1FNb0orWVNBY3R0c0ZoVjBjeTRPS0ZYclhxalhPd21pQzUwdktBZXBuOHdWWXdJaURIZjlVaGk2RUFGTlVnb21tNDFjclRORVhyOHdlRUdZK20wdTAzR0p2d3czWVNmc1VVck95ZllKaE5VNkQ2b21MNm5aT05lMnJvRjd3ZDB6dUEvNENTbGNSSHdsZjhFUDgzZ1l3cUpmVDdYekVlUlZnV2cwMlBST1ozTmF2T2ZUemp6SExocFdlQlNJUFB4cithclYvS3BWYjhDV3NyMy9BOXduUkc1Qlg5YjdVcVM4REUwZ2wyeXRjbTFEYk5Yd0E9PS0tVHR6VkNLcDNrN1FRcjZWZkh4U3FlQT09--071d9ed0a45bd272409b3f45ee8f57acba85e0bf; _pbjs_userid_consent_data=6683316680106290; cto_bidid=fSlnT19zeTQwTEpFQWo5bWtISkFVZzlHN045akklMkY1S0FhVUI1ZEJlVDBZcHlsYTVpRFh3VVFPN2x4eVhxcmhqMldER0V5N3JnZkhCS0FUSDE5cEwxdEU0YnFnJTNEJTNE; cto_bundle=n4CGMV9MbDBRdGVrNiUyRklVRTZxR0xHZVFLZFFTbWZTVElJRXR3WFl0N1laV2pCRGpOWjhySk9iQ1dDa1BBdnB1Ym9HTUZHOWkzQ2NCUzhEQXdJVEFtVG5KM1dUVHMzRnBjNHVlNkg1dkhkc20xMU9BJTNE
Connection
keep-alive
Referer
https://ask.fm/joinsleet68438
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 03:44:57 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Ask.FM Web Service
ETag
W/"8c15245a2cec99efb295e6b46f7fc186"
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=utf-8
Status
200 OK
Set-Cookie
locale=en; path=/; expires=Sun, 22 May 2022 09:44:56 -0000 _m_ask_fm_session=T1BpV2NDbmVEVThMQVFNVnd4Q3NmOFBjSGx6TDRJelIvdkNsbGpIWHRHMEpuZXZ3bnI2MG5rZDV2YWllWTRONFJaKzZNZWpjUVEyMzN6cWYzYW9uTWlUNTJweExVM2d1blBjNU5zQ0xDZnlOZXpkdWxzS0MweDFBZDNhNitOR2hmZVdzaG5YTFlTUXNsbkJJVXdldm1jRG53QUMzZzl0TnZ0OVFKT3FXZnorRGlqeU1kSTE1ODR5Rlpucmt2Y2R0SmlGemRSN2ltQ3liNmx0MlNMRTRpVytSdytIUlNKcGlOZEpCMlowVnBNR2FLemxJWnA0b3NwVC9pSmdNTlptTi0taGhGeDByN2FKMTI3UHBSbURTTG1zUT09--6028c167d61635ce481ef8d1d8d43177f7479e9e; path=/; expires=Tue, 25 May 2021 03:44:57 -0000; secure; HttpOnly
Cache-Control
max-age=0, private, must-revalidate
Transfer-Encoding
chunked
Content-Security-Policy
frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security
max-age=63072000
X-XSS-Protection
1; mode=block
1
serving.stat-rock.com/v1/log/js/ 		35 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1621655096908.5205&type=INIT&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fjoinsleet68438&t=261&v=88&width=528&z=p%3Adf%3Bv%3AinView%3B&r=0.6458497107105312
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
ap8.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin
https://ask.fm
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 22 May 2021 03:44:56 GMT
srvf
78.140.185.32
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
1
serving.stat-rock.com/v1/log/js/ 		35 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1621655096908.5205&type=REQUEST&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fjoinsleet68438&t=268&v=88&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.2998669453307665
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
ap8.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin
https://ask.fm
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 22 May 2021 03:44:56 GMT
srvf
78.140.185.32
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
Cookie set joinsleet68438
ask.fm/ 		15 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ask.fm/joinsleet68438
Requested by
Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/optad360.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.138.77.147 , Latvia, ASN395754 (ASK-FM, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
1482d87261f54349ef673cf4a046b4f8bd04d264fd3d55ffe780fe4961d4cb84
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
ask.fm
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://ask.fm/joinsleet68438
Cookie
locale=en; uuid=c80b9fb9-eb36-40af-8162-fd1f3bc66f97; country=DE; traffic_source=organic; _ym_uid=1621655093990692247; _ym_d=1621655093; _ym_isad=2; _ga=GA1.2.1706668700.1621655093; _gid=GA1.2.1637811573.1621655093; _gat_UA-12308109-15=1; _ym_visorc=w; tutm=utm_medium%3Dconversion_desktop_personalization_19; _pbjs_userid_consent_data=6683316680106290; cto_bidid=fSlnT19zeTQwTEpFQWo5bWtISkFVZzlHN045akklMkY1S0FhVUI1ZEJlVDBZcHlsYTVpRFh3VVFPN2x4eVhxcmhqMldER0V5N3JnZkhCS0FUSDE5cEwxdEU0YnFnJTNEJTNE; cto_bundle=n4CGMV9MbDBRdGVrNiUyRklVRTZxR0xHZVFLZFFTbWZTVElJRXR3WFl0N1laV2pCRGpOWjhySk9iQ1dDa1BBdnB1Ym9HTUZHOWkzQ2NCUzhEQXdJVEFtVG5KM1dUVHMzRnBjNHVlNkg1dkhkc20xMU9BJTNE; _m_ask_fm_session=T1BpV2NDbmVEVThMQVFNVnd4Q3NmOFBjSGx6TDRJelIvdkNsbGpIWHRHMEpuZXZ3bnI2MG5rZDV2YWllWTRONFJaKzZNZWpjUVEyMzN6cWYzYW9uTWlUNTJweExVM2d1blBjNU5zQ0xDZnlOZXpkdWxzS0MweDFBZDNhNitOR2hmZVdzaG5YTFlTUXNsbkJJVXdldm1jRG53QUMzZzl0TnZ0OVFKT3FXZnorRGlqeU1kSTE1ODR5Rlpucmt2Y2R0SmlGemRSN2ltQ3liNmx0MlNMRTRpVytSdytIUlNKcGlOZEpCMlowVnBNR2FLemxJWnA0b3NwVC9pSmdNTlptTi0taGhGeDByN2FKMTI3UHBSbURTTG1zUT09--6028c167d61635ce481ef8d1d8d43177f7479e9e
Connection
keep-alive
Referer
https://ask.fm/joinsleet68438
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 03:44:57 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Ask.FM Web Service
ETag
W/"38287806a0e773bd4be0a6d21ecfe7f5"
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=utf-8
Status
200 OK
Set-Cookie
locale=en; path=/; expires=Sun, 22 May 2022 09:44:57 -0000 _m_ask_fm_session=YzNDUytDSlFucXRsYVA3R1UyRElEd2xLbG1qekt6NGg4cUpJWGpUREFmd2kwaVpkRHE4clFtWjNjSEtSZUtwZXVBY1o2aG1yZERQVVVrSDF1OFFXZWIrL04vVlZaY2FTSEJDclVydzc2Q1RmVjhFOTFVbmU1REoyb2lDZXJGRjRlRHVON3FKdDJtaHlDNU9sTmVvbHRjRERwUFJwcUFWTjNhNVY1YUlQUmsyVG1uUzR6TE5sVE5MYmRIQ1VKQ0pPbllyMFlBSkJ2ZUJZTE1mQVRzNzJwRWZQVWJUMGFNZHhYcXJhM2JTY2FMRUtEOUM4LzRVdDgvK3J3NXh0ZXBkbC0tazRyVmFtNXdrcVltODNLWEdPdmYzUT09--b4a2b3f31be83f05b2528a4a8d462a9c80d8afea; path=/; expires=Tue, 25 May 2021 03:44:57 -0000; secure; HttpOnly
Cache-Control
max-age=0, private, must-revalidate
Transfer-Encoding
chunked
Content-Security-Policy
frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security
max-age=63072000
X-XSS-Protection
1; mode=block
1
serving.stat-rock.com/v1/log/js/ 		35 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?d=1&id=1621655096908.5205&type=REQUEST&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fjoinsleet68438&t=425&v=88&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.21936817697335687
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
ap8.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin
https://ask.fm
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 22 May 2021 03:44:57 GMT
srvf
78.140.185.32
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
1
serving.stat-rock.com/v1/log/js/ 		35 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1621655096908.5205&type=OPPORTUNITY&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fjoinsleet68438&t=602&v=88&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.019042475333201025
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
ap8.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin
https://ask.fm
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 22 May 2021 03:44:57 GMT
srvf
78.140.185.32
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
1
serving.stat-rock.com/v1/log/js/ 		35 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?d=1&id=1621655096908.5205&type=OPPORTUNITY&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fjoinsleet68438&t=602&v=88&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.35147218641485445
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
ap8.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin
https://ask.fm
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 22 May 2021 03:44:57 GMT
srvf
78.140.185.32
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
48953915
mc.yandex.com/webvisor/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=2&wv-hit=816800526&page-url=https%3A%2F%2Fask.fm%2Fjoinsleet68438&rn=546725104&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1621655098%3Aw%3A1600x1200%3Av%3A504%3Az%3A120%3Ai%3A20210522054457%3Au%3A1621655093990692247%3Avf%3A5gv0p5rfujionf9a%3Awe%3A1%3Ati%3A2%3Ast%3A1621655098
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:44:57 GMT
last-modified
Sat, 22-May-2021 03:44:57 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 22-May-2021 03:44:57 GMT
48953915
mc.yandex.com/webvisor/ 		43 B
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=2&wv-hit=816800526&page-url=https%3A%2F%2Fask.fm%2Fjoinsleet68438&rn=101314914&wv-type=5&browser-info=gdpr%3A14%3Aet%3A1621655098%3Aw%3A1600x1200%3Av%3A504%3Az%3A120%3Ai%3A20210522054457%3Au%3A1621655093990692247%3Avf%3A5gv0p5rfujionf9a%3Awe%3A1%3Ati%3A2%3Ast%3A1621655098
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:44:57 GMT
last-modified
Sat, 22-May-2021 03:44:57 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 22-May-2021 03:44:57 GMT
48953915
mc.yandex.com/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=3&wv-hit=816800526&page-url=https%3A%2F%2Fask.fm%2Fjoinsleet68438&rn=1040092342&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1621655100%3Aw%3A1600x1200%3Av%3A504%3Az%3A120%3Ai%3A20210522054459%3Au%3A1621655093990692247%3Avf%3A5gv0p5rfujionf9a%3Awe%3A1%3Ati%3A2%3Ast%3A1621655100
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:44:59 GMT
last-modified
Sat, 22-May-2021 03:44:59 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 22-May-2021 03:44:59 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame F9E4 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.28.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ask.fm/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ask.fm/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Sat, 22 May 2021 03:44:59 GMT
Content-Length
1151
Connection
keep-alive
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1BAE 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.28.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ask.fm/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=2041951535173767810; icu=ChgIm7tdEAoYASABKAEwuPyhhQY4AUABSAEQuPyhhQYYAA..
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ask.fm/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Sun, 23 May 2021 03:45:01 GMT
Date
Sat, 22 May 2021 03:44:59 GMT
Connection
keep-alive
Vary
Accept-Encoding
connectmyusers.php
cdn.connectad.io/ Frame B11A 		1 KB
783 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.28.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

:method
GET
:authority
cdn.connectad.io
:scheme
https
:path
/connectmyusers.php?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ask.fm/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ask.fm/

Response headers

date
Sat, 22 May 2021 03:44:59 GMT
content-type
text/html; charset=UTF-8
cf-cache-status
DYNAMIC
cf-request-id
0a33c6320400002bcaed86e000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
65330c966e112bca-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
/
onetag-sys.com/usync/ Frame AA25 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1621655096652
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.28.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?cb=1621655096652
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ask.fm/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ask.fm/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
/
onetag-sys.com/usync/ 		0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?tag=img
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
content-length
0
async_usersync
ib.adnxs.com/ Frame 1BAE 		0
749 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 22 May 2021 03:44:59 GMT
X-Proxy-Origin
159.48.53.239; 159.48.53.239; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.49:80
AN-X-Request-Uuid
96e6affb-5918-4123-9337-f3311793dde4
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 84F6
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
50f1ba123cf1064830f37bc627a2a2d0413844c2500fa8c8b8087ba56fd17240

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YKh.O0WQ3lzt3xAvGjy3nAAA; CMPS=3200
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|45|230|241|13|88|4|218
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1915
Expires
Sat, 22 May 2021 03:45:00 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 22 May 2021 03:45:00 GMT
Connection
keep-alive
Set-Cookie
CMID=YKh.O0WQ3lzt3xAvGjy3nAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 22 May 2022 03:45:00 GMT CMPS=3200;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 20 Aug 2021 03:45:00 GMT CMPRO=1188;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 20 Aug 2021 03:45:00 GMT CMRUM3=0460a87e3c05a0&e660a87e3c2760&2760a87e3c0b40&2d60a87e3c05a0&f160a87e3c05a0&5860a87e3c05a0&0d60a87e3c05a0&da60a87e3c2760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 22 May 2022 03:45:00 GMT CMST=YKh+PGCofjwA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 23 May 2021 03:45:00 GMT

Redirect headers

Server
Apache
Content-Length
329
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Sat, 22 May 2021 03:44:59 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 22 May 2021 03:44:59 GMT
Connection
keep-alive
Set-Cookie
CMID=YKh.O0WQ3lzt3xAvGjy3nAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 22 May 2022 03:44:59 GMT CMPS=3200;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 20 Aug 2021 03:44:59 GMT
1
sync-eu.connectad.io/syncer/ Frame B074 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/syncer/1
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
sync-eu.connectad.io
:scheme
https
:path
/syncer/1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cdn.connectad.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
cadsync
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://cdn.connectad.io/

Response headers

date
Sat, 22 May 2021 03:45:00 GMT
set-cookie
id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None uid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
cache-control
no-cache, private
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0a33c6325200002bca31b31000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
65330c96eee82bca-FRA
casale
match.adsrvr.org/track/cmf/ Frame 84F6 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YKh.O0WQ3lzt3xAvGjy3nAAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:45:00 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 84F6
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YKh.O0WQ3lzt3xAvGjy3nAAA
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YKh.O0WQ3lzt3xAvGjy3nAAA&google_tc=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDk99pbDmNNSxVLcBbKrrAw&google_cver=1&gdpr=1&google_hm=2
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDk99pbDmNNSxVLcBbKrrAw&google_cver=1&gdpr=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 22 May 2021 03:45:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 22 May 2021 03:45:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 22 May 2021 03:45:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDk99pbDmNNSxVLcBbKrrAw&google_cver=1&gdpr=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 84F6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YKh-O0WQ3lzt3xAvGjy3nAAABKQAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YKh-O0WQ3lzt3xAvGjy3nAAABKQAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDz23OXEe2uQgy18rqFaPyI&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDz23OXEe2uQgy18rqFaPyI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 22 May 2021 03:45:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 22 May 2021 03:45:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 22 May 2021 03:45:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDz23OXEe2uQgy18rqFaPyI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 84F6
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YKh-O0WQ3lzt3xAvGjy3nAAABKQAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YKh-O0WQ3lzt3xAvGjy3nAAABKQAAAAB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YKh-O0WQ3lzt3xAvGjy3nAAABKQAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 22 May 2021 03:45:00 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 22 May 2021 03:45:00 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YKh-O0WQ3lzt3xAvGjy3nAAABKQAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 84F6
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06422204078cf73627701e08&expiration=[EXPIRATION]&gdpr=1
43 B
1015 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06422204078cf73627701e08&expiration=[EXPIRATION]&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 22 May 2021 03:45:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 22 May 2021 03:45:00 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06422204078cf73627701e08&expiration=[EXPIRATION]&gdpr=1
Date
Sat, 22 May 2021 03:45:00 GMT
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Content-Length
0
Vary
Origin
rum
dsum-sec.casalemedia.com/ Frame 84F6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YKh_PAABNgiMfQA4
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YKh_PAABNgiMfQA4&gdpr=1&_test=YKh_PAABNgiMfQA4
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YKh_PAABNgiMfQA4&gdpr=1&_test=YKh_PAABNgiMfQA4
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 22 May 2021 03:45:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 22 May 2021 03:45:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 22 May 2021 03:45:00 GMT
via
1.1 varnish
server
Varnish
x-timer
S1621655100.149808,VS0,VE0
x-served-by
cache-hhn4047-HHN
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YKh_PAABNgiMfQA4&gdpr=1&_test=YKh_PAABNgiMfQA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame 84F6
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3477389406791442099
43 B
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3477389406791442099
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 22 May 2021 03:45:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 22 May 2021 03:45:00 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3477389406791442099
pragma
no-cache
date
Sat, 22 May 2021 03:44:59 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ibs:dpid=23728&dpuuid=YKh.O0WQ3lzt3xAvGjy3nAAA%261188
dpm.demdex.net/ Frame 84F6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YKh.O0WQ3lzt3xAvGjy3nAAA%261188?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.89.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 84F6 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YKh.O0WQ3lzt3xAvGjy3nAAA%261188
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 03:45:00 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2660
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sat, 22 May 2021 04:29:20 GMT
async_usersync
ib.adnxs.com/ Frame 1BAE 		0
750 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 22 May 2021 03:45:00 GMT
X-Proxy-Origin
159.48.53.239; 159.48.53.239; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.110:80
AN-X-Request-Uuid
db6f9981-0e1f-4079-9462-166c827df055
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
48953915
mc.yandex.com/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=4&wv-hit=816800526&page-url=https%3A%2F%2Fask.fm%2Fjoinsleet68438&rn=2676273&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1621655102%3Aw%3A1600x1200%3Av%3A504%3Az%3A120%3Ai%3A20210522054501%3Au%3A1621655093990692247%3Avf%3A5gv0p5rfujionf9a%3Awe%3A1%3Ati%3A2%3Ast%3A1621655102
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:45:01 GMT
last-modified
Sat, 22-May-2021 03:45:01 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 22-May-2021 03:45:01 GMT
48953915
mc.yandex.com/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=5&wv-hit=816800526&page-url=https%3A%2F%2Fask.fm%2Fjoinsleet68438&rn=733455636&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1621655104%3Aw%3A1600x1200%3Av%3A504%3Az%3A120%3Ai%3A20210522054503%3Au%3A1621655093990692247%3Avf%3A5gv0p5rfujionf9a%3Awe%3A1%3Ati%3A2%3Ast%3A1621655104
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:45:03 GMT
last-modified
Sat, 22-May-2021 03:45:03 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 22-May-2021 03:45:03 GMT
report-integration
receiver-hetzner.showheroes.com/events/ Frame 6665 		43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://receiver-hetzner.showheroes.com/events/report-integration?event=error&rnd=41774644&player_id=eb49cfb1-fe01-4d2d-bafe-5433cfc9ddac&sh_adhsu=0&player_type=publisher&sh_pvr=[SH_PVR]&pageurl=https%3A%2F%2Fask.fm&errcode=901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
167.233.6.13 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:45:04 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
server
nginx/1.18.0
content-length
43
content-type
image/gif
advast
ice.360yield.com/ Frame 6665 		27 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/advast?p=22297298&w=16&h=9&minduration=1&maxduration=60&player_width=432&player_height=243&referrer=https%3A%2F%2Fask.fm&gdpr=&vast_version=3&vpaid_version=2&video_format_type=instream&schain=1.0,1!viralize.com,4704,1,,,
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.9.114 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 22 May 2021 03:45:04 GMT
access-control-allow-credentials
true
content-type
application/xml; charset=UTF-8
content-length
27
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
ads.viralize.tv/t-bid-opportunity/ Frame 6665 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ebbab011c7648c8b2a7f0c93bfdab1&item=YWRuXzUyMDABVS7K5Q4_fA%3D%3D.3.wp3sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:04 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
ads.viralize.tv/track/ Frame 6665 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebbab011c7648c8b2a7f0c93bfdab1%3A0%3AYWRuXzY4NjAurvyWUMvxHw%3D%3D~wp2sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzY4NjAurvyWUMvxHw%3D%3D~wp2sc1%22%2C%22label%22%3A%22bid_error%22%2C%22reason%22%3A%2210003%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:04 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
/
s.richaudience.com/vid/MP_Ua8BIWjxkR/1621655094/ Frame 6665 		160 B
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/vid/MP_Ua8BIWjxkR/1621655094/?hasConsent=1&consentString=&mref=https%3A%2F%2Fask.fm&fp=130
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.145.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
21aa80733a2e64012e3f4f18beb996d922b2cbe4eb24fe383c556ee13baf1fd2

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:04 GMT
content-encoding
gzip
server
nginx/1.10.3
vary
Accept-Encoding
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://ask.fm
access-control-max-age
86400
access-control-allow-credentials
true
/
ads.viralize.tv/t-bid-opportunity/ Frame 6665 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ebbab011c7648c8b2a7f0c93bfdab1&item=YWRuXzU0MDa7VgRR7a8xUg%3D%3D.4.wp4sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:04 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
ads.viralize.tv/track/ Frame 6665 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebbab011c7648c8b2a7f0c93bfdab1%3A0%3AYWRuXzUyMDABVS7K5Q4_fA%3D%3D~wp3sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzUyMDABVS7K5Q4_fA%3D%3D~wp3sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:04 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
280206
search.spotxchange.com/vast/2.0/ Frame 6665 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/280206?VPAID=JS&content_page_url=https%3A%2F%2Fask.fm&cb=1621655094&player_width=432&player_height=243&gdpr=1&gdpr_consent=&custom[format]=instream&schain=1.0,1!viralize.com,4704,1,,,
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 03:45:04 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000261
X-SpotX-Timing-SpotMarket
0.006275
X-SpotX-Timing-Page-Mux
0.000188
X-SpotX-Timing-Page-Require
0.000309
X-fe
121
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000025
Content-Length
77
X-SpotX-Timing-Page
0.014432
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.004129
Last-Modified
Sat, 22 May 2021 03:45:04 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.006275
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://ask.fm
X-SpotX-Timing-Page-Misc
0.003236
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000009
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
ads.viralize.tv/t-bid-opportunity/ Frame 6665 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ebbab011c7648c8b2a7f0c93bfdab1&item=YWRuXzQ2MTeod_MMFFFGiw%3D%3D.5.wp5sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:04 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
ads.viralize.tv/track/ Frame 6665 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebbab011c7648c8b2a7f0c93bfdab1%3A0%3AYWRuXzU0MDa7VgRR7a8xUg%3D%3D~wp4sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzU0MDa7VgRR7a8xUg%3D%3D~wp4sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:04 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 6665 		67 B
570 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=12944625&domain=ask.fm&loc=ask.fm&_fw_gdpr=1&_fw_gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 22 May 2021 03:45:05 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1621655104678055-406
Expires
Sat, 22 May 2021 03:45:05 GMT
/
ads.viralize.tv/t-bid-opportunity/ Frame 6665 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ebbab011c7648c8b2a7f0c93bfdab1&item=YWRuXzU5OTFLbsN7sM8Taw%3D%3D.6.wp6sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:04 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
ads.viralize.tv/track/ Frame 6665 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebbab011c7648c8b2a7f0c93bfdab1%3A0%3AYWRuXzQ2MTeod_MMFFFGiw%3D%3D~wp5sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzQ2MTeod_MMFFFGiw%3D%3D~wp5sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:05 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
ac
www8.smartadserver.com/ Frame 6665
Redirect Chain
  • https://www8.smartadserver.com/ac?siteid=115779&pgid=1238067&fmtid=43957&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1621655094&vpw=432&vph=243&pgDomain=ask.fm&gdpr_consent=&gdpr=1&schai...
  • https://www8.smartadserver.com/ac?siteid=115779&pgid=1238067&fmtid=43957&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1621655094&vpw=432&vph=243&pgDomain=ask.fm&gdpr_consent=&gdpr=1&schai...
129 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www8.smartadserver.com/ac?siteid=115779&pgid=1238067&fmtid=43957&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1621655094&vpw=432&vph=243&pgDomain=ask.fm&gdpr_consent=&gdpr=1&schain=1.0%2C1!viralize.com%2C4704%2C1%2C%2C%2C&cklb=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:45:05 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://ask.fm
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8
transfer-encoding
chunked

Redirect headers

pragma
no-cache
date
Sat, 22 May 2021 03:45:04 GMT
location
https://www8.smartadserver.com/ac?siteid=115779&pgid=1238067&fmtid=43957&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1621655094&vpw=432&vph=243&pgDomain=ask.fm&gdpr_consent=&gdpr=1&schain=1.0%2C1!viralize.com%2C4704%2C1%2C%2C%2C&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://ask.fm
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
/
ads.viralize.tv/t-bid-opportunity/ Frame 6665 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ebbab011c7648c8b2a7f0c93bfdab1&item=YWRuXzUyNDCgoZrQWVFFBg%3D%3D.7.wp7sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:05 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
ads.viralize.tv/track/ Frame 6665 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebbab011c7648c8b2a7f0c93bfdab1%3A0%3AYWRuXzU5OTFLbsN7sM8Taw%3D%3D~wp6sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzU5OTFLbsN7sM8Taw%3D%3D~wp6sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:05 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
shim.gif
creatives.sascdn.com/ Frame 6665 		43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creatives.sascdn.com/shim.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 03:45:05 GMT
Last-Modified
Fri, 17 Aug 2018 12:23:00 GMT
Server
Apache
ETag
"221d8352905f2c38b3cb2bd191d630b0:1534508580"
Content-Type
image/gif
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Sun, 22 May 2022 03:45:05 GMT
/
ads.viralize.tv/d-vast/ Frame 6665 		71 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.viralize.tv/d-vast/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fask.fm&cbb=1655093997&sid=01ebbab011c7648c8b2a7f0c93bfdab1&experiment=ops.v&ahd=1&enable_branding=0&player_session=%7B%22page_id%22%3A%220179922d043c7868c2b3a09b07c70f0%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22width%22%3A432%2C%22height%22%3A243%7D%2C%22pub_platform%22%3A%22%22%7D&dd=ask.fm&sc=1&gdpr=1&cmp=unavailable&wfp=8&rcx=460.17321230.1.12
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
3419057d4d0ea2416ad392eb797ded2ac1033896fc70df1dadd4eaad31862bf1

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:05 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding, Origin
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://ask.fm
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
ptv
secure.adnxs.com/ Frame 6665 		27 B
713 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/ptv?member=9986&id=19417514&vplaybackmethod=2&referrer=ask.fm&gdpr=1&gdpr_consent=&cb=1621655094
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 22 May 2021 03:45:05 GMT
X-Proxy-Origin
159.48.53.239; 159.48.53.239; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.48:80
AN-X-Request-Uuid
e6cf28f1-3836-41e2-aef6-b2253d453e37
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
27
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
ads.viralize.tv/t-bid-opportunity/ Frame 6665 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ebbab011c7648c8b2a7f0c93bfdab1&item=YWRuXzUwMDnGackrDE7nIQ%3D%3D.9.wp9sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:05 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
ads.viralize.tv/track/ Frame 6665 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebbab011c7648c8b2a7f0c93bfdab1%3A0%3AYWRuXzUyNDCgoZrQWVFFBg%3D%3D~wp7sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzUyNDCgoZrQWVFFBg%3D%3D~wp7sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:05 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
pixel
cm.g.doubleclick.net/ Frame 6665
Redirect Chain
  • https://viralize-d.openx.net/v/1.0/av?auid=541171639&url=ask.fm&cb=1621655094&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,
  • https://viralize-d.openx.net/v/1.0/av?cc=1&auid=541171639&url=ask.fm&cb=1621655094&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
0
0
/
ads.viralize.tv/t-bid-opportunity/ Frame 6665 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ebbab011c7648c8b2a7f0c93bfdab1&item=YWRuXzUyOThBlHuZbvhO6A%3D%3D.11.wp11sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:05 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
ads.viralize.tv/track/ Frame 6665 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebbab011c7648c8b2a7f0c93bfdab1%3A0%3AYWRuXzUwMDnGackrDE7nIQ%3D%3D~wp9sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzUwMDnGackrDE7nIQ%3D%3D~wp9sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:05 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
av
viralize-d.openx.net/v/1.0/ Frame 6665
Redirect Chain
  • https://viralize-d.openx.net/v/1.0/av?auid=541171639&url=ask.fm&cb=1621655094&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,
  • https://viralize-d.openx.net/v/1.0/av?cc=1&auid=541171639&url=ask.fm&cb=1621655094&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,
48 B
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://viralize-d.openx.net/v/1.0/av?cc=1&auid=541171639&url=ask.fm&cb=1621655094&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.207.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:45:05 GMT
content-encoding
gzip
server
OXGW/16.207.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ask.fm
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Sat, 22 May 2021 03:45:05 GMT
via
1.1 google
server
OXGW/16.207.0
location
https://viralize-d.openx.net/v/1.0/av?cc=1&auid=541171639&url=ask.fm&cb=1621655094&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ask.fm
access-control-allow-credentials
true
alt-svc
clear
content-length
0
av
viralize-d.openx.net/v/1.0/ Frame 6665
Redirect Chain
  • https://viralize-d.openx.net/v/1.0/av?auid=541171639&url=ask.fm&cb=1621655094&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,
  • https://viralize-d.openx.net/v/1.0/av?cc=1&auid=541171639&url=ask.fm&cb=1621655094&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,
48 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://viralize-d.openx.net/v/1.0/av?cc=1&auid=541171639&url=ask.fm&cb=1621655094&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.207.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:45:05 GMT
content-encoding
gzip
server
OXGW/16.207.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ask.fm
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Sat, 22 May 2021 03:45:05 GMT
via
1.1 google
server
OXGW/16.207.0
location
https://viralize-d.openx.net/v/1.0/av?cc=1&auid=541171639&url=ask.fm&cb=1621655094&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ask.fm
access-control-allow-credentials
true
alt-svc
clear
content-length
0
/
adx.adform.net/adx/ Frame 6665 		65 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=952575&t=2&url=https%3A%2F%2Fask.fm&gdpr=1&gdpr_consent=&w=432&h=243&t=1&random=1621655094
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:05 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
ads.viralize.tv/t-bid-opportunity/ Frame 6665 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ebbab011c7648c8b2a7f0c93bfdab1&item=YWRuXzU5MDKSqlOoe6ZXZA%3D%3D.12.wp12sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:05 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
ads.viralize.tv/track/ Frame 6665 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebbab011c7648c8b2a7f0c93bfdab1%3A0%3AYWRuXzUyOThBlHuZbvhO6A%3D%3D~wp11sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzUyOThBlHuZbvhO6A%3D%3D~wp11sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:05 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 6665 		965 B
850 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621655094
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
cf1953618b36785249add7003964bb34c56d35321a8c9282081584f398cad0db

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:45:05 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5b1869b8fc7b9"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
597
expires
Sat, 22 May 2021 03:45:05 GMT
/
ads.viralize.tv/t-bid-opportunity/ Frame 6665 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ebbab011c7648c8b2a7f0c93bfdab1&item=YWRuXzQ3MzHWonrNMPHyzQ%3D%3D.14.wp14sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:05 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
ads.viralize.tv/t-bid-done/ Frame 6665 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-done/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&item=YWRuXzQ3MzHWonrNMPHyzQ%3D%3D&sc=wp14sc1&l=vpaid&as=PubMatic&ct=application%2Fjavascript&sid=01ebbab011c7648c8b2a7f0c93bfdab1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:05 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame DA8F 		150 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621655094
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_player.min.fabab513.js?e=ops
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
d88253f5fa17497bfdc4546ccf644a8f954c7f2314e41f09354f70b2282e48ae

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:05 GMT
content-encoding
gzip
last-modified
Tue, 05 Jan 2021 07:24:19 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-257f0-5b82218515d54"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
35684
/
ads.viralize.tv/track/ Frame 6665 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebbab011c7648c8b2a7f0c93bfdab1%3A0%3AYWRuXzU5MDKSqlOoe6ZXZA%3D%3D~wp12sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzU5MDKSqlOoe6ZXZA%3D%3D~wp12sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_done%22%2C%22session_id%22%3A%2201ebbab011c7648c8b2a7f0c93bfdab1%3A0%3AYWRuXzQ3MzHWonrNMPHyzQ%3D%3D~wp14sc1%3A0%22%2C%22bid_done_id%22%3A%220%22%2C%22label%22%3A%22bid_selected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:05 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
showad.js
ads.pubmatic.com/AdServer/js/ Frame B435 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621655094
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ask.fm/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ask.fm/

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=165317
expires
Mon, 24 May 2021 01:40:22 GMT
date
Sat, 22 May 2021 03:45:05 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame DA8F 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621655094
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:05 GMT
content-encoding
gzip
last-modified
Tue, 11 May 2021 05:24:02 GMT
server
Apache/2.2.15 (CentOS)
etag
"13006b6-96ca-5c2071a26cca4"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=165317
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13964
expires
Mon, 24 May 2021 01:40:22 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame B435 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=20165946&p=156962&s=662277&a=2645917&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e1a29ecddec2d9746e50937af3d751f05618d02a5bc17b1fd7acab87e2d9ff61

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:04 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
48953915
mc.yandex.com/webvisor/ 		43 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=6&wv-hit=816800526&page-url=https%3A%2F%2Fask.fm%2Fjoinsleet68438&rn=122319515&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1621655106%3Aw%3A1600x1200%3Av%3A504%3Az%3A120%3Ai%3A20210522054505%3Au%3A1621655093990692247%3Avf%3A5gv0p5rfujionf9a%3Awe%3A1%3Ati%3A2%3Ast%3A1621655106
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:45:05 GMT
last-modified
Sat, 22-May-2021 03:45:05 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 22-May-2021 03:45:05 GMT
match
c1.adform.net/serving/cookie/ Frame 295A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=0EDF2059-C159-48CF-B531-C28544A48CAF
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=0EDF2059-C159-48CF-B531-C28544A48CAF
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=0EDF2059-C159-48CF-B531-C28544A48CAF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?CC=1&party=14&cid=0EDF2059-C159-48CF-B531-C28544A48CAF
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 22 May 2021 03:45:05 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=1254898565766478508; expires=Wed, 21 Jul 2021 03:45:05 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Sat, 22 May 2021 03:45:05 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=0EDF2059-C159-48CF-B531-C28544A48CAF
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
C=1; expires=Tue, 22 Jun 2021 03:45:05 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 4B12
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=629191319307479954
42 B
209 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=629191319307479954
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=629191319307479954
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=0EDF2059-C159-48CF-B531-C28544A48CAF; chkChromeAb67Sec=1; DPSync3=1622851200%3A201_197_219%7C1621728000%3A174; SyncRTB3=1622851200%3A54_220_13_7_3_71_21_161_56%7C1622937600%3A35; KRTBCOOKIE_80=22987-CAESEAuDSojg_ZAxuLGlKcQoLNs&KRTB&16514-CAESEAuDSojg_ZAxuLGlKcQoLNs&KRTB&23025-CAESEAuDSojg_ZAxuLGlKcQoLNs; PugT=1621655105; PUBMDCID=3; KRTBCOOKIE_57=22776-1996824514442346772; KRTBCOOKIE_27=16735-uid:401060a8-7e41-4c00-b75f-df13eaaddae6&KRTB&16736-uid:401060a8-7e41-4c00-b75f-df13eaaddae6&KRTB&23019-uid:401060a8-7e41-4c00-b75f-df13eaaddae6&KRTB&23114-uid:401060a8-7e41-4c00-b75f-df13eaaddae6; KRTBCOOKIE_377=6810-cc462e86-5c6f-479e-9845-7dcb8591d3fa&KRTB&22918-cc462e86-5c6f-479e-9845-7dcb8591d3fa&KRTB&23031-cc462e86-5c6f-479e-9845-7dcb8591d3fa; KRTBCOOKIE_391=22924-7903723858986152323&KRTB&23263-7903723858986152323
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 22 May 2021 03:45:05 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-629191319307479954; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 21-Jun-2021 03:45:05 GMT; path=/ PugT=1621655105; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 21-Jun-2021 03:45:05 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 20-Aug-2021 03:45:05 GMT; path=/
x-lat
lhrpug017:0:382
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=629191319307479954
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame CA0D 		43 B
325 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Sat, 22 May 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
981
x-powered-by
ASP.NET
date
Sat, 22 May 2021 03:45:05 GMT
content-length
43
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B435
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Dt8gWcFZSM-1McKFRKSMrw%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:05 GMT
content-encoding
gzip
last-modified
Wed, 21 Oct 2020 18:57:29 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-1f78-5b232eb4914bb"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=30932
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
2654
expires
Sat, 22 May 2021 12:20:37 GMT

Redirect headers

pragma
no-cache
date
Sat, 22 May 2021 03:45:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame B435
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=acd860a8-7e41-4200-858c-ada160ba32d6
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=acd860a8-7e41-4200-858c-ada160ba32d6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:05 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 22 May 2021 03:44:58 GMT
Server
MT3 3736 915c305 master zrh-pixel-x25
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=acd860a8-7e41-4200-858c-ada160ba32d6
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 22 May 2021 03:44:57 GMT
/
loada.exelator.com/load/ Frame B435
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=0EDF2059-C159-48CF-B531-C28544A48CAF
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=cc462e86-5c6f-479e-9845-7dcb8591d3fa&icm
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
0
0
Pug
image2.pubmatic.com/AdServer/ Frame B435
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MEVERjIwNTktQzE1OS00OENGLUI1MzEtQzI4NTQ0QTQ4Q0FG&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:05 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug004:0:393
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 22 May 2021 03:45:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame B435
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAuDSojg_ZAxuLGlKcQoLNs&google_cver=1
42 B
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAuDSojg_ZAxuLGlKcQoLNs&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:05 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug015:0:391
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 22 May 2021 03:45:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAuDSojg_ZAxuLGlKcQoLNs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame B435 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:05 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 21 May 2021 03:45:05 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame B435
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:401060a8-7e41-4c00-b75f-df13eaaddae6&gdpr=0&gdpr_consent=
42 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:401060a8-7e41-4c00-b75f-df13eaaddae6&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:05 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug011:0:430
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 22 May 2021 03:44:58 GMT
Server
MT3 3736 915c305 master zrh-pixel-x2
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:401060a8-7e41-4c00-b75f-df13eaaddae6&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 22 May 2021 03:44:57 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame B435
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7903723858986152323
42 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7903723858986152323
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:05 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug010:0:421
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 22 May 2021 03:45:05 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7903723858986152323
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame B435
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=cc462e86-5c6f-479e-9845-7dcb8591d3fa
42 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=cc462e86-5c6f-479e-9845-7dcb8591d3fa
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:05 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug001:0:442
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 22 May 2021 03:45:05 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=cc462e86-5c6f-479e-9845-7dcb8591d3fa
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame B435
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1996824514442346772&gdpr=0&gdpr_consent=
42 B
211 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1996824514442346772&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:05 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug005:0:495
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sat, 22 May 2021 03:45:05 GMT
X-Proxy-Origin
159.48.53.239; 159.48.53.239; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.196:80
AN-X-Request-Uuid
b9eb5c96-3bca-4edc-bedb-4af725dc249a
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1996824514442346772&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
0EDF2059-C159-48CF-B531-C28544A48CAF
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame B435 		43 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/0EDF2059-C159-48CF-B531-C28544A48CAF?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:05 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame DA8F 		27 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+7+9+1+0+1+1+1+6&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621655094&us_privacy=&cb=1621655105530&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fask.fm%252Fjoinsleet68438&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fask.fm%252Fjoinsleet68438&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-5-22%205:45:6&ranreq=0.7268658055558268&timezone=2&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621655094
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:06 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://ask.fm
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
content-type
application/xml; charset=utf-8
track
aktrack.pubmatic.com/ Frame DA8F 		0
0
track
aktrack.pubmatic.com/ Frame 6665 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156962&s=662277&a=2645917&ts=1621655105&wa=0&e=96&ier=901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:06 GMT
content-length
0
content-type
text/html
tags.php
pl.viadata.store/assets/ Frame DAB9 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pl.viadata.store/assets/tags.php?secured=1&language=en&page_url=https%3A%2F%2Fask.fm%2Fjoinsleet68438&pub_sid=102415&pub_sub=0&format=json&tgt=0&VIA_SUBID=&VIA_ABT=&pce=1&npx=1&VIA_DNT=0&page_domain=ask.fm&trackdomain=logs.viadata.store&VIA_DADPOS=1&avtoken=93885&VIA_WIDTH=432&VIA_HEIGHT=243&imp=false&rc=2&cb=1621655106130
Requested by
Host: ask.fm
URL: https://ask.fm/joinsleet68438
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.211.20 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
59c23c6fc8beb7f98fb5639b9c646574b64c954e77ad1c6a0465a4de525f47aa

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 22 May 2021 03:45:06 GMT
content-encoding
br
access-control-allow-credentials
true
server
nginx/1.19.5
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cs
rtb-msk-2.viadata.store/vast/ Frame DAB9 		71 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb-msk-2.viadata.store/vast/cs?zone=102415&w=432&h=243&site=https%3A%2F%2Fask.fm%2Fjoinsleet68438&vp=2&cbb=1655106189
Requested by
Host: ask.fm
URL: https://ask.fm/joinsleet68438
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.236 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
ea8c11136a7433434705f93ac9b944267b1e5b18cb713fe9817c7ca09c730cf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:45:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
age
0
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/xml; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-store
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
access-control-allow-headers
Content-Type, Accept
v0
vtg1.rktch.com/ Frame DAB9 		21 B
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vtg1.rktch.com/v0?i=11736&url=https%3A%2F%2Fask.fm%2Fjoinsleet68438&siteid=102415&cbb=1655106192
Requested by
Host: ask.fm
URL: https://ask.fm/joinsleet68438
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.5.169 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
d41257.acod.regrucolo.ru
Software
nginx/1.14.2 /
Resource Hash
64a76d85490bf923477d715fb998da7a59c66988a645d080e2436f40cb3190f6

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 03:45:06 GMT
Server
nginx/1.14.2
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST
Content-Type
text/xml; charset=UTF-8
Access-Control-Allow-Origin
https://ask.fm
Access-Control-Max-Age
0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, Authorization, x-ad4-*
rle.cgi
ad.adriver.ru/cgi-bin/ Frame DAB9 		5 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=222536&bn=1&bt=61&pz=0&w=400&h=220&vp=5&target=top&vmindn=5&vmaxdn=180&vminbtr=30&vmaxbtr=3000&tuid=1&rnd=1655106194&tail256=https%3A%2F%2Fask.fm%2F
Requested by
Host: ask.fm
URL: https://ask.fm/joinsleet68438
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.108.46 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
209cc3a4ecb0d2a8bc400823f6459da16a5972bb410a7869a6cdcfd4586f6552

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 22 May 2021 03:45:06 GMT
Transfer-Encoding
chunked
P3P
policyref="https://adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Access-Control-Allow-Origin
https://ask.fm
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/xml
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
ads.viralize.tv/vast/ Frame DAB9 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.viralize.tv/vast/?zid=AADPh4dFgdgbKwgH&u=ask.fm&cbb=1655106195
Requested by
Host: ask.fm
URL: https://ask.fm/joinsleet68438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
71cb99479ad35307245eeb07e3506e8686e2a3c12b7f9c528fd089fd80003deb

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:45:06 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding, Origin
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
expires
0
vast
moevideo.biz/ Frame DAB9 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/vast?ref=viads-ask.fm&impressionAfterPaid=1&es=1&vl=1&mvis=1&referrer=https%3A%2F%2Fask.fm%2Fjoinsleet68438&cbb=1655106196
Requested by
Host: ask.fm
URL: https://ask.fm/joinsleet68438
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.76 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f9.moevideo.net
Software
nginx / PHP/5.5.38
Resource Hash
a160c83b724c27140f51faf8ffc7a1586239119ee081d8235e6cb9991d17263c

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 03:45:06 GMT
Content-Encoding
gzip
X-Mv-Embed-Version
1352
X-Powered-By
PHP/5.5.38
Transfer-Encoding
chunked
Connection
keep-alive
X-My-Reqtime
0.089
Pragma
no-cache
Last-Modified
Sat, 22 May 2021 03:45:06 GMT
Server
nginx
X-My-Name
s36
Access-Control-Allow-Methods
GET, POST
Content-Type
application/xml
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
X-Mv-TryCache
0
X-My-App-Time
0.001
Access-Control-Allow-Headers
Content-Type, Accept
Expires
Thu, 19 Feb 1998 13:24:18 GMT
dsp
logs.viadata.store/event/ Frame DAB9 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logs.viadata.store/event/dsp?sid=102415&event=rtb&event2=request&cb=1621655106187&tid=2110
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:45:06 GMT
x-content-type-options
nosniff
last-modified
Sat, 22 May 2021 03:45:06 GMT
server
nginx
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT
dsp
logs.viadata.store/event/ Frame DAB9 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logs.viadata.store/event/dsp?sid=102415&event=rtb&event2=request&cb=1621655106189&tid=2106
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:45:06 GMT
x-content-type-options
nosniff
last-modified
Sat, 22 May 2021 03:45:06 GMT
server
nginx
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT
dsp
logs.viadata.store/event/ Frame DAB9 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logs.viadata.store/event/dsp?sid=102415&event=rtb&event2=request&cb=1621655106190&tid=2552
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:45:06 GMT
x-content-type-options
nosniff
last-modified
Sat, 22 May 2021 03:45:06 GMT
server
nginx
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT
dsp
logs.viadata.store/event/ Frame DAB9 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logs.viadata.store/event/dsp?sid=102415&event=rtb&event2=request&cb=1621655106192&tid=2108
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:45:06 GMT
x-content-type-options
nosniff
last-modified
Sat, 22 May 2021 03:45:06 GMT
server
nginx
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT
dsp
logs.viadata.store/event/ Frame DAB9 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logs.viadata.store/event/dsp?sid=102415&event=rtb&event2=request&cb=1621655106193&tid=4760
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:45:06 GMT
x-content-type-options
nosniff
last-modified
Sat, 22 May 2021 03:45:06 GMT
server
nginx
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT
dsp
logs.viadata.store/event/ Frame DAB9 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logs.viadata.store/event/dsp?sid=102415&event=rtb&event2=request&cb=1621655106194&tid=2111
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:45:06 GMT
x-content-type-options
nosniff
last-modified
Sat, 22 May 2021 03:45:06 GMT
server
nginx
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT
dsp
logs.viadata.store/event/ Frame DAB9 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logs.viadata.store/event/dsp?sid=102415&event=rtb&event2=request&cb=1621655106195&tid=2555
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:45:06 GMT
x-content-type-options
nosniff
last-modified
Sat, 22 May 2021 03:45:06 GMT
server
nginx
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT
dsp
logs.viadata.store/event/ Frame DAB9 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logs.viadata.store/event/dsp?sid=102415&event=rtb&event2=request&cb=1621655106196&tid=2109
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:45:06 GMT
x-content-type-options
nosniff
last-modified
Sat, 22 May 2021 03:45:06 GMT
server
nginx
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT
viralize_vpaid.min.d7315bd0.js
static.viralize.tv/ Frame 6CE3 		60 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.viralize.tv/viralize_vpaid.min.d7315bd0.js?e=ops
Requested by
Host: ask.fm
URL: https://ask.fm/joinsleet68438
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
86034ce77b3a6b40a35a983344766af5d5f5321ef04e81ec86cb2332d8676d66

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:06 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UyxHxuxGZDgkzbQKsyqv9ajuEjm7T9MrbV8s9MKaJ3LA6_yYHidPWtOtK_po3yE6K713RoO6LTBtZfgBYSieEuI8ugKxg
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
18173
last-modified
Mon, 17 May 2021 13:15:57 GMT
server
UploadServer
etag
"d7315bd0cad47e1de22db2bcee62a5da"
vary
Accept-Encoding
x-goog-hash
crc32c=LNcUbg==, md5=1zFb0MrUfh3iLbK87mKl2g==
x-goog-generation
1621257357658649
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-goog-stored-content-length
61774
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 21 Jun 2021 03:45:06 GMT
vpaid.min.js
moevideo.biz/embed/player/1661/vpaid/ Frame 26FA 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/player/1661/vpaid/vpaid.min.js
Requested by
Host: ask.fm
URL: https://ask.fm/joinsleet68438
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.76 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f9.moevideo.net
Software
nginx /
Resource Hash
e3cedeedecd228caa058b365fd4dd4a40f1995c71bc979fe79827bb752bbe2b8

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 03:45:06 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Apr 2021 12:17:35 GMT
Server
nginx
X-My-Name
s1
ETag
W/"60758bdf-1c64"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Connection
keep-alive
X-My-Reqtime
0.000
/
ads.viralize.tv/player/ Frame 6CE3 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.viralize.tv/player/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fask.fm&cbb=1655106195&sid=01ebbab0190be806f32aac0d97bedb31&experiment=ops.v&ahd=1&enable_branding=0&player_session=%7B%22page_id%22%3A%220179922d043c7868c2b3a09b07c70f0%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22width%22%3A432%2C%22height%22%3A243%7D%2C%22pub_platform%22%3A%22%22%7D&dd=ask.fm&sc=1&gdpr=1&cs=&cmp=unavailable
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.d7315bd0.js?e=ops
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
6d3f9a79b2fa5b0dc0f9087b25d0675e1697de9756ea0da16ae694ed7be59ba8

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:06 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
raven.min.js
cdn.ravenjs.com/3.17.0/ Frame B6F1 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ravenjs.com/3.17.0/raven.min.js
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.d7315bd0.js?e=ops
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:06 GMT
content-encoding
gzip
last-modified
Thu, 13 Jul 2017 16:58:06 GMT
server
Fastly
age
26096
etag
"51d6eff0ea5151f41fa0e2f3310fc7c7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
9634
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.1/ Frame B6F1 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.1/jquery.min.js
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.d7315bd0.js?e=ops
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 21:19:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23112
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34056
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 May 2022 21:19:54 GMT
polyfill.min.js
polyfill.io/v3/ Frame B6F1 		72 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es5,es6,es7&flags=gated
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.d7315bd0.js?e=ops
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
9847557
detected-user-agent
Chrome/89.0.4389
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length
74
referrer-policy
origin-when-cross-origin
last-modified
Thu, 28 Jan 2021 00:45:25 GMT
date
Sat, 22 May 2021 03:45:06 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/89.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame B6F1 		334 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.d7315bd0.js?e=ops
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f70fee72f4b08b7a97e7740fc8bbc725f9877ce869b60a8e2f233327b52fb020
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117244
x-xss-protection
0
expires
Sat, 22 May 2021 03:45:06 GMT
viralize_player.min.fabab513.js
static.viralize.tv/ Frame B6F1 		620 KB
180 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.viralize.tv/viralize_player.min.fabab513.js?e=ops
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.d7315bd0.js?e=ops
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
817384cf858af3b24293ea9cdce876477a4ec2e6bd1bd37ff7d0a4012f97f8f8

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:06 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UzZwiawvFQK0QGKXn3hbnc5nDg9xqsykLslK0I39OuMk8ImlvIoU94w4_QAxV0ZsQa7N617yhc2wPUEf8epnB3H6yuJBw
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
182957
last-modified
Fri, 21 May 2021 11:25:00 GMT
server
UploadServer
etag
"fabab513c32ae27db080ed8283cdc6d5"
vary
Accept-Encoding
x-goog-hash
crc32c=D/dkTg==, md5=+rq1E8Mq4n2wgO2Cg83G1Q==
x-goog-generation
1621596300129205
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-goog-stored-content-length
634663
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 21 Jun 2021 03:45:06 GMT
context.js
an.yandex.ru/system/ 		136 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/system/context.js
Requested by
Host: ask.fm
URL: https://ask.fm/joinsleet68438
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
3edc01a4f42ce823ebd2ccf97481c1de8074ab4c31bd4e043b70ec18383c94b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
strict-transport-security
max-age=31536000
content-encoding
br
etag
3016579030
x-yandex-req-id
1621655106447980-875493213811655133200174-production-app-host-man-pcode-20
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 22 May 2021 04:45:06 GMT
polyfill.min.js
polyfill.io/v3/ Frame B6F1 		72 B
116 B 		Other
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es5,es6,es7&flags=gated
Requested by
Host: ask.fm
URL: https://ask.fm/joinsleet68438
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
9847557
detected-user-agent
Chrome/89.0.4389
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length
74
referrer-policy
origin-when-cross-origin
last-modified
Thu, 28 Jan 2021 00:45:25 GMT
date
Sat, 22 May 2021 03:45:06 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/89.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame B6F1 		276 B
614 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
8637f09484addb912546f927d8a22820675942f84705510419524dc352563e06

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:45:06 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://ask.fm
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
translator
hbopenbid.pubmatic.com/ Frame B6F1 		0
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ask.fm
date
Sat, 22 May 2021 03:45:05 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
avjp
viralize-d.openx.net/v/1.0/ Frame B6F1 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://viralize-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fask.fm&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=2f2f5927-068d-4ac9-bd5a-d67d93deb49a&nocache=1621655106479&gdpr_consent=&gdpr=1&schain=1.0%2C1!viralize.com%2C4704%2C1%2C%2C%2C&auid=544032750&vwd=640&vht=480
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.207.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:45:06 GMT
via
1.1 google
server
OXGW/16.207.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ask.fm
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
ads.viralize.tv/t-bid-opportunity/ Frame B6F1 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ebbab0190be806f32aac0d97bedb31&item=YWRuXzY4Mzg0Shntk5pIig%3D%3D.1.wp1sc1
Requested by
Host: ask.fm
URL: https://ask.fm/joinsleet68438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:06 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
ads.viralize.tv/t-bid-opportunity/ Frame B6F1 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ebbab0190be806f32aac0d97bedb31&item=YWRuXzY2NzY1nR1eGiRpXQ%3D%3D.13.wp13sc1
Requested by
Host: ask.fm
URL: https://ask.fm/joinsleet68438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:06 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
ads.viralize.tv/t-bid-opportunity/ Frame B6F1 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ebbab0190be806f32aac0d97bedb31&item=YWRuXzY2OTIPtmNwRrKDbw%3D%3D.10.wp10sc1
Requested by
Host: ask.fm
URL: https://ask.fm/joinsleet68438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:06 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
Cookie set vpaid
moevideo.biz/embed/ Frame E67B 		21 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/vpaid?token=iE8CiE0DpaibJX5Fp%2FSYIeO3kKjLfV3WROYHOVgRDGHVS1bSVgIRDoinAt%2BsKjjU&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fjoinsleet68438&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1661/vpaid/vpaid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.76 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f9.moevideo.net
Software
nginx / PHP/5.5.38
Resource Hash
90c2dcda46f9234908f21d19652bc63451b5db0c40d5ac16f9b582a18614444d

Request headers

Host
moevideo.biz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ask.fm/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ask.fm/

Response headers

Server
nginx
Date
Sat, 22 May 2021 03:45:06 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.5.38
Set-Cookie
mvuid=94ecb61b95f1346b6219;expires=Sun, 22-May-2022 06:45:06 GMT;Max-Age=31536000;path=/;SameSite=None mvsid=29b7ca05-7d96-46f7-810b-38241ae81d84;path=/;SameSite=None
X-My-Adv-Time
0.00107884407043
Expires
Thu, 19 Feb 1998 13:24:18 GMT
Last-Modified
Sat, 22 May 2021 03:45:06 GMT
Cache-Control
max-age=0
Pragma
no-cache
X-Mv-TryCache
0
X-My-App-Time
0.007
X-Mv-Embed-Version
1352
X-My-Name
s35
X-My-Reqtime
0.105
Content-Encoding
gzip
ext
video-library.showheroes.com/player/ Frame B6F1 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video-library.showheroes.com/player/ext?sh_pe=publisher&player_id=eb49cfb1-fe01-4d2d-bafe-5433cfc9ddac&pageurl=https%3A%2F%2Fask.fm&rnd=1621655106&gdpr_consent=&gdpr_applies=1
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
167.233.6.13 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
253bb291bfe03dfc9067c219d650814c60d561f7adb312ae6e3bb463e4d03206

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:06 GMT
content-encoding
gzip
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, User-Agent, Origin
content-security-policy-report-only
report-to default
access-control-allow-methods
OPTIONS,POST,GET
pragma
no-cache
server
nginx/1.18.0
access-control-max-age
604800
report-to
{ "group": "default", "endpoints": [ { "url": "https://receiver-hetzner.showheroes.com/reports" } ], "max_age": 3600, "include_subdomains": true }
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://ask.fm
cache-control
must-revalidate, private
access-control-allow-credentials
true
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-shard-server
showheroes.com
expires
-1
/
ads.viralize.tv/t-bid-opportunity/ Frame B6F1 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ebbab0190be806f32aac0d97bedb31&item=YWRuXzY4NjAurvyWUMvxHw%3D%3D.2.wp2sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:06 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
ads.viralize.tv/t-bid-done/ Frame B6F1 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-done/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&item=YWRuXzY4NjAurvyWUMvxHw%3D%3D&sc=wp2sc1&l=vpaid&as=ShowHeroes%20AdHero&ct=application%2Fjavascript&sid=01ebbab0190be806f32aac0d97bedb31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:06 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
vpaid-shplayer.js
static.showheroes.com/ Frame D44A 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.showheroes.com/vpaid-shplayer.js
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_player.min.fabab513.js?e=ops
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
540c450b5062bc620bd54e430f6cab4f31379f9efa5bfe35b2e1829d71732a89

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:06 GMT
content-encoding
gzip
last-modified
Fri, 21 May 2021 09:51:32 GMT
etag
"1621590692"
x-hw
1621655106.dop122.fr8.t,1621655106.cds283.fr8.hn,1621655106.cds263.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
content-length
2718
/
ads.viralize.tv/track/ Frame B6F1 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebbab0190be806f32aac0d97bedb31%3A0%3AYWRuXzY4Mzg0Shntk5pIig%3D%3D~wp1sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzY4Mzg0Shntk5pIig%3D%3D~wp1sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebbab0190be806f32aac0d97bedb31%3A0%3AYWRuXzY2OTIPtmNwRrKDbw%3D%3D~wp10sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzY2OTIPtmNwRrKDbw%3D%3D~wp10sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebbab0190be806f32aac0d97bedb31%3A0%3AYWRuXzY2NzY1nR1eGiRpXQ%3D%3D~wp13sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzY2NzY1nR1eGiRpXQ%3D%3D~wp13sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_done%22%2C%22session_id%22%3A%2201ebbab0190be806f32aac0d97bedb31%3A0%3AYWRuXzY4NjAurvyWUMvxHw%3D%3D~wp2sc1%3A0%22%2C%22bid_done_id%22%3A%220%22%2C%22label%22%3A%22bid_selected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:06 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
publishertag.js
static.showheroes.com/ Frame 7FAA 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.showheroes.com/publishertag.js
Requested by
Host: static.showheroes.com
URL: https://static.showheroes.com/vpaid-shplayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
cce1318e6809c9b05c308f5139b32f0bfd73a5854babcf2514f7d68b0f20f8da

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:06 GMT
content-encoding
gzip
last-modified
Fri, 21 May 2021 09:51:32 GMT
etag
"1621590692"
x-hw
1621655106.dop122.fr8.t,1621655106.cds283.fr8.hn,1621655106.cds147.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
content-length
3320
styles.css
moevideo.biz/embed/player/1661/skins/gray/ Frame E67B 		54 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/player/1661/skins/gray/styles.css
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=iE8CiE0DpaibJX5Fp%2FSYIeO3kKjLfV3WROYHOVgRDGHVS1bSVgIRDoinAt%2BsKjjU&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fjoinsleet68438&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.76 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f9.moevideo.net
Software
nginx /
Resource Hash
8981b7634262efb2ccddde3aaf691c544eb2e2a9f95fe7f7976d6574a14999e4

Request headers

Referer
https://moevideo.biz/embed/vpaid?token=iE8CiE0DpaibJX5Fp%2FSYIeO3kKjLfV3WROYHOVgRDGHVS1bSVgIRDoinAt%2BsKjjU&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fjoinsleet68438&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 03:45:06 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Apr 2021 12:16:35 GMT
Server
nginx
X-My-Name
s2
ETag
W/"60758ba3-d99f"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
X-My-Reqtime
0.000
mvplayer.min.js
moevideo.biz/embed/player/1661/ Frame E67B 		574 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/player/1661/mvplayer.min.js
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=iE8CiE0DpaibJX5Fp%2FSYIeO3kKjLfV3WROYHOVgRDGHVS1bSVgIRDoinAt%2BsKjjU&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fjoinsleet68438&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.76 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f9.moevideo.net
Software
nginx /
Resource Hash
5ac8bf8a7a52ce541b0804f46220ad95e33b718a2e5c3d028bdf1434848d6731

Request headers

Referer
https://moevideo.biz/embed/vpaid?token=iE8CiE0DpaibJX5Fp%2FSYIeO3kKjLfV3WROYHOVgRDGHVS1bSVgIRDoinAt%2BsKjjU&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fjoinsleet68438&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 03:45:06 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Apr 2021 12:17:46 GMT
Server
nginx
X-My-Name
s2
ETag
W/"60758bea-8f7eb"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Connection
keep-alive
X-My-Reqtime
0.000
set
playreplay.me/api/cookie/ Frame E67B 		0
332 B 		Script
General
Check archive.org
Download Go to
Full URL
https://playreplay.me/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%2294ecb61b95f1346b6219%22},{%22key%22:%22mvsid%22,%22value%22:%2229b7ca05-7d96-46f7-810b-38241ae81d84%22}]
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=iE8CiE0DpaibJX5Fp%2FSYIeO3kKjLfV3WROYHOVgRDGHVS1bSVgIRDoinAt%2BsKjjU&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fjoinsleet68438&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.253 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 03:45:06 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
X-My-Reqtime
0.094
set
thesame.tv/api/cookie/ Frame E67B 		0
332 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thesame.tv/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%2294ecb61b95f1346b6219%22},{%22key%22:%22mvsid%22,%22value%22:%2229b7ca05-7d96-46f7-810b-38241ae81d84%22}]
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=iE8CiE0DpaibJX5Fp%2FSYIeO3kKjLfV3WROYHOVgRDGHVS1bSVgIRDoinAt%2BsKjjU&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fjoinsleet68438&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.107 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f45.moevideo.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 03:45:07 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
X-My-Reqtime
0.081
set
moevideo.biz/api/cookie/ Frame E67B 		0
332 B 		Script
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%2294ecb61b95f1346b6219%22},{%22key%22:%22mvsid%22,%22value%22:%2229b7ca05-7d96-46f7-810b-38241ae81d84%22}]
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=iE8CiE0DpaibJX5Fp%2FSYIeO3kKjLfV3WROYHOVgRDGHVS1bSVgIRDoinAt%2BsKjjU&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fjoinsleet68438&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.76 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f9.moevideo.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://moevideo.biz/embed/vpaid?token=iE8CiE0DpaibJX5Fp%2FSYIeO3kKjLfV3WROYHOVgRDGHVS1bSVgIRDoinAt%2BsKjjU&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fjoinsleet68438&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 03:45:07 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
X-My-Reqtime
0.086
set
cs-0.moevideo.biz/api/cookie/ Frame E67B 		0
332 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cs-0.moevideo.biz/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%2294ecb61b95f1346b6219%22},{%22key%22:%22mvsid%22,%22value%22:%2229b7ca05-7d96-46f7-810b-38241ae81d84%22}]
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=iE8CiE0DpaibJX5Fp%2FSYIeO3kKjLfV3WROYHOVgRDGHVS1bSVgIRDoinAt%2BsKjjU&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fjoinsleet68438&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
83.229.25.63 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 03:45:07 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
X-My-Reqtime
0.080
set
playreplay.net/api/cookie/ Frame E67B 		0
332 B 		Script
General
Check archive.org
Download Go to
Full URL
https://playreplay.net/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%2294ecb61b95f1346b6219%22},{%22key%22:%22mvsid%22,%22value%22:%2229b7ca05-7d96-46f7-810b-38241ae81d84%22}]
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=iE8CiE0DpaibJX5Fp%2FSYIeO3kKjLfV3WROYHOVgRDGHVS1bSVgIRDoinAt%2BsKjjU&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fjoinsleet68438&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.191 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f31.moevideo.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 03:45:07 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
X-My-Reqtime
0.087
pubtag.js
static.showheroes.com/ Frame 7FAA 		160 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.showheroes.com/pubtag.js?rnd=5111305910101551
Requested by
Host: static.showheroes.com
URL: https://static.showheroes.com/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
e14924be53155841f0773e10a9cdfa1cc672a251f807a131293e9e3c30542a0a

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:06 GMT
content-encoding
gzip
last-modified
Fri, 21 May 2021 09:51:32 GMT
etag
"1621590692"
x-hw
1621655106.dop122.fr8.t,1621655106.cds283.fr8.hn,1621655106.cds291.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
content-length
45455
iframe
video-library.showheroes.com/spot/ Frame 1A50 		482 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video-library.showheroes.com/spot/iframe?pageurl=https%3A%2F%2Fask.fm&player=eb49cfb1-fe01-4d2d-bafe-5433cfc9ddac&player_type=publisher&debug=0&spsize=0x0&vpaid=1&footer=0&cmacros=%7B%22rpageurl%22%3A%22https%3A%2F%2Fask.fm%22%2C%22gdpr_applies%22%3A%221%22%2C%22user_consent_string%22%3A%22BO56w_lO56xKLAHABBENDW-AAAAyOAYAAqAB4AEEAJwAoABaADIAGkARABGACYAE8AKQAWwAxABvADmAH6AQABAgCGgFIAUoA4QCKAEdAKyAXUA%22%7D&native=true&consentData=BO56w_lO56xKLAHABBENDW-AAAAyOAYAAqAB4AEEAJwAoABaADIAGkARABGACYAE8AKQAWwAxABvADmAH6AQABAgCGgFIAUoA4QCKAEdAKyAXUA&gdprApplies=1
Requested by
Host: static.showheroes.com
URL: https://static.showheroes.com/pubtag.js?rnd=5111305910101551
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
167.233.6.13 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
1544d44c3488bcb118595e776fa579a8982260f6c7f4bd3a9ccbf4d426d8b6ec

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:45:06 GMT
content-encoding
gzip
content-security-policy-report-only
report-to default
server
nginx/1.18.0
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{ "group": "default", "endpoints": [ { "url": "https://receiver-hetzner.showheroes.com/reports" } ], "max_age": 3600, "include_subdomains": true }
content-type
application/javascript; charset=utf-8
cache-control
private, must-revalidate
x-shard-server
showheroes.com
expires
-1
litmus.mp4
static.showheroes.com/ Frame 7FAA 		3 KB
3 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.showheroes.com/litmus.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
cff86d9a03a25977318fbeef5799b8f0122cff4b763f58507cef01891d2de01a

Request headers

Referer
https://ask.fm/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Sat, 22 May 2021 03:45:06 GMT
last-modified
Tue, 08 Aug 2017 17:16:18 GMT
access-control-allow-origin
*
etag
"1502212578"
x-hw
1621655106.dop122.fr8.t,1621655106.cds283.fr8.hn,1621655106.cds270.fr8.c
content-type
video/mp4
Content-Range
bytes 0-2699/2700
cache-control
max-age=300
accept-ranges
bytes
Content-Length
2700
storage.html
moe.video/ Frame A629 		18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moe.video/storage.html?v=08
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1661/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.106.11 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Host
moe.video
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://moevideo.biz/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://moevideo.biz/

Response headers

Server
nginx
Date
Sat, 22 May 2021 03:45:07 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Fri, 07 May 2021 20:11:34 GMT
ETag
W/"60959ef6-4783"
X-My-Name
s3
X-My-Reqtime
0.079
X-B-Name
f39
Content-Encoding
gzip
truncated
/ Frame E67B 		313 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6add357eb64adef558f956767816927de0b8be69dd7a8f50953a0f79ee20daee

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
pcmd.js
arv2.showheroes.com/v1/ Frame 1A50 		32 B
283 B 		Script
General
Check archive.org
Download Go to
Full URL
https://arv2.showheroes.com/v1/pcmd.js?ref=https%3A%2F%2Fask.fm
Requested by
Host: video-library.showheroes.com
URL: https://video-library.showheroes.com/spot/iframe?pageurl=https%3A%2F%2Fask.fm&player=eb49cfb1-fe01-4d2d-bafe-5433cfc9ddac&player_type=publisher&debug=0&spsize=0x0&vpaid=1&footer=0&cmacros=%7B%22rpageurl%22%3A%22https%3A%2F%2Fask.fm%22%2C%22gdpr_applies%22%3A%221%22%2C%22user_consent_string%22%3A%22BO56w_lO56xKLAHABBENDW-AAAAyOAYAAqAB4AEEAJwAoABaADIAGkARABGACYAE8AKQAWwAxABvADmAH6AQABAgCGgFIAUoA4QCKAEdAKyAXUA%22%7D&native=true&consentData=BO56w_lO56xKLAHABBENDW-AAAAyOAYAAqAB4AEEAJwAoABaADIAGkARABGACYAE8AKQAWwAxABvADmAH6AQABAgCGgFIAUoA4QCKAEdAKyAXUA&gdprApplies=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.30.201 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.19.2 / PHP/7.3.22
Resource Hash
d89ffae99980c82d292faa3c4870635189ec7b4bbaf400412032a66c5a3bceba
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:45:06 GMT
content-encoding
gzip
server
nginx/1.19.2
x-powered-by
PHP/7.3.22
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
no-store, private
strict-transport-security
max-age=15724800; includeSubDomains
getuid
sync.showheroes.com/ Frame 1A50
Redirect Chain
  • https://sync.showheroes.com/getuid?gdpr=1&gdpr_consent=BO56w_lO56xKLAHABBENDW-AAAAyOAYAAqAB4AEEAJwAoABaADIAGkARABGACYAE8AKQAWwAxABvADmAH6AQABAgCGgFIAUoA4QCKAEdAKyAXUA
  • https://sync.showheroes.com/getuid?gdpr=1&gdpr_consent=BO56w_lO56xKLAHABBENDW-AAAAyOAYAAqAB4AEEAJwAoABaADIAGkARABGACYAE8AKQAWwAxABvADmAH6AQABAgCGgFIAUoA4QCKAEdAKyAXUA&q=%2Fgetuid&cvrd=1
43 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.showheroes.com/getuid?gdpr=1&gdpr_consent=BO56w_lO56xKLAHABBENDW-AAAAyOAYAAqAB4AEEAJwAoABaADIAGkARABGACYAE8AKQAWwAxABvADmAH6AQABAgCGgFIAUoA4QCKAEdAKyAXUA&q=%2Fgetuid&cvrd=1
Requested by
Host: ask.fm
URL: https://ask.fm/joinsleet68438
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
167.233.6.13 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 / PHP/7.3.22
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:45:07 GMT
server
nginx/1.18.0
x-powered-by
PHP/7.3.22
access-control-max-age
0
access-control-allow-methods
OPTIONS,POST,GET
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
access-control-allow-credentials
true
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

Redirect headers

date
Sat, 22 May 2021 03:45:06 GMT
server
nginx/1.18.0
location
http://sync.showheroes.com/getuid?gdpr=1&gdpr_consent=BO56w_lO56xKLAHABBENDW-AAAAyOAYAAqAB4AEEAJwAoABaADIAGkARABGACYAE8AKQAWwAxABvADmAH6AQABAgCGgFIAUoA4QCKAEdAKyAXUA&q=%2Fgetuid&cvrd=1
x-powered-by
PHP/7.3.22
access-control-max-age
0
access-control-allow-methods
OPTIONS,POST,GET
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, private
access-control-allow-credentials
true
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
default.js
ups.xplosion.de/loader/44907/ Frame 1A50
Redirect Chain
  • https://dyn.emetriq.de/loader/44907/default.js?vendorId=213&vendorRestr=1,9&gdpr_consent=BO56w_lO56xKLAHABBENDW-AAAAyOAYAAqAB4AEEAJwAoABaADIAGkARABGACYAE8AKQAWwAxABvADmAH6AQABAgCGgFIAUoA4QCKAEdAKyA...
  • https://ups.xplosion.de/loader/44907/default.js?vendorId=213&vendorRestr=1,9&gdpr_consent=BO56w_lO56xKLAHABBENDW-AAAAyOAYAAqAB4AEEAJwAoABaADIAGkARABGACYAE8AKQAWwAxABvADmAH6AQABAgCGgFIAUoA4QCKAEdAKy...
868 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ups.xplosion.de/loader/44907/default.js?vendorId=213&vendorRestr=1,9&gdpr_consent=BO56w_lO56xKLAHABBENDW-AAAAyOAYAAqAB4AEEAJwAoABaADIAGkARABGACYAE8AKQAWwAxABvADmAH6AQABAgCGgFIAUoA4QCKAEdAKyAXUA&gdpr=1
Requested by
Host: ask.fm
URL: https://ask.fm/joinsleet68438
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.54.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-54-187.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d658bab407fdb5b6ea79b6c3b7412199dbf00416d7b94ea46c57d5e56a9b1cca

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 22 May 2021 03:45:07 GMT
cache-control
must-revalidate,no-cache,no-store
content-type
text/javascript
content-length
868
p3p
CP="NOI DSP COR NID PSAo OUR SAMo BUS"

Redirect headers

location
https://ups.xplosion.de:443/loader/44907/default.js?vendorId=213&vendorRestr=1,9&gdpr_consent=BO56w_lO56xKLAHABBENDW-AAAAyOAYAAqAB4AEEAJwAoABaADIAGkARABGACYAE8AKQAWwAxABvADmAH6AQABAgCGgFIAUoA4QCKAEdAKyAXUA&gdpr=1
date
Sat, 22 May 2021 03:45:06 GMT
server
awselb/2.0
content-length
110
content-type
text/html
report-video
receiver-hetzner.showheroes.com/events/ Frame 1A50 		43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://receiver-hetzner.showheroes.com/events/report-video?event=loaded&rnd=40284549&player_id=eb49cfb1-fe01-4d2d-bafe-5433cfc9ddac&sh_adhsu=0&player_type=publisher&player_engine=native&device_size=small&publisherid=&gdpr=1&sh_wilt=1621655106&sh_shcn=a&sh_ss=[SH_SS]&sh_pvr=0.2&sas_ontid=[sas_ontid]&pageurl=https%3A%2F%2Fask.fm
Requested by
Host: ask.fm
URL: https://ask.fm/joinsleet68438
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
167.233.6.13 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:45:06 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
server
nginx/1.18.0
content-length
43
content-type
image/gif
prebid.v1.js
static.showheroes.com/ Frame 7FAA 		272 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.showheroes.com/prebid.v1.js
Requested by
Host: static.showheroes.com
URL: https://static.showheroes.com/pubtag.js?rnd=5111305910101551
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
a4705fdb580e2e4a07465c93e15812fc8f9ba210ed3cf884a19e540348817305

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:06 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 10:39:39 GMT
etag
"1621507179"
x-hw
1621655106.dop122.fr8.t,1621655106.cds283.fr8.hn,1621655106.cds016.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
content-length
89493
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 7FAA 		2 KB
1011 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210522
Requested by
Host: static.showheroes.com
URL: https://static.showheroes.com/prebid.v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
629ae7ea2d3b37d20dbe091139a589730f71f03dcc7e96b26625a1186944788e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
37464
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
942
etag
W/"69c-E36ZA3rHOjYEqJ4zLEUELdsGSgU"
x-served-by
cache-fra19182-FRA
date
Sat, 22 May 2021 03:45:07 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
p.min.js
cdn.xplosion.de/adp/profiling/0.2.68/ Frame 1A50 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.xplosion.de/adp/profiling/0.2.68/p.min.js
Requested by
Host: dyn.emetriq.de
URL: https://dyn.emetriq.de/loader/44907/default.js?vendorId=213&vendorRestr=1,9&gdpr_consent=BO56w_lO56xKLAHABBENDW-AAAAyOAYAAqAB4AEEAJwAoABaADIAGkARABGACYAE8AKQAWwAxABvADmAH6AQABAgCGgFIAUoA4QCKAEdAKyAXUA&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:4400:e:29d5:db00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b545ba8ec738538426fee411cf45788a539a6332baea682257b1e2f371e54d

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
f253FphS_ziourJz9_bIKI1XXEOokBYM
content-encoding
gzip
last-modified
Tue, 29 Sep 2020 11:36:26 GMT
server
AmazonS3
age
40441
etag
W/"e896f28601649705582330a5315e7ab7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
cache-control
max-age=31536000, no-transform, public
date
Fri, 21 May 2021 16:31:07 GMT
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
oJ2NqV9CcGGKkCfMtVhHOxZNeAg15JX-ujlzAWlj5p85ErzBYwTX6Q==
data
ups.xplosion.de/ Frame 1A50 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ups.xplosion.de/data?title=&hostSiteUrl=https%3A%2F%2Fask.fm%2Fjoinsleet68438&userAgent=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&userLang=en-US&color=24&os=Linux%20x86_64&timezone=-2&screen=1200x1600&event_id=page_view&gdpr=&gdpr_consent=&gdpr_success=1&gdpr_path=d&gdpr_is_ifr=true&gdpr_cmp_loc_1=false&gdpr_cmp_loc_2=false&_rfs=1&_sid=44907&_ver=0.2.68&_seg=jsonp&_=692854893119
Requested by
Host: cdn.xplosion.de
URL: https://cdn.xplosion.de/adp/profiling/0.2.68/p.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.54.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-54-187.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
daeb0df05d7e39e586d104948b94e640325bf2317685789c20286e6838efda6c

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 22 May 2021 03:45:07 GMT
cache-control
must-revalidate,no-cache,no-store
content-type
text/javascript
content-length
1300
p3p
CP="NOI DSP COR NID PSAo OUR SAMo BUS"
analytics.js
www.google-analytics.com/ Frame E67B 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=iE8CiE0DpaibJX5Fp%2FSYIeO3kKjLfV3WROYHOVgRDGHVS1bSVgIRDoinAt%2BsKjjU&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fjoinsleet68438&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
4695
date
Sat, 22 May 2021 02:26:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Sat, 22 May 2021 04:26:52 GMT
ads-async.js
ad.mail.ru/static/ Frame E67B 		197 B
489 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/static/ads-async.js
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=iE8CiE0DpaibJX5Fp%2FSYIeO3kKjLfV3WROYHOVgRDGHVS1bSVgIRDoinAt%2BsKjjU&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fjoinsleet68438&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
66d1c7aa064387309678f78ae89291315e156ae7a6247f84b8813cd2a23d9318

Request headers

Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 03:45:07 GMT
Server
nginx
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=600
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
197
Expires
Sat, 22 May 2021 03:55:07 GMT
AdRiverFPS_MV.js
content.adriver.ru/banners/0007207/0007207973/0/ Frame E67B 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.adriver.ru/banners/0007207/0007207973/0/AdRiverFPS_MV.js?id1=94ecb61b95f1346b6219
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=iE8CiE0DpaibJX5Fp%2FSYIeO3kKjLfV3WROYHOVgRDGHVS1bSVgIRDoinAt%2BsKjjU&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fjoinsleet68438&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
83.222.14.222 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software
nginx /
Resource Hash
c95123ccc9890a5ac5dba9d9060abc099e1fcb9f7e1043c675188ac12942616f

Request headers

Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 03:45:07 GMT
last-modified
Fri, 09 Apr 2021 14:49:31 GMT
server
nginx
etag
"6070697b-26a8"
content-type
application/x-javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
9896
expires
Sat, 22 May 2021 04:45:07 GMT
389706
ad.mail.ru/vast/ Frame E67B 		0
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/389706?pr=7179103&sc=2453591051&dl=https%3A%2F%2Fmoevideo.biz%2Fembed%2Fvpaid%3Ftoken%3DiE8CiE0DpaibJX5Fp%252FSYIeO3kKjLfV3WROYHOVgRDGHVS1bSVgIRDoinAt%252BsKjjU%26ref%3Dviads-ask.fm%26title%3D%26duration%3D0%26test%3D0%26proxyVars%255Breferer%255D%3Dhttps%253A%252F%252Fask.fm%252Fjoinsleet68438%26impressionAfterPaid%3D1%26muteVisibleCheck%3D1%26vl%3D1%26es%3D1%26mvver%3D1661
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1661/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 03:45:07 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
json.cgi
ad.adriver.ru/cgi-bin/ Frame E67B 		384 B
1022 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.adriver.ru/cgi-bin/json.cgi?sid=1&ad=719473&bt=55&pid=3198680&bid=7189165&bn=7189165&custom=300=0;301=0;302=ACDXwNHTohp_UqDtQWKJrtQ;303=unavail;304=ACDXwNHTohp_UqDtQWKJrtQ;305=94ecb61b95f1346b6219;306=;307=;308=0;309=0
Requested by
Host: content.adriver.ru
URL: https://content.adriver.ru/banners/0007207/0007207973/0/AdRiverFPS_MV.js?id1=94ecb61b95f1346b6219
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.108.46 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
28ef08db2469e1ddcd482b9c5d95f94d0179066a06563c9fa4b45d1b39280ae5

Request headers

Referer
https://moevideo.biz/embed/vpaid?token=iE8CiE0DpaibJX5Fp%2FSYIeO3kKjLfV3WROYHOVgRDGHVS1bSVgIRDoinAt%2BsKjjU&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fjoinsleet68438&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 22 May 2021 03:45:07 GMT
Transfer-Encoding
chunked
P3P
policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Access-Control-Allow-Origin
https://moevideo.biz
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Expires
Thu, 01 Jan 1970 00:00:00 GMT
362146
ad.mail.ru/vast/ Frame E67B 		0
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/362146?rand=2547633&sc=2453591051&dl=https%3A%2F%2Fask.fm%2Fjoinsleet68438
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1661/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 03:45:07 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
04C5EF.js
r.mradx.net/img/BD/ Frame E67B 		119 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r.mradx.net/img/BD/04C5EF.js
Requested by
Host: ad.mail.ru
URL: https://ad.mail.ru/static/ads-async.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a00:1148:db00::28 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
ea28e1aaa70b7a1ef1e0e6d4f64e1104742ced233b3ee7b2d131f033cca66bca

Request headers

Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 03:45:07 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 09:46:15 GMT
Server
nginx
ETag
W/"60892ee7-1dc47"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Connection
keep-alive
Timing-Allow-Origin
*
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
adx.adform.net/adx/ Frame 7FAA 		5 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEwNTA1ODUmY3VycmVuY3k9RVVSJnRyYW5zYWN0aW9uSWQ9ZTE4MWUxZTItZTNjOS00MmE4LWFlNDUtZDg3YTRiZGM4NGVhJnJjdXI9RVVS&pt=gross&stid=e1eef250-927a-4035-9e06-bd1cc91a3bc4&gdpr=1&gdpr_consent=BO56w_lO56xKLAHABBENDW-AAAAyOAYAAqAB4AEEAJwAoABaADIAGkARABGACYAE8AKQAWwAxABvADmAH6AQABAgCGgFIAUoA4QCKAEdAKyAXUA&fd=1
Requested by
Host: static.showheroes.com
URL: https://static.showheroes.com/prebid.v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:45:07 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
/
ad.mail.ru/adq/ Frame E67B 		83 B
450 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/adq/?callback=mailru_ad1621655107443&q=199847&_=931399489
Requested by
Host: r.mradx.net
URL: https://r.mradx.net/img/BD/04C5EF.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
19dc325fb09ca6fc4e50eb7af94bfc64c6beb44a36030ccbd31948cc8c280ef8

Request headers

Referer
https://moevideo.biz/embed/vpaid?token=iE8CiE0DpaibJX5Fp%2FSYIeO3kKjLfV3WROYHOVgRDGHVS1bSVgIRDoinAt%2BsKjjU&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fjoinsleet68438&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 03:45:07 GMT
Content-Encoding
gzip
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Transfer-Encoding
chunked
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
private, no-cache, no-store
Connection
keep-alive
Timing-Allow-Origin
*
48953915
mc.yandex.com/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=7&wv-hit=816800526&page-url=https%3A%2F%2Fask.fm%2Fjoinsleet68438&rn=667320406&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1621655108%3Aw%3A1600x1200%3Av%3A504%3Az%3A120%3Ai%3A20210522054507%3Au%3A1621655093990692247%3Avf%3A5gv0p5rfujionf9a%3Awe%3A1%3Ati%3A2%3Ast%3A1621655108
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:45:07 GMT
last-modified
Sat, 22-May-2021 03:45:07 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 22-May-2021 03:45:07 GMT
48953915
mc.yandex.com/webvisor/ 		43 B
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=8&wv-hit=816800526&page-url=https%3A%2F%2Fask.fm%2Fjoinsleet68438&rn=929181861&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1621655110%3Aw%3A1600x1200%3Av%3A504%3Az%3A120%3Ai%3A20210522054509%3Au%3A1621655093990692247%3Avf%3A5gv0p5rfujionf9a%3Awe%3A1%3Ati%3A2%3Ast%3A1621655110
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:45:09 GMT
last-modified
Sat, 22-May-2021 03:45:09 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 22-May-2021 03:45:09 GMT
48953915
mc.yandex.com/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=9&wv-hit=816800526&page-url=https%3A%2F%2Fask.fm%2Fjoinsleet68438&rn=264674623&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1621655112%3Aw%3A1600x1200%3Av%3A504%3Az%3A120%3Ai%3A20210522054511%3Au%3A1621655093990692247%3Avf%3A5gv0p5rfujionf9a%3Awe%3A1%3Ati%3A2%3Ast%3A1621655112
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:45:11 GMT
last-modified
Sat, 22-May-2021 03:45:11 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 22-May-2021 03:45:11 GMT
48953915
mc.yandex.com/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=10&wv-hit=816800526&page-url=https%3A%2F%2Fask.fm%2Fjoinsleet68438&rn=756571435&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1621655114%3Aw%3A1600x1200%3Av%3A504%3Az%3A120%3Ai%3A20210522054513%3Au%3A1621655093990692247%3Avf%3A5gv0p5rfujionf9a%3Awe%3A1%3Ati%3A2%3Ast%3A1621655114
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:45:13 GMT
last-modified
Sat, 22-May-2021 03:45:13 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 22-May-2021 03:45:13 GMT
48953915
mc.yandex.com/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=11&wv-hit=816800526&page-url=https%3A%2F%2Fask.fm%2Fjoinsleet68438&rn=57987012&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1621655116%3Aw%3A1600x1200%3Av%3A504%3Az%3A120%3Ai%3A20210522054515%3Au%3A1621655093990692247%3Avf%3A5gv0p5rfujionf9a%3Awe%3A1%3Ati%3A2%3Ast%3A1621655116
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 May 2021 03:45:15 GMT
last-modified
Sat, 22-May-2021 03:45:15 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 22-May-2021 03:45:15 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Domain
loada.exelator.com
URL
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
Domain
aktrack.pubmatic.com
URL
https://aktrack.pubmatic.com/track?operId=7&p=156962&s=662277&a=2645917&ts=1621655106&wa=0&e=95&vc=2

Verdicts & Comments Add Verdict or Comment

133 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| logError function| $ function| jQuery function| PerfectScrollbar object| Turbolinks function| Cursores object| Utils object| Events object| Browser object| Turbolinkz function| Actions object| Ajax object| Mutex function| Pages object| AjaxUI object| ScrollBar object| AnswerCard object| ProfileTabCounters object| ThreadCounters object| Pager object| Config object| Answers undefined| AskfmAd undefined| Atcomplete undefined| Autofocus object| Flash object| Uploads object| Avatar object| Background object| Form object| Button object| Captcha function| Recaptcha2onLoad object| Checkbox object| ConfirmDialog function| Log object| PositionFixedFocus object| FacebookSharing object| Lightbox object| KeepAsking object| Omniconvert object| Yandex object| TrackingGoals object| FormXHR object| Gdpr object| GoogleAnalytics undefined| HoverToActive object| LoginCheck object| MassAsk object| Media object| Notifications object| Offers object| OnlineStatus undefined| Optad360 object| PhotoAnswer object| Photopoll object| PopupCallback object| Pymk object| Questions object| SecretAnswers undefined| ServiceWorkerRemoval object| Stream undefined| Tagcomplete object| Toggle object| Tracking object| UpdatePinger undefined| Viads object| Viewport function| ym object| goal_name object| Ya object| yaCounter48953915 function| fbAsyncInit object| dataLayer object| FB object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| googletag object| AdSlotCollection object| regeneratorRuntime object| pbjs325474 object| gaplugins object| gaGlobal object| gaData object| __uspClient object| __cmpClient object| __oa360ScriptsState boolean| __isGoogleAllowed function| avPlayer function| viadsClosePlayer function| pbjs325474Chunk object| _pbjsGlobals function| JSEncrypt object| ADAGIO object| storageAni string| viPlayerStatus object| __VR object| vpt object| s object| c object| h object| sl function| Hls boolean| sas_noad number| google_global_correlator object| pcodeJsonp14704Fre79cSrfb object| ya boolean| yandex_context_perf_logging object| yaCounter652294 function| AdPlayerPro object| DMVAST function| playerPro

8 Cookies

Domain/Path Name / Value
.ask.fm/ Name: _ym_isad
Value: 2
.ask.fm/ Name: _ym_d
Value: 1621655093
.ask.fm/ Name: _ym_uid
Value: 1621655093990692247
ask.fm/ Name: _m_ask_fm_session
Value: Rk9WYWRld1FDN0haaUlQUk1KSEh1K0VIQVVUNlZ4U2NPcll0eXl4RHlZQ21teW5QVWlRSm5qRmUvY2RGOFA5UFNjV1daVGlNT3kyN0dKRHlKYXVma0dtVjhTT09uM05hU2RWREI0Z3BzTTAxeC9SR0E2Zm05b0x3cDArUmFGME5yck1weGhtc2R0K09iajNaVGRubE40dFo3RE1Ub09DWHlSQ0FvWVJ6N3VKZ0hjdzVIbUxLaVd1emlhY1R4b1JxckpzTnE5NW1ZU1VaRHRSR25mWHVpdjhRK3RPZStlTklZOVBFb0liNU9RQ2hWZ2hRb1dQYWdxTlR5Z1UxaXd6bS0tR2NQNk5NZFBad2Y0NXJYblBwb1VrUT09--eea450c0bb8e85acf0a3c370c11266272b6b46f2
ask.fm/ Name: country
Value: DE
ask.fm/ Name: uuid
Value: c80b9fb9-eb36-40af-8162-fd1f3bc66f97
ask.fm/ Name: traffic_source
Value: organic
ask.fm/ Name: locale
Value: en

21 Console Messages

Source Level URL
Text
console-api info URL: https://content.adriver.ru/banners/0007207/0007207973/0/AdRiverFPS_MV.js?id1=7c1ac03fc5d0aff7f209(Line 2)
Message:
request.onupgradeneeded [object IDBVersionChangeEvent]
console-api log URL: https://r.mradx.net/img/BD/04C5EF.js(Line 1)
Message:
TypeError: Cannot read property 'getItem' of null
console-api warning URL: https://r.mradx.net/img/BD/04C5EF.js(Line 1)
Message:
Access to window.top is denied!
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621655094(Line 180)
Message:
pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621655094(Line 180)
Message:
pm-info:Inside catch block, setting the value 1 received in the argument due to error:
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621655094(Line 180)
Message:
pm-info:Finally, debug level set to 1
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621655094(Line 180)
Message:
pm-info:VPAIDMain:handshakeVersion() - PM AD MANAGER RELEASE VERSION: 1.2.0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621655094(Line 180)
Message:
pm-info:VPAIDMain:handshakeVersion() - Player Version:2.0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621655094(Line 180)
Message:
pm-info:into initPreConfiguration method
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621655094(Line 180)
Message:
pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621655094(Line 180)
Message:
pm-info:Inside catch block, setting the value 2 received in the argument due to error:
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621655094(Line 180)
Message:
pm-info:Finally, debug level set to 2
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621655094(Line 180)
Message:
pm-info:into initAd method
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621655094(Line 180)
Message:
pm-info:Inside createQueryString() : QueryString created from adtag variables - adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+7+9+1+0+1+1+1+6&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621655094&us_privacy=&cb=1621655105530
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621655094(Line 180)
Message:
pm-info:Inside createQueryString() : QueryString created from adtag variables - SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fask.fm%252Fjoinsleet68438&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fask.fm%252Fjoinsleet68438&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-5-22 5:45:6&ranreq=0.7268658055558268&timezone=2&depth=0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621655094(Line 180)
Message:
pm-info:PM AdRequest Time: 0.581secs.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621655094(Line 180)
Message:
pm-info:Ad Error Time: 0.584secs.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621655094(Line 180)
Message:
pm-info:Total Component Time since player call: 0.618secs.
console-api error URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621655094(Line 180)
Message:
pm-error:Invalid/Empty VAST Response from PubMatic Ad Server
console-api log URL: https://r.mradx.net/img/BD/04C5EF.js(Line 1)
Message:
TypeError: Cannot read property 'getItem' of null
console-api warning URL: https://r.mradx.net/img/BD/04C5EF.js(Line 1)
Message:
Access to window.top is denied!

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ad.adriver.ru
ad.mail.ru
ad.turn.com
ads.pubmatic.com
ads.stickyadstv.com
ads.viralize.tv
adx.adform.net
ajax.googleapis.com
aktrack.pubmatic.com
an.yandex.ru
arv2.showheroes.com
ask.fm
c1.adform.net
cdn.connectad.io
cdn.jsdelivr.net
cdn.ravenjs.com
cdn.viadata.store
cdn.xplosion.de
cm.g.doubleclick.net
cmp.optad360.io
connect.facebook.net
content.adriver.ru
creatives.sascdn.com
cs-0.moevideo.biz
d3r6ceqp4shltl.cloudfront.net
d5p.de17a.com
dis.criteo.com
dmg.digitaltarget.ru
dpm.demdex.net
dsum-sec.casalemedia.com
dyn.emetriq.de
get.optad360.io
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.connectad.io
ib.adnxs.com
ice.360yield.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
js-sec.indexww.com
loada.exelator.com
logs.viadata.store
match.adsrvr.org
match.prod.bidr.io
mc.yandex.com
mc.yandex.ru
moe.video
moevideo.biz
mug.criteo.com
onetag-sys.com
pl.viadata.store
playreplay.me
playreplay.net
polyfill.io
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prg.smartadserver.com
r.mradx.net
receiver-hetzner.showheroes.com
rtb-msk-2.viadata.store
s.amazon-adsystem.com
s.richaudience.com
search.spotxchange.com
secure.adnxs.com
serving.stat-rock.com
simage2.pubmatic.com
ssum-sec.casalemedia.com
static.showheroes.com
static.viralize.tv
stats.g.doubleclick.net
sync-eu.connectad.io
sync-tm.everesttech.net
sync.adotmob.com
sync.mathtag.com
sync.richaudience.com
sync.showheroes.com
thesame.tv
track.adform.net
um.simpli.fi
ups.xplosion.de
uscdn.viadata.store
viadata.store
vid.pubmatic.com
video-library.showheroes.com
viralize-d.openx.net
vpaid.pubmatic.com
vtg1.rktch.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www8.smartadserver.com
yastatic.net
aktrack.pubmatic.com
cm.g.doubleclick.net
loada.exelator.com
13.248.242.197
136.144.59.88
142.250.186.162
151.101.114.49
159.253.128.188
167.233.6.13
168.119.145.245
168.119.149.178
173.237.60.36
176.99.5.169
178.250.2.146
178.250.2.151
178.63.30.201
184.30.20.198
185.15.175.159
185.183.112.155
185.29.133.58
185.33.220.243
185.64.189.112
185.64.190.75
185.64.190.78
185.64.190.80
185.64.190.81
185.86.137.114
185.86.139.58
185.94.180.124
193.138.77.147
195.209.108.46
2.18.232.130
2.18.233.180
2.18.234.21
2.18.234.233
2001:678:cb4:bbbb::11
205.185.216.10
213.155.156.169
23.111.115.172
23.111.115.236
23.111.115.244
23.111.211.20
23.37.38.181
2600:9000:20eb:4400:e:29d5:db00:93a1
2600:9000:218e:a200:11:3771:2e40:21
2600:9000:21f3:4000:6:b871:4f00:93a1
2600:9000:21f3:fe00:11:a4de:2580:93a1
2606:4700:10::ac43:8ae
2a00:1148:db00::17
2a00:1148:db00::28
2a00:1288:110:c305::8000
2a00:1450:4001:802::200a
2a00:1450:4001:808::200e
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2008
2a00:1450:400c:c07::9a
2a02:2638::1c
2a02:26f0:6c00::210:ba28
2a02:26f0:6c00::210:ba29
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8::90
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:200::729
2a04:4e42:3::621
2a04:4e42::621
34.246.243.212
34.98.64.218
35.186.238.232
37.157.3.30
37.157.4.25
37.252.173.62
51.89.9.252
52.209.54.187
52.29.9.114
52.46.130.13
52.49.40.147
54.72.89.232
78.140.185.32
83.222.14.222
83.229.25.63
92.223.103.107
92.223.103.191
92.223.103.253
92.223.106.11
92.38.138.76
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1234d3283f11235deeaa9c66ea51b7f5177161ab47278594372972092b587f25
12b545ba8ec738538426fee411cf45788a539a6332baea682257b1e2f371e54d
13be9605e71b444b62fa3d78780ea07b8d585696cb3afa8196adb89d17ee26fc
1482d87261f54349ef673cf4a046b4f8bd04d264fd3d55ffe780fe4961d4cb84
1544d44c3488bcb118595e776fa579a8982260f6c7f4bd3a9ccbf4d426d8b6ec
16fd695ea13329e84a86bff1ce2b9bc23d807ced7c4106a932521587b1dda33f
176e4029787198a3a9f1a28252d1caaad487fa0ecc0b81c85647f243eb205c42
1814083bb325b29335bf9c69fd778305241678867ce6909aa3efae96c84345b7
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19dc325fb09ca6fc4e50eb7af94bfc64c6beb44a36030ccbd31948cc8c280ef8
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74
209cc3a4ecb0d2a8bc400823f6459da16a5972bb410a7869a6cdcfd4586f6552
21aa80733a2e64012e3f4f18beb996d922b2cbe4eb24fe383c556ee13baf1fd2
2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772
253bb291bfe03dfc9067c219d650814c60d561f7adb312ae6e3bb463e4d03206
25cdb27fab782e5ee837664296143f732b96d09cad09968e25ca99f1b163ae9d
25fb399d94d9031d730acaff6eebcd380b1d43d7c738d927d52448520fa52154
28ef08db2469e1ddcd482b9c5d95f94d0179066a06563c9fa4b45d1b39280ae5
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
292ab8ef047b7364917cd0f03edc26e84db920b18ec8d704ecc7e87e64cfdc03
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
3419057d4d0ea2416ad392eb797ded2ac1033896fc70df1dadd4eaad31862bf1
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37afcc50aed647983a6e055ccfdcb8ffb5edc9f759d42330a10edb6585f971f7
3884bb65079b3ac4e7a345e6d5b37b5ac4df83158573810f331b3b4a1f5bb8c7
3929e571584ac404ba32c11166c577244729dbd1e4189320e124126366224f08
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3edc01a4f42ce823ebd2ccf97481c1de8074ab4c31bd4e043b70ec18383c94b6
3f32ab7d466ee99b7e292e7b830b4c2ae03c2f959a0555264a01ceb892a15392
41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44b1579df26d0f43a8a0e4a40f6f0968ffbe115426b899d67903e549b3bffb40
455ff99b45ba132c5cd521e36dd4d04f77d20b0a64082605d94db568c5387dd0
467206f00105224e1a448a4ac9950cf1ad03988d92f95a03100b64c6feb17999
481c2637eba792334c80a394cc132c5886768484adc4780725c60dd3301de183
48335c5615c17e3b12e1afa28a477ce237a156da94bd1342732f400956bc15b4
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e
5037fb1b6f8b0435d9cfaa47d129668d9e0c9d880fdb5af6344e78030050ae6d
50f1ba123cf1064830f37bc627a2a2d0413844c2500fa8c8b8087ba56fd17240
540c450b5062bc620bd54e430f6cab4f31379f9efa5bfe35b2e1829d71732a89
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74
59c23c6fc8beb7f98fb5639b9c646574b64c954e77ad1c6a0465a4de525f47aa
5ac8bf8a7a52ce541b0804f46220ad95e33b718a2e5c3d028bdf1434848d6731
5b511c499ee25cdc29aa5d07618dbffae447b1ae47f2af4fcbcd9413dfa68b97
5d9e8cfd13ab9f3cb184ee716c93c4c007837b001ab17f762269a64b2d8958cc
629ae7ea2d3b37d20dbe091139a589730f71f03dcc7e96b26625a1186944788e
64a76d85490bf923477d715fb998da7a59c66988a645d080e2436f40cb3190f6
66d1c7aa064387309678f78ae89291315e156ae7a6247f84b8813cd2a23d9318
69944ef89de303c4cfee4014eb05fcc21048959ff60fa0fb8d6d6c2281788e65
69e8c6eb354a3a62b1d19fc2020cab419b4820f6ea080463d89d47becfc070ae
6add357eb64adef558f956767816927de0b8be69dd7a8f50953a0f79ee20daee
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d3f9a79b2fa5b0dc0f9087b25d0675e1697de9756ea0da16ae694ed7be59ba8
71cb99479ad35307245eeb07e3506e8686e2a3c12b7f9c528fd089fd80003deb
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
755423929b37a935963f16a27977257386956d30e99cbcbd37234583ca4407cf
756b9209561d2a2a4a54f2198bf8e6ebd9b8982452f3a7607026acc259211c81
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
78f4a3114e3738eab1ffd31cbd3611435034197ecc40456f3ed43f82af4393d3
7a0582f71b7fb7ca5165c2db6f3fee5377ed11db6702b9ae0fbad03f636451f4
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747
7bd27ed5450668d94d6aaf15775d2f9c6753feec722c4f922b16a4ce1da128a9
7ccb349a9cf90fb6fa49e4adbe0d3674e0bfd9f1b2381f5fa075aa9fd4be60e2
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
817384cf858af3b24293ea9cdce876477a4ec2e6bd1bd37ff7d0a4012f97f8f8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
83b9ce69a9267aa37d9fdfcbe4539fc9bae9ddafc91f82625c5e2284104203f2
853324ad1cb1a0bbc62244f1854403cfe21ddb5bd45fd2595d018734c80daac7
86034ce77b3a6b40a35a983344766af5d5f5321ef04e81ec86cb2332d8676d66
8637f09484addb912546f927d8a22820675942f84705510419524dc352563e06
8981b7634262efb2ccddde3aaf691c544eb2e2a9f95fe7f7976d6574a14999e4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d4b212e02c8d93800e3d0e88bf9b6fa100e3114a3eaff2b4404b6c32e15cc0f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
90c2dcda46f9234908f21d19652bc63451b5db0c40d5ac16f9b582a18614444d
98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f
9e0941532e70d706aef15f35e1432835cd264136dd148bf3802eaff5003d52ea
9e18d136de6919f81e71cd18adbbd83a8dbbba1e5073b101f3ee35a826b7993a
9f368bc5df489c49027f1f7d8f230089da338905fdfea2133e5f2314bd25f68f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a160c83b724c27140f51faf8ffc7a1586239119ee081d8235e6cb9991d17263c
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a4705fdb580e2e4a07465c93e15812fc8f9ba210ed3cf884a19e540348817305
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a7438cac51e036cef83cfbf31e6d480e021a35013375e6956a3932a7373bc017
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
acefa93cfdc556413f965eec9bb9602e1f347c7ba5197f2b6e991c99ad65d59d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1efea1ea1d5dacd4e53c4d220663ec89ebc5c91f6b99c4d7e8f3a670e901ff4
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2
bc522bd7f7b67287acef41161260f73fd1164bc1dbd77665f2dd41577618547a
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c233d6098087425dfeea8f690fd936de6b3cb2dc9fda991b0a5051169d334399
c3489c8606f797eedd2c4bc2102fbd7ca7c17028f09c94062e25de95845ef465
c3f11ffbaaba9768b1b5b86613b1dfe237de5257be4ac0a8d477ec497e38a20c
c95123ccc9890a5ac5dba9d9060abc099e1fcb9f7e1043c675188ac12942616f
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed
cce1318e6809c9b05c308f5139b32f0bfd73a5854babcf2514f7d68b0f20f8da
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
cf1953618b36785249add7003964bb34c56d35321a8c9282081584f398cad0db
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff86d9a03a25977318fbeef5799b8f0122cff4b763f58507cef01891d2de01a
d658bab407fdb5b6ea79b6c3b7412199dbf00416d7b94ea46c57d5e56a9b1cca
d88253f5fa17497bfdc4546ccf644a8f954c7f2314e41f09354f70b2282e48ae
d89ffae99980c82d292faa3c4870635189ec7b4bbaf400412032a66c5a3bceba
d973bc3a245ab698841862508843bed6687f2b9e961bc953d08372621d6e674c
da99152e855fe6ad6e826fb421e8e168df6cf7fc7f425b8c5a4604d364cb2ec3
daeb0df05d7e39e586d104948b94e640325bf2317685789c20286e6838efda6c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e14924be53155841f0773e10a9cdfa1cc672a251f807a131293e9e3c30542a0a
e1523bb7c50aeb3b7c37d26e7bd7e22977e11013b50865832a9db6b8fc19abc6
e1a29ecddec2d9746e50937af3d751f05618d02a5bc17b1fd7acab87e2d9ff61
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cedeedecd228caa058b365fd4dd4a40f1995c71bc979fe79827bb752bbe2b8
ea28e1aaa70b7a1ef1e0e6d4f64e1104742ced233b3ee7b2d131f033cca66bca
ea8c11136a7433434705f93ac9b944267b1e5b18cb713fe9817c7ca09c730cf7
ec023248e603b84816e2a3e33039064f1ddfcc5f6f48484205e83fabe3597f40
edb48f47d769a51a21230739ab84880f5d7b12367a72f636e33cb178b0b3d746
edfcb536924e7dd1bfa230aa145bedae6eac0da0561def602d2109a9607a1ccf
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efded6408c7e64cd48c00b10bdd63b79539c5bb13a396b9f3773f71fe2d5a606
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f70fee72f4b08b7a97e7740fc8bbc725f9877ce869b60a8e2f233327b52fb020
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63
fde6941198bb8c69106c9e8ad54a18c4f4f807ee4535b1a256bee3ffbaa80252
fea2310ed246a95c3b4ef9f216be5b04c2e29aa4e598ef5f1393ecbfecbeea19