urlscan.io logo urlscan.io
SecurityTrails logo

ask.fm Open in urlscan Pro
193.138.77.144  Public Scan

Go To Rescan Add Verdict Report
URL: https://ask.fm/cactussupply519
Submission: On September 10 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 142 IPs in 13 countries across 125 domains to perform 668 HTTP transactions. The main IP is 193.138.77.144, located in Latvia and belongs to ASK-FM, US. The main domain is ask.fm.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on July 30th 2020. Valid for: a year.
This is the only time ask.fm was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 193.138.77.144 395754 (ASK-FM)
9 2600:9000:223... 16509 (AMAZON-02)
1 3.129.250.65 16509 (AMAZON-02)
3 35.201.96.133 15169 (GOOGLE)
3 20 2a02:6b8::1:119 208722 (YNDX)
1 54.76.195.222 16509 (AMAZON-02)
20 151.139.128.11 20446 (HIGHWINDS3)
3 3 66.155.71.25 13768 (COGECO-PEER1)
3 3.123.90.134 16509 (AMAZON-02)
10 10 18.184.94.176 16509 (AMAZON-02)
9 10 142.250.180.226 15169 (GOOGLE)
3 3 213.19.147.44 3356 (LEVEL3)
3 10 2.21.142.210 16625 (AKAMAI-AS)
49 146.20.132.57 27357 (RACKSPACE)
50 146.20.128.118 27357 (RACKSPACE)
11 11 2001:678:cb4:... 56396 (AMOBEE)
24 146.20.132.61 27357 (RACKSPACE)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:21f... 16509 (AMAZON-02)
2 2600:9000:206... 16509 (AMAZON-02)
2 23.111.211.20 7979 (SERVERS-COM)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f12... 32934 (FACEBOOK)
4 23.111.115.172 7979 (SERVERS-COM)
3 23.111.115.244 7979 (SERVERS-COM)
4 2600:9000:215... 16509 (AMAZON-02)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
1 2a04:4e42:600... 54113 (FASTLY)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 178.250.0.157 44788 (ASN-CRITE...)
1 2.21.111.28 16625 (AKAMAI-AS)
2 9 37.157.6.241 198622 (ADFORM)
1 185.86.139.95 201081 (SMARTADSE...)
1 13 2606:4700:10:... 13335 (CLOUDFLAR...)
5 51.89.9.253 16276 (OVH)
5 24 185.33.220.100 29990 (ASN-APPNEX)
6 147.75.38.124 54825 (PACKET)
1 6 3.125.100.70 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 23.111.119.12 7979 (SERVERS-COM)
26 2.21.141.175 16625 (AKAMAI-AS)
1 2a02:26f0:f7:... 20940 (AKAMAI-ASN1)
2 80.64.106.150 20764 (RASCOM-AS...)
2 23.111.115.236 7979 (SERVERS-COM)
5 195.209.108.48 52007 (ADRIVER-AS)
39 35.186.238.232 15169 (GOOGLE)
11 92.38.138.38 199524 (GCORE)
1 3 188.34.131.134 24940 (HETZNER-AS)
2 192.96.200.41 30633 (LEASEWEB-...)
1 2 185.15.175.157 43226 (SAFEDATA ...)
4 37.157.4.28 198622 (ADFORM)
1 2 185.94.180.126 35220 (SPOTX-AMS)
3 185.64.190.78 62713 (AS-PUBMATIC)
2 2 213.155.156.184 1299 (TELIANET ...)
1 24 185.64.189.110 62713 (AS-PUBMATIC)
1 178.250.2.151 44788 (ASN-CRITE...)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 3 52.215.67.233 16509 (AMAZON-02)
1 1 162.55.6.211 24940 (HETZNER-AS)
1 63.251.232.170 29791 (VOXEL-DOT...)
1 1 87.98.242.60 16276 (OVH)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 185.29.134.244 30419 (MEDIAMATH...)
2 185.64.190.81 62713 (AS-PUBMATIC)
1 2 51.210.112.236 16276 (OVH)
2 2 18.198.126.47 16509 (AMAZON-02)
1 2 159.253.128.188 36351 (SOFTLAYER)
4 5 76.223.111.131 16509 (AMAZON-02)
5 5 3.126.56.137 16509 (AMAZON-02)
1 2 2a00:1288:110... 34010 (YAHOO-IRD)
1 1 2620:116:800d... 16509 (AMAZON-02)
2 2 35.210.53.219 15169 (GOOGLE)
2 2 151.101.194.49 54113 (FASTLY)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 159.65.197.210 14061 (DIGITALOC...)
1 1 34.98.107.212 15169 (GOOGLE)
1 3 185.33.223.178 29990 (ASN-APPNEX)
1 1 52.48.175.241 16509 (AMAZON-02)
1 2a02:26f0:f7:... 20940 (AKAMAI-ASN1)
1 5 18.194.4.26 16509 (AMAZON-02)
1 185.86.139.59 201081 (SMARTADSE...)
2 2 3.120.43.188 16509 (AMAZON-02)
1 185.86.139.113 201081 (SMARTADSE...)
1 216.239.32.21 15169 (GOOGLE)
1 216.239.34.21 15169 (GOOGLE)
2 209.197.3.19 20446 (HIGHWINDS3)
4 2606:4700::68... 13335 (CLOUDFLAR...)
3 2.21.140.103 16625 (AKAMAI-AS)
6 185.64.190.75 62713 (AS-PUBMATIC)
6 2a02:6b8::90 208722 (YNDX)
2 52.51.242.199 16509 (AMAZON-02)
18 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:225... 16509 (AMAZON-02)
12 2.21.143.57 16625 (AKAMAI-AS)
1 168.119.79.223 24940 (HETZNER-AS)
4 185.86.137.113 201081 (SMARTADSE...)
1 35.241.45.217 15169 (GOOGLE)
2 2a04:4e42:200... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a04:4e42:800... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
2 35.227.248.159 15169 (GOOGLE)
4 3.12.29.116 16509 (AMAZON-02)
7 130.211.115.4 15169 (GOOGLE)
5 2a02:6b8:20::215 208722 (YNDX)
2 18.185.206.125 16509 (AMAZON-02)
2 92.223.103.54 199524 (GCORE)
1 92.223.103.191 199524 (GCORE)
5 83.229.25.15 199524 (GCORE)
2 157.90.0.13 24940 (HETZNER-AS)
2 185.94.180.123 35220 (SPOTX-AMS)
9 78.140.185.32 35415 (WEBZILLA)
1 66.102.1.155 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 151.101.129.108 54113 (FASTLY)
3 10 2.21.141.232 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 3 18.184.95.242 16509 (AMAZON-02)
3 3 216.52.2.30 29791 (VOXEL-DOT...)
1 142.250.180.194 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 80.82.217.90 24961 (MYLOC-AS ...)
2 3 80.82.217.103 24961 (MYLOC-AS ...)
1 1 139.162.141.41 63949 (LINODE-AP...)
2 142.250.184.194 15169 (GOOGLE)
1 2 54.36.109.47 16276 (OVH)
2 178.162.133.149 60781 (LEASEWEB-...)
1 1 3.126.175.244 16509 (AMAZON-02)
1 3 209.54.178.82 16509 (AMAZON-02)
1 169.197.150.8 398989 (DEEPINTENT)
1 1 185.183.112.148 60350 (VP)
1 35.241.40.233 15169 (GOOGLE)
1 1 54.93.179.96 16509 (AMAZON-02)
1 38.27.122.101 174 (COGENT-174)
1 1 54.87.192.123 14618 (AMAZON-AES)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.190.87 62713 (AS-PUBMATIC)
1 77.243.60.138 42697 (NETIC-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 18.198.69.109 16509 (AMAZON-02)
1 1 34.199.172.6 14618 (AMAZON-AES)
7 92.38.138.52 199524 (GCORE)
4 83.229.25.205 199524 (GCORE)
26 2a00:1148:db0... 47764 (MAILRU-AS...)
2 23.111.96.36 7979 (SERVERS-COM)
2 146.185.194.45 50340 (SELECTEL-MSK)
2 2a00:1148:db0... 47764 (MAILRU-AS...)
1 37.18.16.16 205675 (HYBRID-AS)
1 2 193.232.148.144 48061 (UMA-TECH-AS)
2 3 31.172.81.158 44066 (DE-FIRSTC...)
2 2 31.172.81.160 44066 (DE-FIRSTC...)
2 2 81.163.17.245 50340 (SELECTEL-MSK)
1 1 94.130.13.220 24940 (HETZNER-AS)
2 2 148.251.237.106 24940 (HETZNER-AS)
1 1 148.251.129.43 24940 (HETZNER-AS)
2 2 217.66.147.165 29209 (SPBMTS-AS...)
1 1 213.87.44.187 13174 (MTSNET Mo...)
1 195.201.152.105 24940 (HETZNER-AS)
1 83.222.114.188 42632 (MNOGOBYTE...)
2 2 188.42.29.196 7979 (SERVERS-COM)
2 3 35.201.80.102 15169 (GOOGLE)
1 1 35.190.16.14 15169 (GOOGLE)
10 2a03:90c0:41:... 199524 (GCORE)
1 3 2001:6d0:4001... 52016 (TNSMSK-)
2 93.186.225.208 47541 (VKONTAKTE...)
2 87.240.129.135 47541 (VKONTAKTE...)
4 185.180.43.83 50340 (SELECTEL-MSK)
1 185.64.189.114 62713 (AS-PUBMATIC)
1 138.201.65.68 24940 (HETZNER-AS)
2 2001:4de0:ac1... 20446 (HIGHWINDS3)
2 2a02:26f0:f7:... 20940 (AKAMAI-ASN1)
2 5 35.244.159.8 15169 (GOOGLE)
4 184.30.20.198 16625 (AKAMAI-AS)
1 52.213.94.69 16509 (AMAZON-02)
1 2a00:1288:80:... ()
5 3.124.130.33 ()
1 3.124.203.132 ()
668 142
2    193.138.77.144 (Latvia)

ASN395754 (ASK-FM, US)
ask.fm
9    2600:9000:223d:2600:11:3771:2e40:21 (United States)

ASN16509 (AMAZON-02, US)
d3r6ceqp4shltl.cloudfront.net
1    3.129.250.65 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-129-250-65.us-east-2.compute.amazonaws.com
ads.vidoomy.com
3    35.201.96.133 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 133.96.201.35.bc.googleusercontent.com
colossalcoat.com
20    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
mc.yandex.ru
mc.yandex.com
1    54.76.195.222 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-195-222.eu-west-1.compute.amazonaws.com
static.adsafeprotected.com
20    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
ad.lkqd.net
3    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
3    3.123.90.134 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-90-134.eu-central-1.compute.amazonaws.com
a.vidoomy.com
10    18.184.94.176 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-94-176.eu-central-1.compute.amazonaws.com
x.bidswitch.net
aws-fr-sync.bidswitch.net
10    142.250.180.226 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f2.1e100.net
cm.g.doubleclick.net
3    213.19.147.44 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
10    2.21.142.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-142-210.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
49    146.20.132.57 (United States)

ASN27357 (RACKSPACE, US)
v.lkqd.net
t.lkqd.net
50    146.20.128.118 (United States)

ASN27357 (RACKSPACE, US)
cs.lkqd.net
11    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
24    146.20.132.61 (United States)

ASN27357 (RACKSPACE, US)
t.lkqd.net
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:21f3:2400:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.optad360.io
2    2600:9000:206f:ce00:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)
get.optad360.io
2    23.111.211.20 (Russian Federation)

ASN7979 (SERVERS-COM, US)
viadata.store
6    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    23.111.115.172 (Russian Federation)

ASN7979 (SERVERS-COM, US)
cdn.viadata.store
3    23.111.115.244 (Russian Federation)

ASN7979 (SERVERS-COM, US)
logs.viadata.store
4    2600:9000:2156:b000:15:6f6c:b180:93a1 (United States)

ASN16509 (AMAZON-02, US)
vpaid.springserve.com
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    2606:4700::6812:ea1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    2.21.111.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-111-28.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
9    37.157.6.241 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
c1.adform.net
1    185.86.139.95 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
13    2606:4700:10::6816:387e (United States)

ASN13335 (CLOUDFLARENET, US)
useast.quantumdex.io
sync.quantumdex.io
ms.quantumdex.io
5    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
24    185.33.220.100 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
6    147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
6    3.125.100.70 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-100-70.eu-central-1.compute.amazonaws.com
ads.adaptv.advertising.com
1    2a00:1450:400c:c0b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    23.111.119.12 (Russian Federation)

ASN7979 (SERVERS-COM, US)
pl.viadata.store
26    2.21.141.175 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-175.deploy.static.akamaitechnologies.com
vpaid.pubmatic.com
ads.pubmatic.com
1    2a02:26f0:f7::5c7b:e064 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ced-ns.sascdn.com
2    80.64.106.150 (Russian Federation)

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr5.rutarget.ru
clientside-video-bidder.rutarget.ru
2    23.111.115.236 (Russian Federation)

ASN7979 (SERVERS-COM, US)
rtb-msk-2.viadata.store
5    195.209.108.48 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)
ad.adriver.ru
39    35.186.238.232 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 232.238.186.35.bc.googleusercontent.com
ads.viralize.tv
11    92.38.138.38 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
PTR: f7.moevideo.net
moevideo.biz
3    188.34.131.134 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.134.131.34.188.clients.your-server.de
adx.com.ru
2    192.96.200.41 (Washington, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ads.aralego.com
2    185.15.175.157 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)
dmg.digitaltarget.ru
4    37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
2    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
3    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    213.155.156.184 (Uppsala, Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-184.teliacarrier-cust.com
d5p.de17a.com
24    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    52.215.67.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-67-233.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    162.55.6.211 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.211.6.55.162.clients.your-server.de
csync.loopme.me
1    63.251.232.170 (United States)

ASN29791 (VOXEL-DOT-NET, US)
PTR: ams-mon-1.sys.adgear.com
cm.adgrx.com
1    87.98.242.60 (Saarbrücken, Germany)

ASN16276 (OVH, FR)
PTR: ip60.ip-87-98-242.eu
green.erne.co
1    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    2606:4700::6812:c05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
2    51.210.112.236 (France)

ASN16276 (OVH, FR)
PTR: pikafka-1.cloudy.ovh
pixel.onaudience.com
2    18.198.126.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
loada.exelator.com
2    159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
5    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
5    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
1    2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
2    35.210.53.219 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
2    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
2    159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.98.107.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 212.107.98.34.bc.googleusercontent.com
ads.playground.xyz
3    185.33.223.178 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
1    52.48.175.241 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-175-241.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
1    2a02:26f0:f7::5c7b:e039 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
apps.sascdn.com
5    18.194.4.26 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-4-26.eu-central-1.compute.amazonaws.com
eu.sportradarserving.com
1    185.86.139.59 (France)

ASN201081 (SMARTADSERVER, FR)
itx4.smartadserver.com
2    3.120.43.188 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-43-188.eu-central-1.compute.amazonaws.com
a.sportradarserving.com
1    185.86.139.113 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    216.239.32.21 (United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2015.1e100.net
tags.feedad.com
1    216.239.34.21 (United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2215.1e100.net
api.feedad.com
2    209.197.3.19 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: vip0x013.map2.ssl.hwcdn.net
servedby.flashtalking.com
4    2606:4700::6812:9ca (United States)

ASN13335 (CLOUDFLARENET, US)
static.viralize.tv
3    2.21.140.103 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-140-103.deploy.static.akamaitechnologies.com
cdn.flashtalking.com
secure.flashtalking.com
6    185.64.190.75 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
vid.pubmatic.com
6    2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
an.yandex.ru
2    52.51.242.199 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-242-199.eu-west-1.compute.amazonaws.com
d9.flashtalking.com
18    2606:4700::6810:d40 (United States)

ASN13335 (CLOUDFLARENET, US)
c.bannerflow.net
1    2600:9000:2250:7800:a:deb0:3380:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.ad-score.com
12    2.21.143.57 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-143-57.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
1    168.119.79.223 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.223.79.119.168.clients.your-server.de
sync.richaudience.com
4    185.86.137.113 (France)

ASN201081 (SMARTADSERVER, FR)
www8.smartadserver.com
1    35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com
pghub.io
2    2a04:4e42:200::729 (United States)

ASN54113 (FASTLY, US)
cdn.ravenjs.com
2    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
4    2a04:4e42:800::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
2    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pandg.tapad.com
pixel.tapad.com
4    3.12.29.116 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-12-29-116.us-east-2.compute.amazonaws.com
vid-io-cle.springserve.com
7    130.211.115.4 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 4.115.211.130.bc.googleusercontent.com
data.ad-score.com
5    2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
yastatic.net
2    18.185.206.125 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-206-125.eu-central-1.compute.amazonaws.com
ice.360yield.com
2    92.223.103.54 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
PTR: f51.moevideo.net
playreplay.me
playreplay.net
1    92.223.103.191 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
PTR: f31.moevideo.net
thesame.tv
5    83.229.25.15 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
cs-0.moevideo.biz
2    157.90.0.13 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.13.0.90.157.clients.your-server.de
s.richaudience.com
2    185.94.180.123 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
9    78.140.185.32 (Netherlands)

ASN35415 (WEBZILLA, NL)
PTR: ap8.adplayer.pro
serving.stat-rock.com
1    66.102.1.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f155.1e100.net
bid.g.doubleclick.net
1    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
1    2a00:1450:4001:10::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r3---sn-4g5lznes.c.2mdn.net
3    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
10    2.21.141.232 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-232.deploy.static.akamaitechnologies.com
js-sec.indexww.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
1    2606:4700:10::6816:37ce (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.connectad.io
3    18.184.95.242 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-95-242.eu-central-1.compute.amazonaws.com
pixel.advertising.com
3    216.52.2.30 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
1    142.250.180.194 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2a00:1450:400d:804::2002 (Ireland)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    80.82.217.90 (Düsseldorf, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
ads.smartstream.tv
3    80.82.217.103 (Düsseldorf, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
cm.adsafety.net
1    139.162.141.41 (Frankfurt am Main, Germany)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: tags1.adsafety.net
tags.adsafety.net
2    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
ade.googlesyndication.com
2    54.36.109.47 (Sheridan, United States)

ASN16276 (OVH, FR)
PTR: p02.id5-sync.com
id5-sync.com
2    178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
1    3.126.175.244 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-175-244.eu-central-1.compute.amazonaws.com
match.sharethrough.com
3    209.54.178.82 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
1    185.183.112.148 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
1    35.241.40.233 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 233.40.241.35.bc.googleusercontent.com
dmp.brand-display.com
1    54.93.179.96 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-179-96.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    38.27.122.101 (Chestertown, United States)

ASN174 (COGENT-174, US)
match.bnmla.com
1    54.87.192.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-192-123.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    185.64.190.87 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
1    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
1    18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
loadm.exelator.com
1    34.199.172.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-172-6.compute-1.amazonaws.com
sync.ipredictive.com
7    92.38.138.52 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
PTR: f29.moevideo.net
moe.video
4    83.229.25.205 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
am-0.moevideo.biz
26    2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
ad.mail.ru
2    23.111.96.36 (Russian Federation)

ASN7979 (SERVERS-COM, US)
content.adriver.ru
2    146.185.194.45 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: host45.seedr.ru
stats.seedr.com
2    2a00:1148:db00::28 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
r.mradx.net
1    37.18.16.16 (Netherlands)

ASN205675 (HYBRID-AS, RU)
dm.hybrid.ai
2    193.232.148.144 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp5.sender.ltmse.com
px.adhigh.net
3    31.172.81.158 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
2    31.172.81.160 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync3.adsniper.ru
2    81.163.17.245 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
mitdmp.whiteboxdigital.ru
e6c96af6-8b79-40d9-85b5-1615924ea2c0.mitdmp.whiteboxdigital.ru
1    94.130.13.220 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.220.13.130.94.clients.your-server.de
exchange.buzzoola.com
2    148.251.237.106 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-1.community.moscow
sync.upravel.com
1    148.251.129.43 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-23.community.moscow
15a5f0c8-e1ea-4d45-a7b5-2eb5a7990d1c.sync.upravel.com
2    217.66.147.165 (St Petersburg, Russian Federation)

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-165-147-66-217.spbmts.ru
sm.rtb.mts.ru
1    213.87.44.187 (Moscow, Russian Federation)

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru
tech.rtb.mts.ru
1    195.201.152.105 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.105.152.201.195.clients.your-server.de
sync.dmp.otm-r.com
1    83.222.114.188 (Russian Federation)

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)
rtb.com.ru
2    188.42.29.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
3    35.201.80.102 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 102.80.201.35.bc.googleusercontent.com
dx.frontend.weborama.com
1    35.190.16.14 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com
rd.frontend.weborama.fr
10    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
cdn01.nativeroll.tv
cdn02.nativeroll.tv
3    2001:6d0:4001::226 (Russian Federation)

ASN52016 (TNSMSK-, RU)
www.tns-counter.ru
2    93.186.225.208 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
vk.com
2    87.240.129.135 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv135-129-240-87.vk.com
login.vk.com
4    185.180.43.83 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: host83.seedr.ru
statsb.nativeroll.tv
1    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
1    138.201.65.68 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.68.65.201.138.clients.your-server.de
pub-eu.p.otm-r.com
2    2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)
cdn.stickyadstv.com
2    2a02:26f0:f7::5c7b:e052 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
creatives.sascdn.com
5    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
viralize-d.openx.net
4    184.30.20.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-198.deploy.static.akamaitechnologies.com
aktrack.pubmatic.com
1    52.213.94.69 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-94-69.eu-west-1.compute.amazonaws.com
acds.prod.vidible.tv
1    2a00:1288:80:800::7001 (None, )

ASN- ()
cdn-ssl.vidible.tv
5    3.124.130.33 (None, )

ASN- ()
trk.vidible.tv
1    3.124.203.132 (None, )

ASN- ()
ads-eu.v.ssp.yahoo.com
Apex Domain
Subdomains		 Transfer
143 lkqd.net
ad.lkqd.net
v.lkqd.net
cs.lkqd.net
t.lkqd.net
629 KB
67 pubmatic.com
vpaid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
vid.pubmatic.com
aktrack.pubmatic.com Failed
aud.pubmatic.com
simage4.pubmatic.com
423 KB
43 viralize.tv
ads.viralize.tv
static.viralize.tv
476 KB
30 adnxs.com
ib.adnxs.com
secure.adnxs.com
acdn.adnxs.com
90 KB
26 mail.ru
ad.mail.ru
11 KB
20 moevideo.biz
moevideo.biz
cs-0.moevideo.biz
am-0.moevideo.biz
1 MB
18 bannerflow.net
c.bannerflow.net
164 KB
18 yandex.com
mc.yandex.com
4 KB
14 nativeroll.tv
cdn01.nativeroll.tv
cdn02.nativeroll.tv
statsb.nativeroll.tv
303 KB
14 doubleclick.net
cm.g.doubleclick.net
stats.g.doubleclick.net
bid.g.doubleclick.net
googleads4.g.doubleclick.net
googleads.g.doubleclick.net
8 KB
13 quantumdex.io
useast.quantumdex.io
sync.quantumdex.io
ms.quantumdex.io
2 KB
13 adform.net
adx.adform.net
cm.adform.net
c1.adform.net
8 KB
13 viadata.store
viadata.store
cdn.viadata.store
logs.viadata.store
pl.viadata.store
rtb-msk-2.viadata.store
182 KB
12 moatads.com
z.moatads.com
px.moatads.com
147 KB
12 stickyadstv.com
ads.stickyadstv.com
cdn.stickyadstv.com
145 KB
11 turn.com
ad.turn.com
5 KB
10 casalemedia.com
htlb.casalemedia.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
10 KB
10 bidswitch.net
x.bidswitch.net
aws-fr-sync.bidswitch.net
3 KB
9 stat-rock.com
serving.stat-rock.com
98 KB
9 advertising.com
ads.adaptv.advertising.com
pixel.advertising.com
4 KB
9 cloudfront.net
d3r6ceqp4shltl.cloudfront.net
235 KB
8 ad-score.com
js.ad-score.com
data.ad-score.com
152 KB
8 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
ads-eu.v.ssp.yahoo.com
6 KB
8 springserve.com
vpaid.springserve.com
vid-io-cle.springserve.com
347 KB
8 yandex.ru
mc.yandex.ru
an.yandex.ru
229 KB
7 vidible.tv
acds.prod.vidible.tv
cdn-ssl.vidible.tv
trk.vidible.tv
111 KB
7 moe.video
moe.video
47 KB
7 flashtalking.com
servedby.flashtalking.com
cdn.flashtalking.com
d9.flashtalking.com
secure.flashtalking.com
39 KB
7 sportradarserving.com
eu.sportradarserving.com
a.sportradarserving.com
13 KB
7 adriver.ru
ad.adriver.ru
content.adriver.ru
33 KB
7 smartadserver.com
prg.smartadserver.com
itx4.smartadserver.com
rtb-csync.smartadserver.com
www8.smartadserver.com
8 KB
6 a-mo.net
prebid.a-mo.net
1 KB
6 google-analytics.com
www.google-analytics.com
97 KB
5 openx.net
viralize-d.openx.net
1 KB
5 yastatic.net
yastatic.net
296 KB
5 adsrvr.org
match.adsrvr.org
2 KB
5 onetag-sys.com
onetag-sys.com
3 KB
5 criteo.com
gum.criteo.com
mug.criteo.com
dis.criteo.com
2 KB
4 vk.com
vk.com
login.vk.com
45 KB
4 adsafety.net
cm.adsafety.net
tags.adsafety.net
7 KB
4 polyfill.io
polyfill.io
1003 B
4 googleapis.com
ajax.googleapis.com
imasdk.googleapis.com
306 KB
4 spotxchange.com
sync.search.spotxchange.com
search.spotxchange.com
4 KB
4 com.ru
adx.com.ru
rtb.com.ru
1 KB
4 sascdn.com
ced-ns.sascdn.com
apps.sascdn.com
creatives.sascdn.com
12 KB
4 vidoomy.com
ads.vidoomy.com
a.vidoomy.com
7 KB
3 tns-counter.ru
www.tns-counter.ru
1 KB
3 weborama.com
dx.frontend.weborama.com
932 B
3 mts.ru
sm.rtb.mts.ru
tech.rtb.mts.ru
2 KB
3 upravel.com
sync.upravel.com
15a5f0c8-e1ea-4d45-a7b5-2eb5a7990d1c.sync.upravel.com
2 KB
3 bumlam.com
sync.bumlam.com
2 KB
3 amazon-adsystem.com
s.amazon-adsystem.com
2 KB
3 lijit.com
ap.lijit.com
2 KB
3 richaudience.com
sync.richaudience.com
s.richaudience.com
2 KB
3 exelator.com
loada.exelator.com
loadm.exelator.com
3 KB
3 bidr.io
match.prod.bidr.io
2 KB
3 optad360.io
cmp.optad360.io
get.optad360.io
565 KB
3 1rx.io
sync.1rx.io
623 B
3 sitescout.com
pixel-sync.sitescout.com
899 B
3 colossalcoat.com
colossalcoat.com
31 KB
2 betweendigital.com
ads.betweendigital.com
1 KB
2 otm-r.com
sync.dmp.otm-r.com
pub-eu.p.otm-r.com
421 B
2 whiteboxdigital.ru
mitdmp.whiteboxdigital.ru
e6c96af6-8b79-40d9-85b5-1615924ea2c0.mitdmp.whiteboxdigital.ru
2 KB
2 adsniper.ru
sync3.adsniper.ru
1 KB
2 adhigh.net
px.adhigh.net
743 B
2 mradx.net
r.mradx.net
113 KB
2 seedr.com
stats.seedr.com
2 KB
2 fiftyt.com
visitor.fiftyt.com
1 KB
2 sonobi.com
sync.go.sonobi.com
1 KB
2 id5-sync.com
id5-sync.com
3 KB
2 googlesyndication.com
ade.googlesyndication.com
578 B
2 2mdn.net
gcdn.2mdn.net
r3---sn-4g5lznes.c.2mdn.net
2 MB
2 360yield.com
ice.360yield.com
672 B
2 tapad.com
pandg.tapad.com
pixel.tapad.com
1 KB
2 ravenjs.com
cdn.ravenjs.com
19 KB
2 feedad.com
tags.feedad.com
api.feedad.com
626 B
2 bidtheatre.com
match.adsby.bidtheatre.com
1 KB
2 everesttech.net
sync-tm.everesttech.net
741 B
2 admedo.com
pool.admedo.com
714 B
2 simpli.fi
um.simpli.fi
1 KB
2 onaudience.com
pixel.onaudience.com
736 B
2 mathtag.com
sync.mathtag.com
1 KB
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 de17a.com
d5p.de17a.com
637 B
2 digitaltarget.ru
dmg.digitaltarget.ru
1 KB
2 aralego.com
ads.aralego.com
1 KB
2 rutarget.ru
clientside-video-bidder.rutarget.ru
moevideo-sync.rutarget.ru Failed
1 KB
2 4dex.io
script.4dex.io
22 KB
2 facebook.net
connect.facebook.net
69 KB
2 ask.fm
ask.fm
31 KB
1 weborama.fr
rd.frontend.weborama.fr
383 B
1 buzzoola.com
exchange.buzzoola.com
176 B
1 hybrid.ai
dm.hybrid.ai
238 B
1 ipredictive.com
sync.ipredictive.com
522 B
1 zeotap.com
mwzeom.zeotap.com
455 B
1 semasio.net
uipglob.semasio.net
254 B
1 stackadapt.com
sync.srv.stackadapt.com
647 B
1 bnmla.com
match.bnmla.com
114 B
1 w55c.net
pm.w55c.net
904 B
1 brand-display.com
dmp.brand-display.com
253 B
1 adotmob.com
sync.adotmob.com
689 B
1 sharethrough.com
match.sharethrough.com
240 B
1 smartstream.tv
ads.smartstream.tv
823 B
1 indexww.com
js-sec.indexww.com
1 KB
1 playreplay.net
playreplay.net
332 B
1 thesame.tv
thesame.tv
332 B
1 playreplay.me
playreplay.me
332 B
1 pghub.io
pghub.io
2 KB
1 gumgum.com
rtb.gumgum.com
336 B
1 playground.xyz
ads.playground.xyz
485 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 quantserve.com
pixel.quantserve.com
541 B
1 deepintent.com
match.deepintent.com Failed
44 B
1 ad4m.at
ad4m.at
974 B
1 erne.co
green.erne.co
327 B
1 adgrx.com
cm.adgrx.com
408 B
1 loopme.me
csync.loopme.me
217 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 connectad.io
i.connectad.io Failed
cdn.connectad.io
1 jsdelivr.net
cdn.jsdelivr.net
1 KB
1 facebook.com
www.facebook.com
313 B
1 googletagmanager.com
www.googletagmanager.com
36 KB
1 adsafeprotected.com
static.adsafeprotected.com
259 B
0 audrte.com Failed
a.audrte.com Failed
0 taboola.com Failed
trc.taboola.com Failed
668 125
Domain Requested by
50 cs.lkqd.net ad.lkqd.net
48 t.lkqd.net ad.lkqd.net
39 ads.viralize.tv ask.fm
static.viralize.tv
cdn.ravenjs.com
26 ad.mail.ru moevideo.biz
r.mradx.net
25 v.lkqd.net ad.lkqd.net
24 ib.adnxs.com 5 redirects get.optad360.io
vpaid.springserve.com
eu.sportradarserving.com
acdn.adnxs.com
20 ad.lkqd.net ask.fm
ad.lkqd.net
18 c.bannerflow.net cdn.flashtalking.com
c.bannerflow.net
ask.fm
18 mc.yandex.com 2 redirects ask.fm
mc.yandex.ru
16 simage2.pubmatic.com ads.pubmatic.com
14 ads.pubmatic.com vpaid.pubmatic.com
ads.pubmatic.com
sync.quantumdex.io
12 vpaid.pubmatic.com vpaid.springserve.com
blank
cdn.ravenjs.com
static.viralize.tv
11 sync.quantumdex.io get.optad360.io
sync.quantumdex.io
ssum-sec.casalemedia.com
ads.pubmatic.com
11 moevideo.biz ask.fm
moevideo.biz
11 ad.turn.com 11 redirects
10 px.moatads.com eu.sportradarserving.com
ask.fm
10 ads.stickyadstv.com 3 redirects ask.fm
cdn.ravenjs.com
cdn.stickyadstv.com
vpaid.springserve.com
10 cm.g.doubleclick.net 9 redirects
9 serving.stat-rock.com get.optad360.io
9 x.bidswitch.net 9 redirects
9 d3r6ceqp4shltl.cloudfront.net ask.fm
d3r6ceqp4shltl.cloudfront.net
8 image2.pubmatic.com 1 redirects ads.pubmatic.com
7 moe.video moevideo.biz
7 data.ad-score.com js.ad-score.com
6 cdn01.nativeroll.tv moevideo.biz
cdn01.nativeroll.tv
6 an.yandex.ru ask.fm
an.yandex.ru
6 vid.pubmatic.com vpaid.pubmatic.com
6 ads.adaptv.advertising.com 1 redirects vpaid.springserve.com
ad.lkqd.net
6 prebid.a-mo.net get.optad360.io
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
moevideo.biz
cdn01.nativeroll.tv
5 trk.vidible.tv
5 viralize-d.openx.net 2 redirects cdn.ravenjs.com
5 cs-0.moevideo.biz moevideo.biz
5 yastatic.net an.yandex.ru
5 eu.sportradarserving.com 1 redirects ced-ns.sascdn.com
eu.sportradarserving.com
ask.fm
5 ups.analytics.yahoo.com 5 redirects
5 match.adsrvr.org 4 redirects ssum-sec.casalemedia.com
5 ad.adriver.ru ask.fm
content.adriver.ru
5 onetag-sys.com get.optad360.io
sync.quantumdex.io
5 adx.adform.net get.optad360.io
cdn.ravenjs.com
4 statsb.nativeroll.tv cdn01.nativeroll.tv
4 cdn02.nativeroll.tv cdn01.nativeroll.tv
4 am-0.moevideo.biz moevideo.biz
4 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
4 aktrack.pubmatic.com
4 vid-io-cle.springserve.com vpaid.springserve.com
4 polyfill.io static.viralize.tv
ask.fm
4 www8.smartadserver.com ask.fm
cdn.ravenjs.com
4 static.viralize.tv ask.fm
static.viralize.tv
4 c1.adform.net 2 redirects ads.pubmatic.com
4 cm.adform.net
4 vpaid.springserve.com ad.lkqd.net
4 cdn.viadata.store ask.fm
cdn.viadata.store
3 www.tns-counter.ru 1 redirects moevideo.biz
3 dx.frontend.weborama.com 2 redirects
3 sync.bumlam.com 2 redirects
3 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
3 ssum-sec.casalemedia.com js-sec.indexww.com
sync.quantumdex.io
ssum-sec.casalemedia.com
3 cm.adsafety.net 2 redirects
3 ap.lijit.com 3 redirects
3 pixel.advertising.com 3 redirects
3 acdn.adnxs.com get.optad360.io
vpaid.springserve.com
3 secure.adnxs.com 1 redirects cdn.ravenjs.com
3 match.prod.bidr.io 2 redirects ads.pubmatic.com
3 image6.pubmatic.com ads.pubmatic.com
3 adx.com.ru 1 redirects ask.fm
3 logs.viadata.store
3 sync.1rx.io 3 redirects
3 a.vidoomy.com ask.fm
3 pixel-sync.sitescout.com 3 redirects
3 colossalcoat.com ask.fm
colossalcoat.com
2 creatives.sascdn.com static.viralize.tv
2 cdn.stickyadstv.com static.viralize.tv
cdn.stickyadstv.com
2 login.vk.com vk.com
2 vk.com ad.mail.ru
2 ads.betweendigital.com 2 redirects
2 sm.rtb.mts.ru 2 redirects
2 sync.upravel.com 2 redirects
2 sync3.adsniper.ru 2 redirects
2 px.adhigh.net 1 redirects
2 r.mradx.net ad.mail.ru
2 stats.seedr.com moevideo.biz
2 content.adriver.ru moevideo.biz
2 visitor.fiftyt.com 2 redirects
2 sync.go.sonobi.com sync.quantumdex.io
2 id5-sync.com 1 redirects sync.quantumdex.io
2 ade.googlesyndication.com
2 ssum.casalemedia.com 2 redirects
2 search.spotxchange.com cdn.ravenjs.com
2 s.richaudience.com cdn.ravenjs.com
2 ice.360yield.com cdn.ravenjs.com
2 imasdk.googleapis.com static.viralize.tv
2 ajax.googleapis.com static.viralize.tv
2 cdn.ravenjs.com static.viralize.tv
2 secure.flashtalking.com eu.sportradarserving.com
2 z.moatads.com cdn.flashtalking.com
cdn-ssl.vidible.tv
2 d9.flashtalking.com cdn.flashtalking.com
d9.flashtalking.com
2 servedby.flashtalking.com eu.sportradarserving.com
2 a.sportradarserving.com 2 redirects
2 match.adsby.bidtheatre.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 pool.admedo.com 2 redirects
2 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 1 redirects ads.pubmatic.com
2 image4.pubmatic.com ads.pubmatic.com
2 sync.mathtag.com 2 redirects
2 d5p.de17a.com 2 redirects
2 sync.search.spotxchange.com 1 redirects
2 dmg.digitaltarget.ru 1 redirects
2 ads.aralego.com ask.fm
2 rtb-msk-2.viadata.store ask.fm
2 clientside-video-bidder.rutarget.ru ask.fm
2 pl.viadata.store ask.fm
2 mug.criteo.com
2 script.4dex.io get.optad360.io
script.4dex.io
2 gum.criteo.com 1 redirects
2 viadata.store d3r6ceqp4shltl.cloudfront.net
ask.fm
2 get.optad360.io d3r6ceqp4shltl.cloudfront.net
get.optad360.io
2 connect.facebook.net d3r6ceqp4shltl.cloudfront.net
connect.facebook.net
2 mc.yandex.ru 1 redirects d3r6ceqp4shltl.cloudfront.net
2 ask.fm d3r6ceqp4shltl.cloudfront.net
1 ads-eu.v.ssp.yahoo.com
1 cdn-ssl.vidible.tv acds.prod.vidible.tv
1 acds.prod.vidible.tv ad.lkqd.net
1 pub-eu.p.otm-r.com moevideo.biz
1 simage4.pubmatic.com ads.pubmatic.com
1 rd.frontend.weborama.fr 1 redirects
1 rtb.com.ru
1 sync.dmp.otm-r.com
1 tech.rtb.mts.ru 1 redirects
1 15a5f0c8-e1ea-4d45-a7b5-2eb5a7990d1c.sync.upravel.com 1 redirects
1 exchange.buzzoola.com 1 redirects
1 e6c96af6-8b79-40d9-85b5-1615924ea2c0.mitdmp.whiteboxdigital.ru 1 redirects
1 mitdmp.whiteboxdigital.ru 1 redirects
1 dm.hybrid.ai
1 sync.ipredictive.com 1 redirects
1 loadm.exelator.com ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 uipglob.semasio.net ads.pubmatic.com
1 aud.pubmatic.com ads.pubmatic.com
1 sync.srv.stackadapt.com 1 redirects
1 match.bnmla.com ads.pubmatic.com
1 pm.w55c.net 1 redirects
1 dmp.brand-display.com ssum-sec.casalemedia.com
1 sync.adotmob.com 1 redirects
1 ms.quantumdex.io 1 redirects
1 match.sharethrough.com 1 redirects
1 tags.adsafety.net 1 redirects
1 ads.smartstream.tv 1 redirects
1 googleads.g.doubleclick.net 1 redirects
1 googleads4.g.doubleclick.net
1 cdn.connectad.io get.optad360.io
1 js-sec.indexww.com get.optad360.io
1 r3---sn-4g5lznes.c.2mdn.net
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net serving.stat-rock.com
1 playreplay.net moevideo.biz
1 thesame.tv moevideo.biz
1 playreplay.me moevideo.biz
1 pixel.tapad.com pandg.tapad.com
1 pandg.tapad.com pghub.io
1 pghub.io ask.fm
1 sync.richaudience.com ask.fm
1 js.ad-score.com cdn.flashtalking.com
1 cdn.flashtalking.com servedby.flashtalking.com
1 api.feedad.com eu.sportradarserving.com
1 tags.feedad.com eu.sportradarserving.com
1 rtb-csync.smartadserver.com ask.fm
1 aws-fr-sync.bidswitch.net 1 redirects
1 itx4.smartadserver.com ask.fm
1 apps.sascdn.com ced-ns.sascdn.com
1 rtb.gumgum.com 1 redirects
1 ads.playground.xyz 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 pixel.quantserve.com 1 redirects
1 match.deepintent.com ads.pubmatic.com
ssum-sec.casalemedia.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 ad4m.at ads.pubmatic.com
1 green.erne.co 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 csync.loopme.me 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 ced-ns.sascdn.com ask.fm
1 stats.g.doubleclick.net www.google-analytics.com
1 useast.quantumdex.io get.optad360.io
1 prg.smartadserver.com get.optad360.io
1 htlb.casalemedia.com get.optad360.io
1 cdn.jsdelivr.net get.optad360.io
1 www.facebook.com
1 cmp.optad360.io d3r6ceqp4shltl.cloudfront.net
1 www.googletagmanager.com d3r6ceqp4shltl.cloudfront.net
1 static.adsafeprotected.com ask.fm
1 ads.vidoomy.com ask.fm
0 a.audrte.com Failed ads.pubmatic.com
0 moevideo-sync.rutarget.ru Failed
0 trc.taboola.com Failed ads.pubmatic.com
0 i.connectad.io Failed get.optad360.io
668 201
Subject Issuer Validity Valid
*.ask.fm
AlphaSSL CA - SHA256 - G2		 2020-07-30 -
2021-09-27		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2021-08-06 -
2022-09-05		 a year crt.sh
colossalcoat.com
R3		 2021-07-13 -
2021-10-11		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2021-07-28 -
2022-01-07		 5 months crt.sh
static.adsafeprotected.com
Amazon		 2021-01-06 -
2022-02-04		 a year crt.sh
ad.lkqd.net
R3		 2021-07-25 -
2021-10-23		 3 months crt.sh
ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-11-17		 a year crt.sh
*.lkqd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-09 -
2022-07-14		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-20 -
2021-10-18		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.optad360.io
Amazon		 2020-12-17 -
2022-01-15		 a year crt.sh
*.viadata.store
Sectigo RSA Domain Validation Secure Server CA		 2020-11-17 -
2021-11-27		 a year crt.sh
*.springserve.com
Amazon		 2021-04-30 -
2022-05-29		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-30 -
2022-06-01		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-08 -
2022-07-07		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
onetag-sys.com
R3		 2021-07-26 -
2021-10-24		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.a-mo.net
R3		 2021-07-16 -
2021-10-14		 3 months crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-05-24 -
2021-11-17		 6 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.sascdn.com
DigiCert Secure Site ECC CA-1		 2020-10-14 -
2021-11-11		 a year crt.sh
*.rutarget.ru
Thawte RSA CA 2018		 2021-05-17 -
2022-06-17		 a year crt.sh
*.adriver.ru
RapidSSL RSA CA 2018		 2020-04-03 -
2022-04-24		 2 years crt.sh
*.viralize.tv
Sectigo RSA Domain Validation Secure Server CA		 2019-10-21 -
2021-11-18		 2 years crt.sh
*.moevideo.biz
AlphaSSL CA - SHA256 - G2		 2021-04-27 -
2022-05-29		 a year crt.sh
*.adx.com.ru
Sectigo RSA Domain Validation Secure Server CA		 2021-05-04 -
2022-05-04		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-23 -
2021-11-21		 2 years crt.sh
dmg.digitaltarget.ru
R3		 2021-08-17 -
2021-11-15		 3 months crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-28 -
2022-06-15		 a year crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2021-04-08 -
2022-05-09		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.onaudience.com
Certyfikat SSL		 2021-05-28 -
2022-05-28		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.pbp.bf2.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-18 -
2021-11-17		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.sportradarserving.com
Entrust Certification Authority - L1K		 2020-10-15 -
2021-10-15		 a year crt.sh
tags.feedad.com
GTS CA 1D4		 2021-08-29 -
2021-11-27		 3 months crt.sh
api.feedad.com
GTS CA 1D4		 2021-07-22 -
2021-10-20		 3 months crt.sh
servedby.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-04 -
2022-02-22		 a year crt.sh
cdn.flashtalking.com
DigiCert SHA2 Secure Server CA		 2021-05-25 -
2022-06-02		 a year crt.sh
bs.yandex.ru
Yandex CA		 2021-05-31 -
2021-11-29		 6 months crt.sh
tag.device9.com
Go Daddy Secure Certificate Authority - G2		 2021-07-19 -
2022-08-20		 a year crt.sh
*.ad-score.com
Go Daddy Secure Certificate Authority - G2		 2020-09-02 -
2021-10-04		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-01-21 -
2022-01-25		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-17 -
2022-03-16		 a year crt.sh
*.pghub.io
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-09 -
2022-02-16		 a year crt.sh
cdn.ravenjs.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-02-22 -
2022-03-26		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-23 -
2021-11-15		 3 months crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2020		 2021-06-04 -
2022-07-06		 a year crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA		 2020-10-05 -
2021-11-06		 a year crt.sh
*.yastatic.net
Yandex CA		 2021-08-18 -
2022-02-16		 6 months crt.sh
*.360yield.com
Amazon		 2021-07-29 -
2022-08-27		 a year crt.sh
*.playreplay.me
AlphaSSL CA - SHA256 - G2		 2021-02-11 -
2022-03-15		 a year crt.sh
*.thesame.tv
AlphaSSL CA - SHA256 - G2		 2021-06-09 -
2022-07-11		 a year crt.sh
*.playreplay.net
AlphaSSL CA - SHA256 - G2		 2020-10-01 -
2021-11-02		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2021-03-10 -
2022-03-29		 a year crt.sh
serving.stat-rock.com
R3		 2021-08-22 -
2021-11-20		 3 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2021-08-17 -
2021-10-26		 2 months crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2021-05-16 -
2022-05-15		 a year crt.sh
*.adsafety.net
R3		 2021-07-12 -
2021-10-10		 3 months crt.sh
*.id5-sync.com
R3		 2021-07-13 -
2021-10-11		 3 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.brand-display.com
GeoTrust RSA CA 2018		 2020-06-24 -
2022-06-24		 2 years crt.sh
*.bnmla.com
Go Daddy Secure Certificate Authority - G2		 2021-01-06 -
2022-02-07		 a year crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-09 -
2022-04-10		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-02 -
2022-06-07		 a year crt.sh
*.moe.video
AlphaSSL CA - SHA256 - G2		 2021-01-15 -
2022-02-16		 a year crt.sh
*.mail.ru
GeoTrust ECC CA 2018		 2020-11-13 -
2021-11-17		 a year crt.sh
stats.seedr.ru
R3		 2021-08-23 -
2021-11-21		 3 months crt.sh
*.mradx.net
GeoTrust RSA CA 2018		 2021-07-23 -
2022-08-16		 a year crt.sh
*.hybrid.ai
Sectigo RSA Domain Validation Secure Server CA		 2020-07-07 -
2022-10-05		 2 years crt.sh
ltmse.com
R3		 2021-07-30 -
2021-10-28		 3 months crt.sh
*.bumlam.com
R3		 2021-07-01 -
2021-09-29		 3 months crt.sh
sync.dmp.otm-r.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-18 -
2022-06-18		 a year crt.sh
rtb.com.ru
Sectigo RSA Domain Validation Secure Server CA		 2021-03-01 -
2022-03-07		 a year crt.sh
*.frontend.weborama.com
Go Daddy Secure Certificate Authority - G2		 2019-08-29 -
2021-10-27		 2 years crt.sh
cdn01.nativeroll.tv
R3		 2021-09-01 -
2021-11-30		 3 months crt.sh
cdn02.nativeroll.tv
R3		 2021-09-04 -
2021-12-03		 3 months crt.sh
*.tns-counter.ru
GlobalSign ECC OV SSL CA 2018		 2020-11-10 -
2021-12-12		 a year crt.sh
*.vk.com
GlobalSign Organization Validation CA - SHA256 - G2		 2020-06-09 -
2022-06-10		 2 years crt.sh
statsb.nativeroll.tv
R3		 2021-08-05 -
2021-11-03		 3 months crt.sh
*.p.otm-r.com
Sectigo RSA Domain Validation Secure Server CA		 2020-01-27 -
2022-02-06		 2 years crt.sh
*.stickyadstv.com
DigiCert SHA2 High Assurance Server CA		 2019-11-25 -
2022-02-18		 2 years crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
acds.prod.vidible.tv
DigiCert SHA2 High Assurance Server CA		 2021-06-21 -
2021-12-15		 6 months crt.sh
cdn-ycs.vidible.tv
DigiCert SHA2 High Assurance Server CA		 2021-05-17 -
2021-11-10		 6 months crt.sh
trk.vidible.tv
DigiCert SHA2 High Assurance Server CA		 2021-07-11 -
2022-01-05		 6 months crt.sh

This page contains 114 frames:

Primary Page: https://ask.fm/cactussupply519
Frame ID: 24BF4A037A8C4D0697A5676A8EDBB393
Requests: 129 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: F5CC2EBEBF0DD636DC4FACE612DA6061
Requests: 9 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 681BA93FB4FF81F6E7E8FD92BF33D743
Requests: 2 HTTP requests in this frame

Frame: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Frame ID: 4629F15D2D3665400208FC4956A125A7
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: B3B512E03CD02C10E97044602D7E7FC9
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 9D253CFED91C34B232092496AD6229B3
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: C19B835642C6447E99636CD6A2969B87
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 6216EC0C819FEA1B18B3D8466804B50C
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: C9C1F970984F62FE8D527521D3714119
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 992A74714D3AA082FEE75B21080F3BE3
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 62AD36E9A7788E5CF369B9510B9D6244
Requests: 3 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_44854a27.js
Frame ID: 805C2FD26F168C0B27623CE15299ACAF
Requests: 6 HTTP requests in this frame

Frame: https://cdn.viadata.store/js/player/210830.js
Frame ID: FA401761651997ED87E781DC77B354DF
Requests: 22 HTTP requests in this frame

Frame: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Frame ID: C7125A5A6732FEE36D9ED2ACA4DAAD5E
Requests: 2 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&schain=1.0,1!vidoomy.com,54345,1,1631278441107,,
Frame ID: 23D8F381A5275ACC1AD1295215A6A79E
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: C98E87845347491AFEE569BAAD046305
Requests: 23 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=CC146F8A-A2DF-4195-B4B5-D84003A697D4
Frame ID: 518E0A982B86EA1ACD9DA0991DA6E3AA
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5682155580754221045
Frame ID: 1BB0C6354A0B71A5AA004D3569735A62
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 17A2FEBEC2700261BFA7EE42B1289A5E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7006287554795206796
Frame ID: 20524C00EE332AC7BF9BFBA8713BBA3E
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 91DC515FE379AC8EEE8AA0F6B139E8EA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: C34408E36C16BEEB235D588B88079D73
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Frame ID: 7A2EE7F576F1947E0C37D9A5CEED65DB
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 61463A5E47F2FF9A12A377F3835E1637
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=lVmvfVRNQgYj0aC6bZu6XdXG
Frame ID: 2126F80D314B1930A9F5E0BC7B70DC00
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 19207ED49BC3056990AC394CD932AD1F
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: EA22FAB21244465AF5B86EBC975B307C
Requests: 1 HTTP requests in this frame

Frame: https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
Frame ID: AE74648859BE6F409AE3D95820FCDB88
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: CBC0BA391E0F040C29282199D772FE31
Requests: 1 HTTP requests in this frame

Frame: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22460599969362581564%22%2c%22adomain%22%3a%22betway.de%22%2c%22page%22%3a%221438277%22%2c%22format%22%3a%2289189%22%2c%22crid%22%3a%22409_19638%22%2c%22dsp%22%3a%2231%22%2c%22buyer%22%3a%22137327%22%2c%22cid%22%3a%221347%22%2c%22adid%22%3a%22409_19638%22%2c%22hash%22%3a%224099429373733943189%22%7d
Frame ID: 258DDB3B3711A1A187C8EE4EA743F089
Requests: 1 HTTP requests in this frame

Frame: https://eu.sportradarserving.com/ul_cb/content/fBEwV5KhuBvern-KSrQJ5nQedudhzgT9tF-FO35PoYHkMJzVHUv_hQ36OYFW78UKAzZUYwjkxnPwy8AsBI4LFefet7TS7scuPwUr2OL37r5Kn3rZJiBsG23XUQjUb6XgVkzTDanFSZ4mkvfCsdqOigQWkhR6-_0yPTEGzfp0gYoseUvU6Te-PPtNMv01sYpE0DrJTGiUBYqwZ4fxFjDVL-fUrWuoTsJ1ysR4ANEjO0R_FxuQwmHPFGZixpIg_8SaqMckcrvhinAmxf3qNEw80TbfkXtFCB1AOqSIWFM3582qZ-oyolAMiTiXgZcV4_Ak_SDhyQZdnLDjoOXXSj-dqInz73l7UvH6EKBWYgvU3zFMhB5GxhJ_rK3wZtGjMjcmGHk4BzxWGsgT_zLgyzHFyo_rMZ9zxtMhAVA4ZONdMQK1B4yRI_s1iwPFGhut7xRz8y2ReyahgItIy1k1ifKmFz5J1XLob8QS1okijuJTRknTS8RSrI3CRBcJ715L-8-JQx0-qHtsah2YlHpMYFNrmitunnMqZLz2UfE02_ljFFIL9r4P9VzfhbD3Q3WK1WiLXPYB8WpsMdXWJGLTh65i22J9UtHY6EEnEnTuAJC8nX7EDVBVxWGKhTfOCdcoXIFJkGRtw5hqBgOZa-0eELG7MQqkTXmeoQyOdcKbu7_Pp610O1QxgL7gcWqj2cT7bRs1eTkGYBsEOchE7cLvUstEekJlexQvqPct9S2ER6gpI4W678XSW-oEGsJPOOQW_kBLHzr8-MWagJznt_0ZejAbrI4Q783oY6WtBw-J5g1H50g_FPrEH7nu9OI8NJC15TacWNZc7eMmP0WQV_wQQx4vocEd8lJ9OLy_myO2AUgXEnPFAiRSVs2s-F3y7ll1Dtw4K6L5OmMM0vM3lyiSmAxwBsGMzVy7x1oPewNMdY2CptBRuPyTby7WX_FYQUnANuKwWXiCc-P6ZVUb_m0yDm4Kox9amXi7ZzqiYljDuWzhtx37Cuc3DvCllffk6XyyIFpFZ7QmWPg4OGDAIUQY-TdqMoKkr2Ne_4MKr9CW5_AzAWcFgm3MT-w4tlsvV0HoSXg3Z34Iw2Hpb55runbzN1_qcMrgaLYJDkydQyVf_fUx7S7oLZlHZ6w4g7q6ZzBI93sj2UFEd3Bscwt1OAlYudReckFd5rB5_YTN/
Frame ID: 6C43F3A8F445B523817A5EFBF91E6493
Requests: 35 HTTP requests in this frame

Frame: https://itx4.smartadserver.com/h/aip?uii=460599969362602883&tmstp=6146143137&ckid=7913875953512040140&pubid=23&systgt=%24qc%3d1313506140%3b%24ql%3dUnknown%3b%24qpc%3d76726%3b%24qt%3d25_1767_24818t%3b%24dma%3d0%3b%24b%3d16890%3b%24o%3d11100&acd=1631278441335&envtype=0&opid=1afba946-e41e-466d-a03c-549a8af918f5&opdt=1631278441335&siteid=259837&tgt=%24dt%3d1t&gdpr=0&visit=S&statid=3&imptype=0&pgDomain=https%3a%2f%2fask.fm%2fcactussupply519&cappid=7913875953512040140&capp=1&mcrdbt=1&insid=10104881&imgid=0&pgid=1438277&fmtid=89189&isLazy=0&rtb=1&rtbnid=2079&rtbbid=460599969362581564&rtbh=b07bfcb32615cdaa86242cf6db1146427876c4e0&rtblt=637668752413389672&rtbet=0&rtbptnid=31&cftgid=d878bfc715be
Frame ID: ED57BD6835B10F046ED74A7B8E479BE8
Requests: 2 HTTP requests in this frame

Frame: https://moevideo.biz/embed/player/1707/vpaid/vpaid.min.js
Frame ID: F15C4FF67C5D6034FDCC480DE658543D
Requests: 1 HTTP requests in this frame

Frame: https://static.viralize.tv/viralize_vpaid.min.9026482f.js
Frame ID: FA80D32AA0DEC225BBACEC8D10912A91
Requests: 2 HTTP requests in this frame

Frame: https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc58&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602468%3B3529838%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Frame ID: 1515870E70460950DF846F3C64167813
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ravenjs.com/3.17.0/raven.min.js
Frame ID: D13B239177C58822F866C1FDCF176C48
Requests: 37 HTTP requests in this frame

Frame: https://pandg.tapad.com/tag?gdpr=0&gdpr_consent=&referrer_url=&page_url=https%3A%2F%2Fask.fm%2Fcactussupply519&owner=P%26G&bp_id=showheroes&data=%7B%7D
Frame ID: 648F83247EC471E5BDBCCB0EA3F36C92
Requests: 2 HTTP requests in this frame

Frame: https://moevideo.biz/embed/vpaid?token=iwT643WdNLW1YlIMGmBJS6htTCuxc3QK9RbD8jx0B7A57pbL7CfUD%2BYcsHH4Y%2FOw&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fcactussupply519&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
Frame ID: DB5C3FCDCB81FF3EDC92819056C9CA3D
Requests: 42 HTTP requests in this frame

Frame: data://truncated
Frame ID: 513E89DD10652A4F3D6A8DA802177DFF
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 413D42170668E0BC0283D0078D8BA399
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 912CB26ADC50614EEE39EA339DE3733E
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 8D329E1454FC2778B678E003C7610D6E
Requests: 2 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetway%2F581701278d987c10bca61aed%2Fimages%2Fe56741f2-e1b9-4438-b2ab-ed263b2e70c2.png&w=104&h=90&q=90&f=webp&rt=contain
Frame ID: BE16490774469F7D57F0A37989D0A26D
Requests: 4 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetway%2F581701278d987c10bca61aed%2Fimages%2Ffa473745-880c-42d3-9470-5aed7b5ae848.png&w=130&h=135&q=90&f=webp&rt=contain
Frame ID: 5B7F02CF4B2961A0F4DD6B0B9BDBD6FD
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: B9F3A2CAA6B352AC7FBA5AC289E21E9C
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 28275786DA0A7119D8D00237222C377E
Requests: 6 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1631278441331
Frame ID: 992AF5969591776649759DEDE678A87A
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1631278444214
Frame ID: 580F96A7297F201CD3F89F978AB4F241
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: 21839BA54ACA87E3A08BA5F102D36E78
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 8CD3DF483D21794BA4F7E891281F2F7E
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 4850FE0EA6EED9786E359D3826748350
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E9166F000E2F955854D3F4A8E8698D04
Requests: 3 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 9B0E04B221257C1A21A449881F58BA20
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 2C78AD57A16FDD0720508DB5391D1727
Requests: 3 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_44854a27.js
Frame ID: 6BD93E89CE88FAF63D8913B55B8EAFC8
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: F905A15EC71A2392ED570362A62FFC3A
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 39A7253F5255691CD040E60A46C7E3DA
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: E27FC7C927D90F9ED7397D7CC7874856
Requests: 8 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 6F7B84F95EA8BBDAD7DF5A76EC66AC4C
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: C7FBAF2DB041FB96C0AF97253A93D027
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:W6couTJp1MoG2D5&gdpr=0&gdpr_consent=
Frame ID: 4EDAC86514DAFC2C83182CFED7E9227B
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: CF857D26F0FCEE219C41B03E7C514249
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:86E2B97FD4BE4D80BA4F5649A31717F8
Frame ID: EAE1513C0F433C8894392EF5289EB872
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=0O7K_XN1RgZyFzgtinfBulvHdks
Frame ID: 9BF9DD14F65675C6E6463FCC86C786DA
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=CC146F8A-A2DF-4195-B4B5-D84003A697D4
Frame ID: 57035D8FF180C6E36AF9231F950930D6
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&schain=1.0,1!vidoomy.com,54345,1,1631278444731,,
Frame ID: 889A1B015857CB64C6F68071B86E454D
Requests: 3 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: B885352589CFA61E2C5512D4C4147217
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: CE2206516565CE43D347704787D8C12E
Requests: 1 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: 6DC19CC8F132C7994BBFCA2B8C6BB2AD
Requests: 1 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: 2DB6C6901690EDBD9B6C8A6E8E5D782A
Requests: 1 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: 76A194B4F4F020AB5C85CC7D44123271
Requests: 1 HTTP requests in this frame

Frame: https://cdn01.nativeroll.tv/js/nr-vpaid.min.js
Frame ID: 5D2B4231AE7A99AB65F59F6C2BA853ED
Requests: 2 HTTP requests in this frame

Frame: https://ad.mail.ru/dist/vkAuth.html
Frame ID: 1544C53778007B01F641940B0611AA10
Requests: 3 HTTP requests in this frame

Frame: https://cdn01.nativeroll.tv/js/nr-player.min.js
Frame ID: 7CCDF4AB9B7BFD5671244E7FDBE56036
Requests: 5 HTTP requests in this frame

Frame: https://cdn01.nativeroll.tv/js/nr-box.html?origin=https%3A%2F%2Fmoevideo.biz
Frame ID: 3F68DC208CE23A2DE6D9AEE3C19B486F
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: BAEE117CC39E68346305982A6CEAC26A
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 635C09B4B7FFAAE3CCD9BD0D6F1A78F3
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 45CA95E27B33F94696BA583B2D0C6FD7
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: C9CD5957D88F41780CD1FE5A7D4CD848
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: E33CC59F95BC765D67722D9C52322A26
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: E7773E6CC37814A4B2A6D77C50A37EF0
Requests: 2 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 222E0E1B0A2F97AB24C554836AAA753F
Requests: 4 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 21762E512EDC3E3B90901A5B80896ED7
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: E10A0B4DC33BFD5AF2B712B2A9039B85
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 2F5899CF3D69DE9E3558912562A8E8BD
Requests: 5 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_44854a27.js
Frame ID: EB63CA3007995AFC032D627AB7E14A41
Requests: 9 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662274&adId=2645911&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1631278442
Frame ID: D4E40A69500E01E063800BF769E98EA6
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 8D418D1AC66299A48720D173C384EA01
Requests: 3 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&schain=1.0,1!vidoomy.com,54345,1,1631278449011,,
Frame ID: 76EEECB07F9BE6EFDB3D0C48C7BEEFF6
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 16D7997CBE9F60589E0BAE396CF70C83
Requests: 1 HTTP requests in this frame

Frame: https://static.viralize.tv/viralize_vpaid.min.9026482f.js?e=ops
Frame ID: 1E7945CBD259B723465C3B72D9891F53
Requests: 2 HTTP requests in this frame

Frame: https://moevideo.biz/embed/player/1707/vpaid/vpaid.min.js
Frame ID: E69829E38082E6518A2FFDE294A36037
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ravenjs.com/3.17.0/raven.min.js
Frame ID: D93E310D8748D253BC4F9E671D1A94E9
Requests: 34 HTTP requests in this frame

Frame: https://moevideo.biz/embed/vpaid?token=VtzIPD30DPpYmx0oQ4g3Wv%2BRbOFg0nwnGgMOfVIHuE4pcAdhVW6OB8T8zr6ynwwg&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fcactussupply519&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
Frame ID: FAA07648751EFD8A7B80B33AB60DF183
Requests: 24 HTTP requests in this frame

Frame: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1250061&orgId=22762&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=https%3A%2F%2Fask.fm%2Fcactussupply519&vrid=2042dea4-179a-4226-a360-f4708e3c8eb0&pblob=
Frame ID: 3E2AF944D295FBA4D6B2F1E5730DA9DF
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=718975&adId=2944651&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1631278450
Frame ID: 8DEC1412077E6BF6B1258951EA8709D6
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 1FD0D2757F31CB0FCFECFBCB7FC66E4D
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 3AE4652C83B7576F9D142186584349EA
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: DDFD8CF5897D36D80E2D1B8885D5573E
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 685545676B5629829986B707B6D96BAE
Requests: 3 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_44854a27.js
Frame ID: D40C7341040E506F3840AE590F21A610
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2B15526AF60866EC19D41D24D9303EE8
Requests: 3 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&schain=1.0,1!vidoomy.com,54345,1,1631278452737,,
Frame ID: 8FB76158523FE63FA7BDEAC34F21A485
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: FBB5CB45950D58C29B460D60DECB1698
Requests: 1 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: 4967881E65C85C188FDA1144402269E9
Requests: 1 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: DF17E801952559D1DE0423543E0F357F
Requests: 1 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: 4E18D9F19E191394D192596A6F6397C5
Requests: 1 HTTP requests in this frame

Frame: https://ad.mail.ru/dist/vkAuth.html
Frame ID: 85D671C8025F5907F0822A63D7E77206
Requests: 3 HTTP requests in this frame

Frame: https://cdn01.nativeroll.tv/js/nr-vpaid.min.js
Frame ID: EF7D272944F717CE13BBFDD190F7CF2E
Requests: 2 HTTP requests in this frame

Frame: https://cdn01.nativeroll.tv/js/nr-player.min.js
Frame ID: 5A87C6912454F63662D76BEB453CDB7D
Requests: 5 HTTP requests in this frame

Frame: https://cdn01.nativeroll.tv/js/nr-box.html?origin=https%3A%2F%2Fmoevideo.biz
Frame ID: 135F4F19059932D575976410297A2427
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: A5A4DA281EB7C3C2A55547A7DC333328
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: FDF44B2938476984F5C804F72AA61D57
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 25A9D29859469EA1F07E6597D0F851E0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

lawsonspencer198 (@cactussupply519) – Frag mich alles | ASKfm

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:adriver\.core\.\d\.js|https?://(?:content|ad|masterh\d)\.adriver\.ru/)
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

668
Requests

98 %
HTTPS

24 %
IPv6

125
Domains

201
Subdomains

142
IPs

13
Countries

9037 kB
Transfer

21170 kB
Size

225
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9392.BiXJlHBhRbbsX_ln3npJHoOKXw-rypditQ9r3zrN4391VIeSLIGTJEhMi4eu8TN7.18lzkV7f6RGt4BXELzKxssPETMs%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9392.DRlVQv2tvCcoYuAYqLgD9MGYlu0MvEs1YxuYlb54kz8Vq2DNxEwLG7rD77JXV5vwNnkPycrcYvxhMnnZP4OaOA%2C%2C.25mvJuJxrfBT20Kgvo0958xQAN0%2C
Request Chain 15
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Request Chain 16
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=657889062.5505611737352216.5677637 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=657889062.5505611737352216.5677637 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=vidoomy&bsw_param=d9baeb63-b8bf-4e5e-80a1-f874d429193b&google_hm=ZDliYWViNjMtYjhiZi00ZTVlLTgwYTEtZjg3NGQ0MjkxOTNi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm=&google_sc=&ssp=vidoomy&bsw_param=d9baeb63-b8bf-4e5e-80a1-f874d429193b&google_hm=ZDliYWViNjMtYjhiZi00ZTVlLTgwYTEtZjg3NGQ0MjkxOTNi&google_tc= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESECkLSF2jKMJng_ZpvSvQjck&google_cver=1&ssp=vidoomy&bsw_param=d9baeb63-b8bf-4e5e-80a1-f874d429193b HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=d9baeb63-b8bf-4e5e-80a1-f874d429193b
Request Chain 17
  • https://sync.1rx.io/usersync2/vidoomy?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=OPTOUT
Request Chain 23
  • https://mc.yandex.com/watch/48953915?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fcactussupply519&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A843%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A604330922601%3Ahid%3A668703111%3Az%3A0%3Ai%3A202109010125400%3Aet%3A1631278440%3Ac%3A1%3Arn%3A750739641%3Arqn%3A1%3Au%3A1631278440708263106%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1631278439185%3Ads%3A8%2C311%2C184%2C95%2C0%2C0%2C%2C162%2C126%2C%2C%2C%2C675%3Adsn%3A7%2C311%2C185%2C94%2C%2C0%2C%2C77%2C127%2C%2C%2C%2C675%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1631278440%3At%3Alawsonspencer198%20(%40cactussupply519)%20%E2%80%93%20Frag%20mich%20alles%20%7C%20ASKfm HTTP 302
  • https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fcactussupply519&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A843%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A604330922601%3Ahid%3A668703111%3Az%3A0%3Ai%3A202109010125400%3Aet%3A1631278440%3Ac%3A1%3Arn%3A750739641%3Arqn%3A1%3Au%3A1631278440708263106%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1631278439185%3Ads%3A8%2C311%2C184%2C95%2C0%2C0%2C%2C162%2C126%2C%2C%2C%2C675%3Adsn%3A7%2C311%2C185%2C94%2C%2C0%2C%2C77%2C127%2C%2C%2C%2C675%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1631278440%3At%3Alawsonspencer198%20%28%40cactussupply519%29%20%E2%80%93%20Frag%20mich%20alles%20%7C%20ASKfm
Request Chain 28
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3630766151571695329
Request Chain 33
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7665991417695659745
Request Chain 50
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7665991417695659745
Request Chain 74
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=pc4cWHxqTkFnc05lcXhwTHdqbzJTMW5RendFWWw2STJXQ1ZZbVByMFkxRHI5ejQ3L0tsNmlkZUM2V3h0T25uNjJhTUdEVTIzNjZTM3B5STI1dW1vemt3V3JIS2o5NHJaOCtweXBnZFh1YmQwcDVPZGxUbFU5dklMREtiUVZBYXFSdEpnbWdwWVk1VzhNOHBWYWdOOFdGaUIzcGlmU3JORVhFTkxNWjBjUDR1RlVQUVR6WnZPS1ZlVmg0N2hKbmtwUVZva3hocmkyM3hXNVJtSitmNDZzNWJYMFdFZnhYUXZLSEFxZFlTSzIwczNtNFpVPXw&cppv=2
Request Chain 111
  • https://adx.com.ru/viads-vast?vpaid=true&rolltype=outstream&referer=https%3A%2F%2Fask.fm%2Fcactussupply519&uid=47a31a07-2c26-495d-9ada-39ecbe8d680e&cbb=1278441736 HTTP 302
  • https://adx.com.ru/viads-vast?confirm=1&referer=https%3A%2F%2Fask.fm%2Fcactussupply519&rolltype=content-roll&uid=47a31a07-2c26-495d-9ada-39ecbe8d680e&vpaid=false
Request Chain 113
  • https://dmg.digitaltarget.ru/1/7205/i/i?a=945&e=47a31a07-2c26-495d-9ada-39ecbe8d680e&i=1631278441 HTTP 307
  • https://dmg.digitaltarget.ru/awg/custom/7205/i/i?call_source=awg&a=945&e=47a31a07-2c26-495d-9ada-39ecbe8d680e&i=1631278441
Request Chain 115
  • https://sync.search.spotxchange.com/partner?adv_id=273596&uid=47a31a07-2c26-495d-9ada-39ecbe8d680e HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=273596&uid=47a31a07-2c26-495d-9ada-39ecbe8d680e&__user_check__=1&sync_id=2c087c05-1236-11ec-93d6-1bf9ad920106
Request Chain 120
  • https://c1.adform.net/serving/cookie/match?party=14&cid=CC146F8A-A2DF-4195-B4B5-D84003A697D4 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=CC146F8A-A2DF-4195-B4B5-D84003A697D4
Request Chain 121
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5682155580754221045
Request Chain 123
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7006287554795206796
Request Chain 124
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBTnVFN0NkcXNBQUhqYXVTbWtyQQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 125
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 126
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Request Chain 128
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=lVmvfVRNQgYj0aC6bZu6XdXG
Request Chain 130
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 133
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=zBRviqLfQZW0tdhAA6aX1A%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 134
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=5dd5613b-5569-4400-ac7a-833d3c1373c2
Request Chain 135
  • https://pixel.onaudience.com/?partner=214&mapped=CC146F8A-A2DF-4195-B4B5-D84003A697D4 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=661c39e90b0106cb1eccd656ed47cb80
Request Chain 136
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0MxNDZGOEEtQTJERi00MTk1LUI0QjUtRDg0MDAzQTY5N0Q0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 137
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO51ZGjfYrPEJbupjfhZHSg&google_cver=1
Request Chain 139
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7339593317579984733
Request Chain 140
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:981f613b-5569-4400-b0a4-0801701c12bf&gdpr=0&gdpr_consent=
Request Chain 141
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=41ea13fe-0ad5-4532-a924-7a4ded1cc58a
Request Chain 142
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=79558216986088634&gdpr=0&gdpr_consent=
Request Chain 143
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=CC146F8A-A2DF-4195-B4B5-D84003A697D4&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=CC146F8A-A2DF-4195-B4B5-D84003A697D4&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Gzp.DJ1E2uUiGoQ4jZfzdP5LC13jFzk-~A&gdpr=0&gdpr_consent=
Request Chain 145
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=4iDCA-EkxwD5IcFU4iDcWLclxlD5JskFsSDqh6M2
Request Chain 146
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=d9baeb63-b8bf-4e5e-80a1-f874d429193b HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=d9baeb63-b8bf-4e5e-80a1-f874d429193b HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=236f4cbe-0aaa-42c8-a3f5-8abcc8e2c2fe&user_group=1&ssp=pubmatic&bsw_param=d9baeb63-b8bf-4e5e-80a1-f874d429193b HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d9baeb63-b8bf-4e5e-80a1-f874d429193b&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 147
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YTtVagAAAmZurQA6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YTtVagAAAmZurQA6&gdpr=0&gdpr_consent=&_test=YTtVagAAAmZurQA6
Request Chain 148
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7665991417695659745&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 150
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 151
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:5fd069ab-2ce8-43cf-ba14-78fb7c6cedfe&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 152
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=79558216986088634
Request Chain 153
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_11738dd5-e334-48db-acfc-6d0d273aa84d
Request Chain 155
  • https://eu.sportradarserving.com/content/fBEwV5KhuBvern-KSrQJ5nQedudhzgT9tF-FO35PoYHkMJzVHUv_hQ36OYFW78UKAzZUYwjkxnPwy8AsBI4LFefet7TS7scuPwUr2OL37r5Kn3rZJiBsG23XUQjUb6XgVkzTDanFSZ4mkvfCsdqOigQWkhR6-_0yPTEGzfp0gYoseUvU6Te-PPtNMv01sYpE0DrJTGiUBYqwZ4fxFjDVL-fUrWuoTsJ1ysR4ANEjO0R_FxuQwmHPFGZixpIg_8SaqMckcrvhinAmxf3qNEw80TbfkXtFCB1AOqSIWFM3582qZ-oyolAMiTiXgZcV4_Ak_SDhyQZdnLDjoOXXSj-dqInz73l7UvH6EKBWYgvU3zFMhB5GxhJ_rK3wZtGjMjcmGHk4BzxWGsgT_zLgyzHFyo_rMZ9zxtMhAVA4ZONdMQK1B4yRI_s1iwPFGhut7xRz8y2ReyahgItIy1k1ifKmFz5J1XLob8QS1okijuJTRknTS8RSrI3CRBcJ715L-8-JQx0-qHtsah2YlHpMYFNrmitunnMqZLz2UfE02_ljFFIL9r4P9VzfhbD3Q3WK1WiLXPYB8WpsMdXWJGLTh65i22J9UtHY6EEnEnTuAJC8nX7EDVBVxWGKhTfOCdcoXIFJkGRtw5hqBgOZa-0eELG7MQqkTXmeoQyOdcKbu7_Pp610O1QxgL7gcWqj2cT7bRs1eTkGYBsEOchE7cLvUstEekJlexQvqPct9S2ER6gpI4W678XSW-oEGsJPOOQW_kBLHzr8-MWagJznt_0ZejAbrI4Q783oY6WtBw-J5g1H50g_FPrEH7nu9OI8NJC15TacWNZc7eMmP0WQV_wQQx4vocEd8lJ9OLy_myO2AUgXEnPFAiRSVs2s-F3y7ll1Dtw4K6L5OmMM0vM3lyiSmAxwBsGMzVy7x1oPewNMdY2CptBRuPyTby7WX_FYQUnANuKwWXiCc-P6ZVUb_m0yDm4Kox9amXi7ZzqiYljDuWzhtx37Cuc3DvCllffk6XyyIFpFZ7QmWPg4OGDAIUQY-TdqMoKkr2Ne_4MKr9CW5_AzAWcFgm3MT-w4tlsvV0HoSXg3Z34Iw2Hpb55runbzN1_qcMrgaLYJDkydQyVf_fUx7S7oLZlHZ6w4g7q6ZzBI93sj2UFEd3Bscwt1OAlYudReckFd5rB5_YTN/ HTTP 302
  • https://eu.sportradarserving.com/ul_cb/content/fBEwV5KhuBvern-KSrQJ5nQedudhzgT9tF-FO35PoYHkMJzVHUv_hQ36OYFW78UKAzZUYwjkxnPwy8AsBI4LFefet7TS7scuPwUr2OL37r5Kn3rZJiBsG23XUQjUb6XgVkzTDanFSZ4mkvfCsdqOigQWkhR6-_0yPTEGzfp0gYoseUvU6Te-PPtNMv01sYpE0DrJTGiUBYqwZ4fxFjDVL-fUrWuoTsJ1ysR4ANEjO0R_FxuQwmHPFGZixpIg_8SaqMckcrvhinAmxf3qNEw80TbfkXtFCB1AOqSIWFM3582qZ-oyolAMiTiXgZcV4_Ak_SDhyQZdnLDjoOXXSj-dqInz73l7UvH6EKBWYgvU3zFMhB5GxhJ_rK3wZtGjMjcmGHk4BzxWGsgT_zLgyzHFyo_rMZ9zxtMhAVA4ZONdMQK1B4yRI_s1iwPFGhut7xRz8y2ReyahgItIy1k1ifKmFz5J1XLob8QS1okijuJTRknTS8RSrI3CRBcJ715L-8-JQx0-qHtsah2YlHpMYFNrmitunnMqZLz2UfE02_ljFFIL9r4P9VzfhbD3Q3WK1WiLXPYB8WpsMdXWJGLTh65i22J9UtHY6EEnEnTuAJC8nX7EDVBVxWGKhTfOCdcoXIFJkGRtw5hqBgOZa-0eELG7MQqkTXmeoQyOdcKbu7_Pp610O1QxgL7gcWqj2cT7bRs1eTkGYBsEOchE7cLvUstEekJlexQvqPct9S2ER6gpI4W678XSW-oEGsJPOOQW_kBLHzr8-MWagJznt_0ZejAbrI4Q783oY6WtBw-J5g1H50g_FPrEH7nu9OI8NJC15TacWNZc7eMmP0WQV_wQQx4vocEd8lJ9OLy_myO2AUgXEnPFAiRSVs2s-F3y7ll1Dtw4K6L5OmMM0vM3lyiSmAxwBsGMzVy7x1oPewNMdY2CptBRuPyTby7WX_FYQUnANuKwWXiCc-P6ZVUb_m0yDm4Kox9amXi7ZzqiYljDuWzhtx37Cuc3DvCllffk6XyyIFpFZ7QmWPg4OGDAIUQY-TdqMoKkr2Ne_4MKr9CW5_AzAWcFgm3MT-w4tlsvV0HoSXg3Z34Iw2Hpb55runbzN1_qcMrgaLYJDkydQyVf_fUx7S7oLZlHZ6w4g7q6ZzBI93sj2UFEd3Bscwt1OAlYudReckFd5rB5_YTN/
Request Chain 157
  • https://aws-fr-sync.bidswitch.net/sync?ssp=smartadserver&dsp_id=409&imp=1 HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=smartadserver HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=smartadserver HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=daee4435-3cac-4044-90f3-a4ff574d6235&ssp=smartadserver HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=d9baeb63-b8bf-4e5e-80a1-f874d429193b&gdpr=&gdpr_consent=
Request Chain 159
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=365aa3fc-bdd0-4286-a8dd-fb9f6e3f9fee HTTP 302
  • https://ib.adnxs.com/setuid?entity=388&code=d9baeb63-b8bf-4e5e-80a1-f874d429193b
Request Chain 176
  • https://ads.stickyadstv.com/auto-user-sync HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=d5da3dddbeac10ccacfb4cf2f9574b1&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g098_7006287559060276834 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZDVkYTNkZGRiZWFjMTBjY2FjZmI0Y2YyZjk1NzRiMQ==&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEJeZ0pWiNkxAow2z-XDBUAc&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=41ea13fe-0ad5-4532-a924-7a4ded1cc58a HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/d5da3dddbeac10ccacfb4cf2f9574b1&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-aSlYOchE2oP7KmKlUrr5.0kCjzyNlxaIPNz2F9lx~A HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=79558216986088634 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=5dd5613b-5569-4400-ac7a-833d3c1373c2&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=W6couTJp1MoG2D5&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 303
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAANuE7CdqsAAHjauSmkrA&gdpr=0 HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YTtVagAAAmZurQA6&gdpr=0 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0
Request Chain 213
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=21e2c742-253f-44e5-bb00-c0014c2404bf&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=41ea13fe-0ad5-4532-a924-7a4ded1cc58a&ttd_puid=21e2c742-253f-44e5-bb00-c0014c2404bf
Request Chain 249
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7665991417695659745
Request Chain 290
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7665991417695659745
Request Chain 292
  • https://gcdn.2mdn.net/videoplayback/id/a94f4d7b3fe25b13/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1662814444/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/408CB409FCA880384615EF219DFF68A685F62926.40E934E2500810EEA9E58601DF4C3DF074510F5F/key/ck2/file/file.mp4 HTTP 302
  • https://r3---sn-4g5lznes.c.2mdn.net/videoplayback/id/a94f4d7b3fe25b13/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1662814444/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0A3111254F694F242F79D52E9145F1355092B4F2.65AF1A2EC5C8C73A1859209CF75964D3FC367FE8/key/cms1/cms_redirect/yes/mh/Tu/mip/2a0f:9441:5:0:e7::1/mm/42/mn/sn-4g5lznes/ms/onc/mt/1631277984/mv/u/mvi/3/pl/48/file/file.mp4
Request Chain 301
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D8585b578-8fb9-43cd-ba83-4d1240d10b4f%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID HTTP 302
  • https://prebid.a-mo.net/setuid?A=8585b578-8fb9-43cd-ba83-4d1240d10b4f&D=&bidder=pubmatic&uid=CC146F8A-A2DF-4195-B4B5-D84003A697D4
Request Chain 302
  • https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=8585b578-8fb9-43cd-ba83-4d1240d10b4f HTTP 302
  • https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=8585b578-8fb9-43cd-ba83-4d1240d10b4f&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=8585b578-8fb9-43cd-ba83-4d1240d10b4f&apid=UP2dcb61af-1236-11ec-a253-02bfdf4ddc98 HTTP 302
  • https://prebid.a-mo.net/setuid/verizon_video?uid=UP2dcb61af-1236-11ec-a253-02bfdf4ddc98&gdpr=0&gdpr_consent=
Request Chain 303
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D8585b578-8fb9-43cd-ba83-4d1240d10b4f%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/setuid?A=8585b578-8fb9-43cd-ba83-4d1240d10b4f&D=&bidder=appnexus&uid=79558216986088634
Request Chain 304
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D8585b578-8fb9-43cd-ba83-4d1240d10b4f%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D8585b578-8fb9-43cd-ba83-4d1240d10b4f%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://prebid.a-mo.net/setuid?A=8585b578-8fb9-43cd-ba83-4d1240d10b4f&D=&bidder=sovrn&uid=20ded1ad0a4ebf521902437d
Request Chain 305
  • https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D8585b578-8fb9-43cd-ba83-4d1240d10b4f%26D%3D%26bidder%3Dindex_rtb%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D8585b578-8fb9-43cd-ba83-4d1240d10b4f%26D%3D%26bidder%3Dindex_rtb%26uid%3D&s=191503&C=1 HTTP 302
  • https://prebid.a-mo.net/setuid?A=8585b578-8fb9-43cd-ba83-4d1240d10b4f&D=&bidder=index_rtb&uid=YTtVbOjN.jM4EEKfh0Zp3QAA%261173
Request Chain 312
  • https://x.bidswitch.net/sync?ssp=adform HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=adform&ssp_user_id=d9baeb63-b8bf-4e5e-80a1-f874d429193b HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=180896394&expires=5&ssp=adform HTTP 302
  • https://cm.adform.net/pixel?adform_pid=3&adform_pc=d9baeb63-b8bf-4e5e-80a1-f874d429193b&adform_v=1
Request Chain 313
  • https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID HTTP 302
  • https://cm.adform.net/pixel?adform_pid=16&adform_pc=79558216986088634
Request Chain 314
  • https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID HTTP 302
  • https://cm.adform.net/pixel?adform_pid=18&adform_pc=5fd069ab-2ce8-43cf-ba14-78fb7c6cedfe
Request Chain 316
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-8yQIQ78_RAhj1l86BASABMAE&v=APEucNULsNOMp16uphWUVVhu7lRg-Wvu-DvBgpOEc3X4HiLmsGOkwK9tnpXO3jZi7Sj_DQnR8_-cXnhBCLhylf6mMPOJeHnZH5CINDxBou9akXh_cVVzzx0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&gdpr=0&google_gid=CAESECaE8iQXIwxrZfyccA7gCCw&google_cver=1 HTTP 302
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESECaE8iQXIwxrZfyccA7gCCw&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=3bfbe5e470cd903478c794471556b2b9&uid=3bfbe5e470cd903478c794471556b2b9&data[stv][idt_did_status]=added&gdpr_consent=&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1 HTTP 302
  • https://cm.adsafety.net/?_cmsrc=ttdx&idt=100&did=41ea13fe-0ad5-4532-a924-7a4ded1cc58a HTTP 302
  • https://tags.adsafety.net/v1/cm?cm_uid=CM12021091012f0f451a7d65b61b7b14&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Ddefault%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D HTTP 302
  • https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=default&idt=100&did=3bfbe5e470cd903478c794471556b2b9
Request Chain 328
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=79558216986088634
Request Chain 329
  • https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT
Request Chain 330
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP2dcb61af-1236-11ec-a253-02bfdf4ddc98 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP2dcb61af-1236-11ec-a253-02bfdf4ddc98
Request Chain 331
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Request Chain 333
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=46c81401-87b4-446f-8acb-a6d19d6802e2
Request Chain 334
  • https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=6d0a5a0d-e7fa-4c28-809c-918f2e0fa7b2
Request Chain 335
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=79558216986088634
Request Chain 336
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=20ded1ad0a4ebf521902437d
Request Chain 337
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-HgBxBZlE2uGL_Wpw3koGMArz5aYB66MxTxgTonI-~A
Request Chain 346
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YTtVbOjN-jM4EEKfh0Zp3QAABJUAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELfk1fqXGTFQHnIXJ7XiLCc&google_cver=1
Request Chain 348
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YTtVbOjN.jM4EEKfh0Zp3QAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN-Gs9HvgVhtihG7Ppq170c&google_cver=1&gdpr=1&google_hm=2
Request Chain 349
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YTtVbOjN-jM4EEKfh0Zp3QAABJUAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YTtVbOjN-jM4EEKfh0Zp3QAABJUAAAAB&dcc=t
Request Chain 351
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1633870445
Request Chain 352
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06b12204021570d529829543&expiration=[EXPIRATION]&gdpr=1
Request Chain 355
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:W6couTJp1MoG2D5&gdpr=0&gdpr_consent=
Request Chain 357
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:86E2B97FD4BE4D80BA4F5649A31717F8
Request Chain 358
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=0O7K_XN1RgZyFzgtinfBulvHdks
Request Chain 360
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=CC146F8A-A2DF-4195-B4B5-D84003A697D4&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=CC146F8A-A2DF-4195-B4B5-D84003A697D4&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CC146F8A-A2DF-4195-B4B5-D84003A697D4&addseg=19,36,42
Request Chain 364
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=2e2bd096-1236-11ec-a321-f1a78009e55e&gdpr=0&gdpr_consent=
Request Chain 393
  • https://px.adhigh.net/p/cm/moevideo?u=2aeac8bf8f14ce5af194 HTTP 302
  • https://px.adhigh.net/p/cm/moevideo?u=2aeac8bf8f14ce5af194&bounced=1
Request Chain 394
  • https://sync.bumlam.com/?src=moe2&uid=2aeac8bf8f14ce5af194 HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjuqu2JBlIFst3qqQtiFDJhZWFjOGJmOGYxNGNlNWFmMTk0 HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjuqu2JBlIFst3qqQtiFDJhZWFjOGJmOGYxNGNlNWFmMTk0ogEQLrNGkhI2Eeym6QAlkMgkNw** HTTP 302
  • https://sync.bumlam.com/?src=moe2&s_data=CAIQABjuqu2JBmIUMmFlYWM4YmY4ZjE0Y2U1YWYxOTSiARAus0aSEjYR7KbpACWQyCQ3 HTTP 302
  • https://sync.bumlam.com/?src=moe2&s_data=CAIQARjuqu2JBmIUMmFlYWM4YmY4ZjE0Y2U1YWYxOTSiARAus0aSEjYR7KbpACWQyCQ3
Request Chain 395
  • https://mitdmp.whiteboxdigital.ru/pixel?source=moevideo&id=2aeac8bf8f14ce5af194&redirect=true&href=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D51%26b%3D%7Buid%7D HTTP 302
  • https://e6c96af6-8b79-40d9-85b5-1615924ea2c0.mitdmp.whiteboxdigital.ru/redirect?miid=e6c96af6-8b79-40d9-85b5-1615924ea2c0&href=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D51%26b%3De6c96af6-8b79-40d9-85b5-1615924ea2c0 HTTP 302
  • https://cs-0.moevideo.biz/ssp/cs?d=51&b=e6c96af6-8b79-40d9-85b5-1615924ea2c0
Request Chain 397
  • https://exchange.buzzoola.com/cookiesync/redirect/moevideo?redirect_url=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D81%26b%3D%24%7BUUID%7D HTTP 301
  • https://cs-0.moevideo.biz/ssp/cs?d=81&b=2bf19cf1-ed14-4464-721c-ad05ae1b550f
Request Chain 398
  • https://sync.upravel.com/moevideo/sync HTTP 302
  • https://sync.upravel.com/moevideo/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9tb2V2aWRlby5iaXovIl19fQ HTTP 302
  • https://15a5f0c8-e1ea-4d45-a7b5-2eb5a7990d1c.sync.upravel.com/moevideo/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9tb2V2aWRlby5iaXovIiwiaHR0cHM6Ly9tb2V2aWRlby5iaXovIl19fQ HTTP 302
  • https://cs-0.moevideo.biz/ssp/cs?d=91&b=15a5f0c8-e1ea-4d45-a7b5-2eb5a7990d1c
Request Chain 399
  • https://sm.rtb.mts.ru/p?ssp=moevideo&id=2aeac8bf8f14ce5af194 HTTP 301
  • https://sm.rtb.mts.ru/match/second?ssp=moevideo&exu=2aeac8bf8f14ce5af194 HTTP 301
  • https://tech.rtb.mts.ru/?dsp_uid=099d58ff-a7f6-4cef-9e3c-021ce931df67&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FCZ1Y_6f2TO-ePAIc6THfZw%3Fsign%3D44827410 HTTP 302
  • https://an.yandex.ru/setud/mts_banner/CZ1Y_6f2TO-ePAIc6THfZw?sign=44827410
Request Chain 402
  • https://ads.betweendigital.com/match?bidder_id=42837&callback_url=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D161%26b%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=42837&callback_url=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D161%26b%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://cs-0.moevideo.biz/ssp/cs?d=161&b=7664a743-0bda-51fd-a287-975ec3bcc230
Request Chain 403
  • https://dx.frontend.weborama.com/collect?touchpoint=0&url=https%3A//moevideo.biz/embed/vpaid%3Ftoken%3DiwT643WdNLW1YlIMGmBJS6htTCuxc3QK9RbD8jx0B7A57pbL7CfUD%252BYcsHH4Y%252FOw%26ref%3Dviads-ask.fm%26title%3D%26duration%3D0%26test%3D0%26proxyVars%255Breferer%255D%3Dhttps%253A%252F%252Fask.fm%252Fcactussupply519%26impressionAfterPaid%3D1%26muteVisibleCheck%3D1%26vl%3D1%26es%3D1%26mvver%3D1707 HTTP 302
  • https://dx.frontend.weborama.com/collect?touchpoint=0&url=https%3A%2F%2Fmoevideo.biz%2Fembed%2Fvpaid%3Ftoken%3DiwT643WdNLW1YlIMGmBJS6htTCuxc3QK9RbD8jx0B7A57pbL7CfUD%252BYcsHH4Y%252FOw%26ref%3Dviads-ask.fm%26title%3D%26duration%3D0%26test%3D0%26proxyVars%255Breferer%255D%3Dhttps%253A%252F%252Fask.fm%252Fcactussupply519%26impressionAfterPaid%3D1%26muteVisibleCheck%3D1%26vl%3D1%26es%3D1%26mvver%3D1707&bounce=1&random=63704657 HTTP 302
  • https://rd.frontend.weborama.fr/rd?key=wamsync&url=https%3A%2F%2Fdx.frontend.weborama.com%2Fcollect%3Fdsp_id%3D0%26eid%3D%7BWEBO_ID%7D HTTP 302
  • https://dx.frontend.weborama.com/collect?dsp_id=0&eid=8N7vJ53ysfXw
Request Chain 414
  • https://www.tns-counter.ru/V13a****nativeroll_tv/ru/UTF-8/tmsec=nativeroll_total/806562477 HTTP 302
  • https://www.tns-counter.ru/V13b****nativeroll_tv/ru/UTF-8/tmsec=nativeroll_total/806562477
Request Chain 427
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7665991417695659745
Request Chain 456
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7665991417695659745
Request Chain 468
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=1&gdpr_consent=null
Request Chain 471
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZDVkYTNkZGRiZWFjMTBjY2FjZmI0Y2YyZjk1NzRiMQ==&gdpr=0&gdpr_consent=
Request Chain 472
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=d5da3dddbeac10ccacfb4cf2f9574b1&ex=freewheel.tv&gdpr=0&gdpr_consent=
Request Chain 481
  • https://viralize-d.openx.net/v/1.0/av?auid=541171626&url=ask.fm&cb=1631278442&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,, HTTP 302
  • https://viralize-d.openx.net/v/1.0/av?cc=1&auid=541171626&url=ask.fm&cb=1631278442&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,, HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzQ1NjZjOWItMTkyYi02YTkwLTQwMTktMzA0YWJkYmZhYjlk
Request Chain 491
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7665991417695659745
Request Chain 492
  • https://viralize-d.openx.net/v/1.0/av?auid=541171626&url=ask.fm&cb=1631278442&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,, HTTP 302
  • https://viralize-d.openx.net/v/1.0/av?cc=1&auid=541171626&url=ask.fm&cb=1631278442&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,
Request Chain 493
  • https://viralize-d.openx.net/v/1.0/av?auid=541171626&url=ask.fm&cb=1631278442&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,, HTTP 302
  • https://viralize-d.openx.net/v/1.0/av?cc=1&auid=541171626&url=ask.fm&cb=1631278442&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,
Request Chain 519
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=CC146F8A-A2DF-4195-B4B5-D84003A697D4 HTTP 302
  • https://a.audrte.com/p
Request Chain 570
  • https://ads.adaptv.advertising.com/a/h/vg8w_5FE244+r7CJB_4mkZ3_YehF4CBX?cb=300920122&gdpr=0&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fcactussupply519&eov=eov&a.cluster=0&a.pvt=0&a.d.pageUrl=https%3A%2F%2Fask.fm%2Fcactussupply519&a.hasAppInfo=2&a.sdk=o2unit&a.sdkType=js&depth=0&height=225&moatViewableOpportunity=0&p.vw.active=1&p.vw.psize=2&p.vw.viewable=0&p.vw.viewableOpportunity=0&width=400 HTTP 302
  • https://ads-eu.v.ssp.yahoo.com/a/h/vg8w_5FE244+r7CJB_4mkZ3_YehF4CBX?cb=300920122&gdpr=0&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fcactussupply519&eov=eov&a.cluster=0&a.pvt=0&a.d.pageUrl=https%3A%2F%2Fask.fm%2Fcactussupply519&a.hasAppInfo=2&a.sdk=o2unit&a.sdkType=js&depth=0&height=225&moatViewableOpportunity=0&p.vw.active=1&p.vw.psize=2&p.vw.viewable=0&p.vw.viewableOpportunity=0&width=400&a.y_rid=9eee7290-bcbc-4c94-9f40-953e13de3227&a.is_yahoo=3&redirect_y=dHM9MTYzMTI3ODQ1MTI0MC4yOTkwNzI6YXBpZD1VUDJkY2I2MWFmLTEyMzYtMTFlYy1hMjUzLTAyYmZkZjRkZGM5ODpyZXF1ZXN0X2lkPTllZWU3MjkwLWJjYmMtNGM5NC05ZjQwLTk1M2UxM2RlMzIyNw==
Request Chain 613
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7665991417695659745
Request Chain 677
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7665991417695659745

668 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set cactussupply519
ask.fm/ 		16 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ask.fm/cactussupply519
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.138.77.144 , Latvia, ASN395754 (ASK-FM, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
08d5b53b3ae882a846e5c1ca4d5f62b8ac5acdd8ffdffa848d98512fcb3b3196
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
ask.fm
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Status
200 OK
Cache-Control
max-age=0, private, must-revalidate
ETag
W/"08d5b53b3ae882a846e5c1ca4d5f62b8"
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Date
Fri, 10 Sep 2021 12:53:59 GMT
Set-Cookie
locale=de; path=/; expires=Sat, 10 Sep 2022 18:53:59 GMT uuid=6783b323-c38d-42eb-8edb-4cb5e3136798; path=/; expires=Sat, 10 Sep 2022 18:53:59 GMT; secure; HttpOnly country=DE; path=/; expires=Sat, 10 Sep 2022 18:53:59 GMT traffic_source=organic; path=/; expires=Sun, 12 Sep 2021 12:53:59 GMT _m_ask_fm_session=REYyaVBHYWxMeklOck92Y0FaRVQ2RTArdnhKQlFMUmZSUzd5RjJ1ZVczRFdzbHNrSTlUOTJPSXZvUVJoRmprakp1UFQ4Z0l2d014emhodUlWemZzVDVWRXBPNmExbzQrVDA5WXl0aHhZVWpIRzdoeTJ0SUFsN044MlQySkNqNU4wYWlwRlNBai9zOWI4NkdkNnZSUXBzVWxwcEtQUG1PRjd5Y3VoZWpNWkJka08xaVBzQTMvNEFha0d4ZklUaUppdExmSjdIejZ2OU5Zek5pU0NBclRMYUlJRUIvWEhQR0dpaXlZbUhRUjdvSDFTNnY1N2hzWENtcDhnWS82aDZtQi0tWG01RGhrT3NHSHpNV1dvb1llRlo0dz09--ae9902298a4913424ec540101a4a8fba2c8c0b66; path=/; expires=Mon, 13 Sep 2021 12:53:59 GMT; secure; HttpOnly
Server
Ask.FM Web Service
Content-Security-Policy
frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security
max-age=63072000
application_ltr-17d6102ab96d43b12cd76221dfb4655761cb0628d4e94725072fa93ae0242472.css
d3r6ceqp4shltl.cloudfront.net/assets/ 		184 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-17d6102ab96d43b12cd76221dfb4655761cb0628d4e94725072fa93ae0242472.css
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:2600:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
64287b4c9a2645226cada97f6bbacf523f0a96db01c234df59b58c8b1e8367fa
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:34:08 GMT
content-encoding
gzip
vary
Accept-Encoding
age
1191
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000
access-control-allow-origin
https://ask.fm
last-modified
Fri, 10 Sep 2021 12:31:16 GMT
server
Ask.FM Web Service
etag
W/"613b5014-2e006"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
via
1.1 910a343c3141ba3fe805e18bded62491.cloudfront.net (CloudFront)
cache-control
public, max-age=315360000, immutable
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
_R0xBzt8sqwUrZAMhB8TeWuzXeEfD8eqLOKbQqHBt0luMWsDidQD4g==
expires
Thu, 31 Dec 2037 23:55:55 GMT
application-5886a07fe08429a9a8f3c3ecc69f3c8a139a1bb50ed619f7465c053e2d7bdce7.js
d3r6ceqp4shltl.cloudfront.net/assets/ 		217 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3r6ceqp4shltl.cloudfront.net/assets/application-5886a07fe08429a9a8f3c3ecc69f3c8a139a1bb50ed619f7465c053e2d7bdce7.js
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:2600:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
67eab82c51941ed21bedc57e9863fadaa5dbe7594a0768fb4fc1ccc77691ce24
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:34:08 GMT
content-encoding
gzip
vary
Accept-Encoding
age
1191
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000
access-control-allow-origin
https://ask.fm
last-modified
Fri, 10 Sep 2021 12:31:22 GMT
server
Ask.FM Web Service
etag
W/"613b501a-363ac"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 910a343c3141ba3fe805e18bded62491.cloudfront.net (CloudFront)
cache-control
public, max-age=315360000, immutable
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
2XO0ii-t_QHwCO-45DBumrqcbB0dTJlzCLsvDeMRMOXMWac44v3UlQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
askfm_4249.js
ads.vidoomy.com/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.vidoomy.com/askfm_4249.js
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.129.250.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-129-250-65.us-east-2.compute.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash
7cb4560c15852d4f239dbe2b2fb095b3e1dcd15086b7a4307d42ae1e6c20c139

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:00 GMT
Server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By
PHP/7.0.33
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=300
Content-Length
5794
profile-bg-bd6c6912245d513b087eddf0b268eca826c3be96b1226c923a8dee770316ccee.png
d3r6ceqp4shltl.cloudfront.net/assets/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3r6ceqp4shltl.cloudfront.net/assets/profile-bg-bd6c6912245d513b087eddf0b268eca826c3be96b1226c923a8dee770316ccee.png
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:2600:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
853324ad1cb1a0bbc62244f1854403cfe21ddb5bd45fd2595d018734c80daac7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:34:23 GMT
via
1.1 910a343c3141ba3fe805e18bded62491.cloudfront.net (CloudFront)
age
1176
x-cache
Hit from cloudfront
access-control-max-age
3000
content-length
24239
last-modified
Fri, 10 Sep 2021 12:31:15 GMT
server
Ask.FM Web Service
etag
"613b5013-5eaf"
strict-transport-security
max-age=63072000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
https://ask.fm
cache-control
public, max-age=315360000, immutable
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
x-amz-cf-id
wzFU3pYLDajXXGG5medZTlXou04NvtnBA1oI-NpN3B6SoONuqRhAeA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
v2doydDDr7mj6NrgHnAK5ak-qxBmJSRZTUAYuHM-2FpCgUsDt2NNH9aFlN0Jtm2lc
colossalcoat.com/ 		103 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://colossalcoat.com/v2doydDDr7mj6NrgHnAK5ak-qxBmJSRZTUAYuHM-2FpCgUsDt2NNH9aFlN0Jtm2lc
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
133.96.201.35.bc.googleusercontent.com
Software
/
Resource Hash
3d626c254ca862e8374be3cc114261548526669da9eb4870fc69dee90e38ede8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"7796c0b3069549379f0bb7e2e12b057a0e4c4c779190a66b7178ee145e3c6d43"
vary
Accept-Encoding, Accept-Language
x-hostname
0f8346e1
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Fri, 10 Sep 2021 12:53:59 GMT
timing-allow-origin
*
tag.js
mc.yandex.ru/metrika/ 		224 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-5886a07fe08429a9a8f3c3ecc69f3c8a139a1bb50ed619f7465c053e2d7bdce7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
96e61209b1c1fff1abe78fb763fbf093a04e6e992dc24b299ab1c4c5f4272f16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:00 GMT
content-encoding
br
last-modified
Wed, 08 Sep 2021 16:07:49 GMT
etag
"61372b26-11d31"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
73009
expires
Fri, 10 Sep 2021 13:54:00 GMT
noAvatar-2325eb51f8abe4e4678a25b16cb32a5399e84d9e82b5bc7efcc0b623c2aa12ec.png
d3r6ceqp4shltl.cloudfront.net/assets/ 		956 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3r6ceqp4shltl.cloudfront.net/assets/noAvatar-2325eb51f8abe4e4678a25b16cb32a5399e84d9e82b5bc7efcc0b623c2aa12ec.png
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-5886a07fe08429a9a8f3c3ecc69f3c8a139a1bb50ed619f7465c053e2d7bdce7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:2600:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
c233d6098087425dfeea8f690fd936de6b3cb2dc9fda991b0a5051169d334399
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:34:09 GMT
via
1.1 910a343c3141ba3fe805e18bded62491.cloudfront.net (CloudFront)
age
1190
x-cache
Hit from cloudfront
access-control-max-age
3000
content-length
956
last-modified
Tue, 10 Aug 2021 11:06:54 GMT
server
Ask.FM Web Service
etag
"61125dce-3bc"
strict-transport-security
max-age=63072000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
https://ask.fm
cache-control
public, max-age=315360000, immutable
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
x-amz-cf-id
sce_7NhO-6shjG0IBxlQ7nS2Ghsc9PYZkJWDqKG2XFtAzwes-jBu1w==
expires
Thu, 31 Dec 2037 23:55:55 GMT
fontello-6de8dcc952e62df3b6c6537122b71ee61f92674b1ae412f27efae801f9d65884.woff2
d3r6ceqp4shltl.cloudfront.net/assets/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3r6ceqp4shltl.cloudfront.net/assets/fontello-6de8dcc952e62df3b6c6537122b71ee61f92674b1ae412f27efae801f9d65884.woff2
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-17d6102ab96d43b12cd76221dfb4655761cb0628d4e94725072fa93ae0242472.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:2600:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-17d6102ab96d43b12cd76221dfb4655761cb0628d4e94725072fa93ae0242472.css
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:34:09 GMT
via
1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
age
1190
x-cache
Hit from cloudfront
access-control-max-age
3000
content-length
17880
last-modified
Fri, 10 Sep 2021 12:31:15 GMT
server
Ask.FM Web Service
etag
"613b5013-45d8"
strict-transport-security
max-age=63072000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
https://ask.fm
cache-control
public, max-age=315360000, immutable
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
x-amz-cf-id
IE3xctRF8rElBZgRYUAFvZD1uxKnIQwtmwkH_Z4ZL_MYHNqZq7lIGg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
proximanova-semibold-a2a83f94ebfbd8389d8941dd31fce0d6de92ab5054d892a53d3cf495980ce7de.woff2
d3r6ceqp4shltl.cloudfront.net/assets/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3r6ceqp4shltl.cloudfront.net/assets/proximanova-semibold-a2a83f94ebfbd8389d8941dd31fce0d6de92ab5054d892a53d3cf495980ce7de.woff2
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-17d6102ab96d43b12cd76221dfb4655761cb0628d4e94725072fa93ae0242472.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:2600:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-17d6102ab96d43b12cd76221dfb4655761cb0628d4e94725072fa93ae0242472.css
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:34:09 GMT
via
1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
age
1190
x-cache
Hit from cloudfront
access-control-max-age
3000
content-length
25400
last-modified
Fri, 10 Sep 2021 12:31:22 GMT
server
Ask.FM Web Service
etag
"613b501a-6338"
strict-transport-security
max-age=63072000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
https://ask.fm
cache-control
public, max-age=315360000, immutable
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
x-amz-cf-id
IY8VWWx_49nl5_lOWwP1olQcJ3p2nRKo0Pqy3HJDIFkQvpgg9OuOGQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
proximanovareg-160969822c078cfce7f0e80a45d30a168b9e4b202f5c2480a520bd09e47df7de.woff2
d3r6ceqp4shltl.cloudfront.net/assets/ 		51 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3r6ceqp4shltl.cloudfront.net/assets/proximanovareg-160969822c078cfce7f0e80a45d30a168b9e4b202f5c2480a520bd09e47df7de.woff2
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-17d6102ab96d43b12cd76221dfb4655761cb0628d4e94725072fa93ae0242472.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:2600:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-17d6102ab96d43b12cd76221dfb4655761cb0628d4e94725072fa93ae0242472.css
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:34:09 GMT
via
1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
age
1190
x-cache
Hit from cloudfront
access-control-max-age
3000
content-length
52204
last-modified
Fri, 10 Sep 2021 12:31:15 GMT
server
Ask.FM Web Service
etag
"613b5013-cbec"
strict-transport-security
max-age=63072000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
https://ask.fm
cache-control
public, max-age=315360000, immutable
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
x-amz-cf-id
5qzng1s4-AqEbK_O7UaEQA6rq-c9ruNj7ZuyHeGFQ3Aw2sWj5Oegeg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
skeleton.gif
static.adsafeprotected.com/ 		43 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.195.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-195-222.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:00 GMT
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
nginx/1.16.1
age
16115137
etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-cache-status
HIT
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
content-length
43
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9392.BiXJlHBhRbbsX_ln3npJHoOKXw-rypditQ9r3zrN4391VIeSLIGTJEhMi4eu8TN7.18lzkV7f6RGt4BXELzKxssPETMs%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9392.DRlVQv2tvCcoYuAYqLgD9MGYlu0MvEs1YxuYlb54kz8Vq2DNxEwLG7rD77JXV5vwNnkPycrcYvxhMnnZP4OaOA%2C%2C.25mvJuJxrfBT20Kgvo0958xQAN0%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9392.DRlVQv2tvCcoYuAYqLgD9MGYlu0MvEs1YxuYlb54kz8Vq2DNxEwLG7rD77JXV5vwNnkPycrcYvxhMnnZP4OaOA%2C%2C.25mvJuJxrfBT20Kgvo0958xQAN0%2C
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:00 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9392.DRlVQv2tvCcoYuAYqLgD9MGYlu0MvEs1YxuYlb54kz8Vq2DNxEwLG7rD77JXV5vwNnkPycrcYvxhMnnZP4OaOA%2C%2C.25mvJuJxrfBT20Kgvo0958xQAN0%2C
date
Fri, 10 Sep 2021 12:54:00 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:00 GMT
last-modified
Wed, 08 Sep 2021 16:07:49 GMT
etag
"61372b26-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Fri, 10 Sep 2021 13:54:00 GMT
formats.js
ad.lkqd.net/vpaid/ Frame F5CC 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:00 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1631278440.cds142.fr8.hn,1631278440.cds289.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
formats.js
ad.lkqd.net/vpaid/ Frame 681B 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:00 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1631278440.cds142.fr8.hn,1631278440.cds289.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
cookie
a.vidoomy.com/api/rtbserver/ Frame 4629
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
  • https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
43 B
335 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.90.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-90-134.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

:method
GET
:authority
a.vidoomy.com
:scheme
https
:path
/api/rtbserver/cookie?i=CEN&uid=no-consent
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ask.fm/
accept-encoding
gzip, deflate, br
cookie
vidoomy-uids=eyJ1aWRzIjp7IlVOIjp7InVpZCI6Ik9QVE9VVCIsImV4cGlyZXMiOjE2MzM4NzA0NDB9fX0=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

date
Fri, 10 Sep 2021 12:54:00 GMT
content-type
image/gif
content-length
43
content-encoding
none
set-cookie
vidoomy-uids=eyJ1aWRzIjp7IkNFTiI6eyJ1aWQiOiJuby1jb25zZW50IiwiZXhwaXJlcyI6MTYzMzg3MDQ0MH0sIlVOIjp7InVpZCI6Ik9QVE9VVCIsImV4cGlyZXMiOjE2MzM4NzA0NDB9fX0=; Path=/; Domain=vidoomy.com; Expires=Sat, 10 Sep 2022 12:54:00 GMT; Secure; SameSite=None
vary
Origin

Redirect headers

cache-control
max-age=0,no-cache,no-store
pragma
no-cache
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
content-length
0
date
Fri, 10 Sep 2021 12:54:00 GMT
server
AC1.1
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=657889062.5505611737352216.5677637
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=657889062.5505611737352216.5677637
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=vidoomy&bsw_param=d9baeb63-b8bf-4e5e-80a1-f874d429193b&google_hm=ZDliYWViNjMtYjhiZi00ZTVlLTgwYTEtZjg3NGQ0MjkxOTNi
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm=&google_sc=&ssp=vidoomy&bsw_param=d9baeb63-b8bf-4e5e-80a1-f874d429193b&google_hm=ZDliYWViNjMtYjhiZi00ZTVlLTgwYTEtZjg3NGQ0MjkxOT...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESECkLSF2jKMJng_ZpvSvQjck&google_cver=1&ssp=vidoomy&bsw_param=d9baeb63-b8bf-4e5e-80a1-f874d429193b
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=d9baeb63-b8bf-4e5e-80a1-f874d429193b
43 B
414 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=d9baeb63-b8bf-4e5e-80a1-f874d429193b
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.90.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-90-134.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:00 GMT
content-encoding
none
content-length
43
vary
Origin
content-type
image/gif

Redirect headers

location
//a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=d9baeb63-b8bf-4e5e-80a1-f874d429193b
date
Fri, 10 Sep 2021 12:54:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://sync.1rx.io/usersync2/vidoomy?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3D%5BRX_UUID%5D
  • https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=OPTOUT
43 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=OPTOUT
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.90.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-90-134.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:00 GMT
content-encoding
none
content-length
43
vary
Origin
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:00 GMT
server
Tengine
etag
OPTOUT
content-type
text/html
location
https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=OPTOUT
cache-control
no-store, no-cache, must-revalidate
expires
0
auto-user-sync
ads.stickyadstv.com/ 		43 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/auto-user-sync
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.142.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-142-210.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:00 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1631278440220059-560
Expires
Fri, 10 Sep 2021 12:54:00 GMT
usync.html
ad.lkqd.net/cookie-sync/ Frame B3B5 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 10 Sep 2021 12:54:00 GMT
content-encoding
gzip
content-length
1868
content-type
text/html
last-modified
Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges
bytes
etag
"81f08e6987a7c8675462207e3514d72e"
cache-control
public, max-age=1209600
x-hw
1631278440.cds142.fr8.hn,1631278440.cds226.fr8.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame F5CC 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=29961334&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
f3fafca59b5a72fc80705bde3833c0f0b3a77d7bd0d30bc9d8f36a05fc0815cc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:00 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1352
usync.html
ad.lkqd.net/cookie-sync/ Frame 9D25 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 10 Sep 2021 12:54:00 GMT
content-encoding
gzip
content-length
1868
content-type
text/html
last-modified
Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges
bytes
etag
"81f08e6987a7c8675462207e3514d72e"
cache-control
public, max-age=1209600
x-hw
1631278440.cds142.fr8.hn,1631278440.cds226.fr8.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 681B 		180 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148643&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=79861262&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:00 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
150
1
mc.yandex.com/watch/48953915/
Redirect Chain
  • https://mc.yandex.com/watch/48953915?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fcactussupply519&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A843%3Afu%3A0%3Aen%3Autf-8...
  • https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fcactussupply519&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A843%3Afu%3A0%3Aen%3Autf...
383 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fcactussupply519&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A843%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A604330922601%3Ahid%3A668703111%3Az%3A0%3Ai%3A202109010125400%3Aet%3A1631278440%3Ac%3A1%3Arn%3A750739641%3Arqn%3A1%3Au%3A1631278440708263106%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1631278439185%3Ads%3A8%2C311%2C184%2C95%2C0%2C0%2C%2C162%2C126%2C%2C%2C%2C675%3Adsn%3A7%2C311%2C185%2C94%2C%2C0%2C%2C77%2C127%2C%2C%2C%2C675%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1631278440%3At%3Alawsonspencer198%20%28%40cactussupply519%29%20%E2%80%93%20Frag%20mich%20alles%20%7C%20ASKfm
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
6bc8c146f3da715000ddeb953d7a5282de42d25de607c6c18322cb6e09b54a73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:00 GMT
x-content-type-options
nosniff
last-modified
Fri, 10-Sep-2021 12:54:00 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
383
x-xss-protection
1; mode=block
expires
Fri, 10-Sep-2021 12:54:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:00 GMT
last-modified
Fri, 10-Sep-2021 12:54:00 GMT
location
/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fcactussupply519&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A843%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A604330922601%3Ahid%3A668703111%3Az%3A0%3Ai%3A202109010125400%3Aet%3A1631278440%3Ac%3A1%3Arn%3A750739641%3Arqn%3A1%3Au%3A1631278440708263106%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1631278439185%3Ads%3A8%2C311%2C184%2C95%2C0%2C0%2C%2C162%2C126%2C%2C%2C%2C675%3Adsn%3A7%2C311%2C185%2C94%2C%2C0%2C%2C77%2C127%2C%2C%2C%2C675%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1631278440%3At%3Alawsonspencer198%20%28%40cactussupply519%29%20%E2%80%93%20Frag%20mich%20alles%20%7C%20ASKfm
strict-transport-security
max-age=31536000
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Fri, 10-Sep-2021 12:54:00 GMT
cs
cs.lkqd.net/ Frame B3B5 		43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:00 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame B3B5 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:00 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame B3B5 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:00 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame B3B5 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:00 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame B3B5
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3630766151571695329
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3630766151571695329
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:00 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3630766151571695329
pragma
no-cache
date
Fri, 10 Sep 2021 12:54:00 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame 9D25 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:00 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 9D25 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:00 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 9D25 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:00 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 9D25 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:00 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 9D25
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7665991417695659745
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7665991417695659745
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:00 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7665991417695659745
pragma
no-cache
date
Fri, 10 Sep 2021 12:54:00 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Cookie set conversion
ask.fm/signup/ 		12 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ask.fm/signup/conversion
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-5886a07fe08429a9a8f3c3ecc69f3c8a139a1bb50ed619f7465c053e2d7bdce7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.138.77.144 , Latvia, ASN395754 (ASK-FM, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
65a2eb9deba177f53298f62274f596b2696bd46efaa57c3e2773a6b050d3001d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
locale=de; uuid=6783b323-c38d-42eb-8edb-4cb5e3136798; country=DE; traffic_source=organic; _m_ask_fm_session=REYyaVBHYWxMeklOck92Y0FaRVQ2RTArdnhKQlFMUmZSUzd5RjJ1ZVczRFdzbHNrSTlUOTJPSXZvUVJoRmprakp1UFQ4Z0l2d014emhodUlWemZzVDVWRXBPNmExbzQrVDA5WXl0aHhZVWpIRzdoeTJ0SUFsN044MlQySkNqNU4wYWlwRlNBai9zOWI4NkdkNnZSUXBzVWxwcEtQUG1PRjd5Y3VoZWpNWkJka08xaVBzQTMvNEFha0d4ZklUaUppdExmSjdIejZ2OU5Zek5pU0NBclRMYUlJRUIvWEhQR0dpaXlZbUhRUjdvSDFTNnY1N2hzWENtcDhnWS82aDZtQi0tWG01RGhrT3NHSHpNV1dvb1llRlo0dz09--ae9902298a4913424ec540101a4a8fba2c8c0b66; _ym_uid=1631278440708263106; _ym_d=1631278440; _ym_isad=2; _ym_visorc=w
Connection
keep-alive
Referer
https://ask.fm/cactussupply519
Accept
*/*
Referer
https://ask.fm/cactussupply519
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:00 GMT
X-Content-Type-Options
nosniff
Server
Ask.FM Web Service
X-Frame-Options
SAMEORIGIN
ETag
W/"65a2eb9deba177f53298f62274f596b2"
Strict-Transport-Security
max-age=63072000
Content-Type
text/html; charset=utf-8
Status
200 OK
Cache-Control
max-age=0, private, must-revalidate
Transfer-Encoding
chunked
Content-Security-Policy
frame-ancestors 'self' https://askfm.adspirit.de
Set-Cookie
locale=de; path=/; expires=Sat, 10 Sep 2022 18:54:00 GMT tutm=utm_medium%3Dconversion_desktop_default_51; path=/; expires=Sun, 12 Sep 2021 12:54:00 GMT _m_ask_fm_session=RUJuWjdtSHhJd3dwZ1N1Ynowcm04QXRuNi9sZ3NhcmpIOER4RDRYQXlMUFE1RlJFVWw1YWRoVnBvS0pzR1VlQ0h2RzhTTHZGZ0ZxTHVNbzc0VGxqM0pUaUl3cUFmQ1p1MmgycWJ0VktEajF0QWNtZjdPeDZCampSdUcxcW9OTkNmQ2svU3FCYUI2QWtoeXVZektGckRYZXpxY0pYVGFuMXpra0tQMTNOU0svZGZPbktBeW9IY0xqTWpwNU1DUVdWKzJybm1zKzkwVVZRclZvUm1taXFYSjE0VTFEMmM4NE1CK2JjVnBGN01oUFF3VCtuUTNJdGtnaHRTQVM3enZGeG1mT3BRVkxjOEJ1QUtEeHhvWDg1VEhkVlczY0RvaXJJYkU0RVEyT1NEUFE9LS1EYUxIVXYxQmJYZXJzQTBDaElIUlpBPT0%3D--463ddab689caee7632c70b49b23a7944fb516893; path=/; expires=Mon, 13 Sep 2021 12:54:00 GMT; secure; HttpOnly
X-XSS-Protection
1; mode=block
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 12:54:00 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame C19B 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 12:54:01 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 12:54:00 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame 6216 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 12:54:01 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid.js
ad.lkqd.net/vpaid/ Frame C9C1 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:00 GMT
content-encoding
gzip
last-modified
Mon, 10 May 2021 16:09:54 GMT
etag
"18431b5d583ab7507824ab63424fc76a"
x-hw
1631278440.cds142.fr8.hn,1631278440.cds107.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62012
usync.html
ad.lkqd.net/cookie-sync/ Frame 992A 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 10 Sep 2021 12:54:00 GMT
content-encoding
gzip
content-length
1868
content-type
text/html
last-modified
Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges
bytes
etag
"81f08e6987a7c8675462207e3514d72e"
cache-control
public, max-age=1209600
x-hw
1631278440.cds142.fr8.hn,1631278440.cds226.fr8.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame C9C1 		13 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=29961334&m=&rtv=1&thost=ask.fm
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
509070ee93b08f5ec7865ee339406bd8174c8fd99d022816ca3e402efda3af69

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 10 Sep 2021 12:54:01 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
3547
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=29961334&m=&rtv=1&thost=ask.fm
Protocol
H2
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 12:54:00 GMT
content-length
0
access-control-allow-origin
https://ask.fm
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
button_app_store-cbd50412509422bdbecfa1b2f80923e3b79a606703872987e0fccc799149fa42.png
d3r6ceqp4shltl.cloudfront.net/assets/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3r6ceqp4shltl.cloudfront.net/assets/button_app_store-cbd50412509422bdbecfa1b2f80923e3b79a606703872987e0fccc799149fa42.png
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:2600:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
3929e571584ac404ba32c11166c577244729dbd1e4189320e124126366224f08
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:34:07 GMT
via
1.1 910a343c3141ba3fe805e18bded62491.cloudfront.net (CloudFront)
age
1193
x-cache
Hit from cloudfront
access-control-max-age
3000
content-length
2309
last-modified
Fri, 10 Sep 2021 12:31:22 GMT
server
Ask.FM Web Service
etag
"613b501a-905"
strict-transport-security
max-age=63072000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
https://ask.fm
cache-control
public, max-age=315360000, immutable
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
x-amz-cf-id
lyEs61qPRG8lZDLJeWceiCPnu-aYgxTyvAcoMgYRaA-SsojqQxAxyQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
button_google_play-7ef94c0c000629f732025bf9fdc7893a4903f6d878a56bb7ca9301b88d421202.png
d3r6ceqp4shltl.cloudfront.net/assets/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3r6ceqp4shltl.cloudfront.net/assets/button_google_play-7ef94c0c000629f732025bf9fdc7893a4903f6d878a56bb7ca9301b88d421202.png
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:2600:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
467206f00105224e1a448a4ac9950cf1ad03988d92f95a03100b64c6feb17999
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:34:22 GMT
via
1.1 910a343c3141ba3fe805e18bded62491.cloudfront.net (CloudFront)
age
1178
x-cache
Hit from cloudfront
access-control-max-age
3000
content-length
3404
last-modified
Fri, 10 Sep 2021 12:31:28 GMT
server
Ask.FM Web Service
etag
"613b5020-d4c"
strict-transport-security
max-age=63072000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
https://ask.fm
cache-control
public, max-age=315360000, immutable
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
x-amz-cf-id
f0-hmOujJZO8pAjVhLE8nQa4mQkzFCzU2vf_lVQyKf-aqWhCXtDikw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
cs
cs.lkqd.net/ Frame 992A 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:00 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 992A 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:00 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 992A 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:00 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 992A 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:00 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 992A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7665991417695659745
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7665991417695659745
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:00 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7665991417695659745
pragma
no-cache
date
Fri, 10 Sep 2021 12:54:00 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
t
t.lkqd.net/ Frame 62AD 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 12:54:01 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 12:54:00 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-5886a07fe08429a9a8f3c3ecc69f3c8a139a1bb50ed619f7465c053e2d7bdce7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
69e3258adb0cfbaf3d21dad95123c507ee6e454fdfbff855c638f98580278976
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
cTW2b5sfRtz74OY7L3ElCA==
cross-origin-resource-policy
cross-origin
expires
Fri, 10 Sep 2021 13:09:38 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1685
x-fb-rlafr
0
x-fb-debug
6D/RhtX4+pJogWkFZvePP/7qcsK+UWywnPk81EI+ghVCRujxtiOzRb5/xX4JtpLcdH/im9MsnPjWTELRgXDC+g==
x-fb-trip-id
2050670934
x-fb-content-md5
132ac20bcd82f3cf216a81ff792856e3
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 10 Sep 2021 12:54:00 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"491068fe18f1b68c941ad1aab7c3085f"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
gtm.js
www.googletagmanager.com/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NDJVZHZ
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-5886a07fe08429a9a8f3c3ecc69f3c8a139a1bb50ed619f7465c053e2d7bdce7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d0165ea38eefd4aa76c3a73da6883fd35da178df94d52018b34ecb1ccb068b74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:00 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36474
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 10 Sep 2021 12:54:00 GMT
3eb3366e-65c3-4a24-90f5-0026136a4131.min.js
cmp.optad360.io/items/ 		2 B
351 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.optad360.io/items/3eb3366e-65c3-4a24-90f5-0026136a4131.min.js
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-5886a07fe08429a9a8f3c3ecc69f3c8a139a1bb50ed619f7465c053e2d7bdce7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:2400:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:28:21 GMT
via
1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
last-modified
Wed, 28 Apr 2021 09:49:58 GMT
server
AmazonS3
age
1540
etag
"99914b932bd37a50b983c5e7c90ae93b"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
2
x-amz-cf-id
CwNeXKADoJDv0YYsWsbvHE17Ec_BaiAZcF2q4IwukY6SfGSh_33qYw==
plugin.min.js
get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/ 		275 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-5886a07fe08429a9a8f3c3ecc69f3c8a139a1bb50ed619f7465c053e2d7bdce7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:ce00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f241f634c67fb384bc28e2ad5bd96f4879ff34bc1e8865bb6f2393125c5ef70f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:30:32 GMT
content-encoding
gzip
last-modified
Wed, 25 Aug 2021 16:12:10 GMT
server
AmazonS3
age
1409
etag
W/"f218ca27c0278f5ff55a841b20817a44"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c888f786e25e6e3c7dbb7e9da462d715.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
Dw3fKqunbH6-pHby-WFqiwroHfEH4F2SFk83tE2z_G41suD4KU6K6w==
html.js
viadata.store/slider/ 		8 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://viadata.store/slider/html.js?sid=102415
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-5886a07fe08429a9a8f3c3ecc69f3c8a139a1bb50ed619f7465c053e2d7bdce7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.211.20 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
059df98f659fccbde359c1692d736de0f72743f2078c710f1e29ad44be7680d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:01 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
server
nginx/1.19.5
content-encoding
br
vary
Accept-Encoding
content-type
application/javascript
v2cdeVRw99jMQTR3-Dv2rhfaOjweGqgymoP1ftUYQdaPwqJklJ887WF1MsdtZNp6MBuWQx33RYQLoIVAL_w
colossalcoat.com/ 		216 B
607 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://colossalcoat.com/v2cdeVRw99jMQTR3-Dv2rhfaOjweGqgymoP1ftUYQdaPwqJklJ887WF1MsdtZNp6MBuWQx33RYQLoIVAL_w
Requested by
Host: colossalcoat.com
URL: https://colossalcoat.com/v2doydDDr7mj6NrgHnAK5ak-qxBmJSRZTUAYuHM-2FpCgUsDt2NNH9aFlN0Jtm2lc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
133.96.201.35.bc.googleusercontent.com
Software
/
Resource Hash
781883b06058dc10a84cffc8c3277564d84dab240543b26c410ebaf6c03c3307
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Fri, 10 Sep 2021 12:54:00 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
0f8346e1
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
216
expires
Fri, 10 Sep 2021 12:53:59 GMT
sdk.js
connect.facebook.net/en_US/ 		222 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=10a63a764e51dd09efc76aae5c81bb9c
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8e56feedb34afeedfeddc229f65dd7216d5ec9abd08f278d648668f79c890485
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
wVNlA22oxHXfc6ssVf+22Q==
cross-origin-resource-policy
cross-origin
expires
Sat, 10 Sep 2022 11:45:38 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
66827
x-fb-rlafr
0
x-fb-debug
eI72AB2Kg2Lq/HkWdzB5x4WGAYNyJ5g+zRhHekUveTG9NeswwhzHZY1J77N4wRFRncacwRCkhVDf7vHZ3EXEJQ==
x-fb-trip-id
2050670934
x-fb-content-md5
e5e56a47240253d22d5551d776a5704f
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 10 Sep 2021 12:54:01 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"fbbdd07969ed1b6b9dd03d5f5f8fbf55"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
v2lypKin5MLX3iQGcVVxSm7v_IlkCdJld_TGefjjwjbEVVlcDs2Wh-5R4Thlgj4x0jzaiqy_-z-7dYXOPzw
colossalcoat.com/ 		3 B
59 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://colossalcoat.com/v2lypKin5MLX3iQGcVVxSm7v_IlkCdJld_TGefjjwjbEVVlcDs2Wh-5R4Thlgj4x0jzaiqy_-z-7dYXOPzw
Requested by
Host: colossalcoat.com
URL: https://colossalcoat.com/v2doydDDr7mj6NrgHnAK5ak-qxBmJSRZTUAYuHM-2FpCgUsDt2NNH9aFlN0Jtm2lc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
133.96.201.35.bc.googleusercontent.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Fri, 10 Sep 2021 12:54:01 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
access-control-allow-credentials
true
x-hostname
0f8346e1
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
3
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDJVZHZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
424
date
Fri, 10 Sep 2021 12:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Fri, 10 Sep 2021 14:46:57 GMT
/
www.facebook.com/tr/ 		44 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=129215213762342&ev=fb_page_view&dl=https%3A%2F%2Fask.fm%2Fcactussupply519&rl=&if=false&ts=1631278441122&sw=1600&sh=1200&at=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:01 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 10 Sep 2021 12:54:01 GMT
collect
www.google-analytics.com/j/ 		2 B
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=2139939902&t=pageview&_s=1&dl=https%3A%2F%2Fask.fm%2Fcactussupply519&ul=en-us&de=UTF-8&dt=lawsonspencer198%20(%40cactussupply519)%20%E2%80%93%20Frag%20mich%20alles%20%7C%20ASKfm&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=916816006&gjid=19483792&cid=1644553059.1631278441&tid=UA-12308109-15&_gid=33768156.1631278441&_r=1&gtm=2wg910NDJVZHZ&z=2119966407
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
hls.js
cdn.viadata.store/static/js/ 		235 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viadata.store/static/js/hls.js
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.172 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
edb48f47d769a51a21230739ab84880f5d7b12367a72f636e33cb178b0b3d746

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:01 GMT
content-encoding
gzip
last-modified
Tue, 12 Jan 2021 14:39:05 GMT
server
nginx
etag
W/"5ffdb489-3ab3e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
x-continent
EU
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
code.js
viadata.store/tag/ 		30 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://viadata.store/tag/code.js
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.211.20 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
94aedf74ee9c2f40bc8d5b8e9dd891946d0f843b7cfbd6d86f6343067ecd9528

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:01 GMT
cache-control
public
content-type
application/javascript
server
nginx/1.19.5
content-encoding
br
vary
Accept-Encoding
expires
Sat, 11 Sep 2021 12:54:01 GMT
site
logs.viadata.store/req/ 		43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logs.viadata.store/req/site?sid=102415&cid=0&uid=47a31a07-2c26-495d-9ada-39ecbe8d680e&event=playerLoaded&cb=1631278441168
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:01 GMT
x-content-type-options
nosniff
last-modified
Fri, 10 Sep 2021 12:54:01 GMT
server
nginx
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT
vpaid_44854a27.js
vpaid.springserve.com/production/ Frame 805C 		487 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_44854a27.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:b000:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
11e41d859e2bb2f97068bbbffff15522b7852828e938a464164ffbad62cfa389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Aug 2021 15:01:09 GMT
content-encoding
br
last-modified
Wed, 25 Aug 2021 15:00:31 GMT
server
AmazonS3
age
1374773
etag
W/"d48d9d8b9aa42be3c59a03030903498a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
YnOI7MGzqRGjZH0KfSWlRBFarPVLw7yCAi1WCge34nisPWMLPAN1QQ==
truncated
/ 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
prebid4.39.0.js
get.optad360.io/sf/ 		492 KB
493 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/prebid4.39.0.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:ce00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
86a90b183aecfa70018125329bdc860971b2f20123c0f40e68bac0a1dcb58645

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 14:13:08 GMT
via
1.1 c888f786e25e6e3c7dbb7e9da462d715.cloudfront.net (CloudFront)
last-modified
Thu, 13 May 2021 10:44:35 GMT
server
AmazonS3
age
3537654
etag
"e020700f5effdce1f4be56434553da72"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=360000000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
503605
x-amz-cf-id
-ttkPnp5hIYHwSU2adaYNWFWC1X4B_OtVesAlUZAcDc2LIYX8_QusA==
210830.js
cdn.viadata.store/js/player/ Frame FA40 		180 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viadata.store/js/player/210830.js
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.172 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
a8d9b7d4230d33c693d11ebca3f0a5caaa527ba7718cf6fc761dd14b595bb84c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:01 GMT
content-encoding
gzip
last-modified
Fri, 03 Sep 2021 13:15:02 GMT
server
nginx
etag
W/"61321fd6-2cf94"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
x-continent
EU
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1&lsw=1
Protocol
H2
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://ask.fm
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1719
date
Fri, 10 Sep 2021 12:54:00 GMT
content-encoding
gzip
vary
Accept-Encoding
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210910
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f217209876e61d74a3304e84b36ac1fe67d5c617bb325bc97f3979c883eb4d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
34017
x-jsd-version
1.0.1095
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
952
etag
W/"6a2-ksr0kWxxQtAsEj12/+/ZDGZX6uc"
x-served-by
cache-fra19175-FRA
x-jsd-version-type
version
date
Fri, 10 Sep 2021 12:54:01 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
localstore.js
script.4dex.io/ 		483 B
710 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:01 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 09 Sep 2021 12:35:55 GMT
server
cloudflare
age
87468
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
68c8cd72187616f2-FRA
x-amz-request-id
TD3DS9YZ8440AKDY
x-amz-id-2
M2Q7mY6rdpzXw/sL0fa+n0BFIJ9kCQCZ5Pu3Nfv1fXbLplIOJnLEBWCmKKKxSvug0l8dkcZHDP0=
expires
Fri, 10 Sep 2021 13:24:01 GMT
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=pc4cWHxqTkFnc05lcXhwTHdqbzJTMW5RendFWWw2STJXQ1ZZbVByMFkxRHI5ejQ3L0tsNmlkZUM2V3h0T25uNjJhTUdEVTIzNjZTM3B5STI1dW1vemt3V3JIS2o5NHJaOCtweXBnZFh1YmQwcDVPZGxUbFU5dklMREtiUV...
326 B
589 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=pc4cWHxqTkFnc05lcXhwTHdqbzJTMW5RendFWWw2STJXQ1ZZbVByMFkxRHI5ejQ3L0tsNmlkZUM2V3h0T25uNjJhTUdEVTIzNjZTM3B5STI1dW1vemt3V3JIS2o5NHJaOCtweXBnZFh1YmQwcDVPZGxUbFU5dklMREtiUVZBYXFSdEpnbWdwWVk1VzhNOHBWYWdOOFdGaUIzcGlmU3JORVhFTkxNWjBjUDR1RlVQUVR6WnZPS1ZlVmg0N2hKbmtwUVZva3hocmkyM3hXNVJtSitmNDZzNWJYMFdFZnhYUXZLSEFxZFlTSzIwczNtNFpVPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
c536d9de2223f68dd48610fe844fed3a35e19fb8a3a9ca312d3501ba8d025feb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Fri, 10 Sep 2021 12:54:01 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2457
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 10 Sep 2021 12:54:00 GMT
location
https://mug.criteo.com/sid?cpp=pc4cWHxqTkFnc05lcXhwTHdqbzJTMW5RendFWWw2STJXQ1ZZbVByMFkxRHI5ejQ3L0tsNmlkZUM2V3h0T25uNjJhTUdEVTIzNjZTM3B5STI1dW1vemt3V3JIS2o5NHJaOCtweXBnZFh1YmQwcDVPZGxUbFU5dklMREtiUVZBYXFSdEpnbWdwWVk1VzhNOHBWYWdOOFdGaUIzcGlmU3JORVhFTkxNWjBjUDR1RlVQUVR6WnZPS1ZlVmg0N2hKbmtwUVZva3hocmkyM3hXNVJtSitmNDZzNWJYMFdFZnhYUXZLSEFxZFlTSzIwczNtNFpVPXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2025
content-length
482
expires
0
cygnus
htlb.casalemedia.com/ 		24 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=425272&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221212c216493764%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fask.fm%2Fcactussupply519%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.39.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A2%2C%22msi%22%3A2%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2220b683181b4d5e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2220b683181b4d5e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22750x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A750%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2220b683181b4d5e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-111-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1b727c752b1f059280279c183d00428626d0f54d3a26890ce09d4b1694cd264c

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:01 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.75], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ask.fm
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
44
x-ak-client-geo
12
expires
Fri, 10 Sep 2021 12:54:01 GMT
/
adx.adform.net/adx/ 		5 B
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTg2NTI1MyZ0cmFuc2FjdGlvbklkPTdhNjNjZjc4LTY5NDItNDEyMC1hNWQ1LWQ2MjZmZmVmMTdmOSZyY3VyPVBMTg%3D%3D&pt=gross&stid=aec6f73c-0b47-42f0-8286-70b0d78e8441&gdpr=0&gdpr_consent=undefined&fd=1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:01 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
v1
prg.smartadserver.com/prebid/ 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
d4ff888b43d9e7a2a2ef1c2ce7a973090ca8d7351579d0286cb0562e53fb916c

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:01 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
6%3b23%3b100
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://ask.fm
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
apacdex
useast.quantumdex.io/auction/ 		0
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 10 Sep 2021 12:54:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://ask.fm
access-control-allow-credentials
true
cf-ray
68c8cd723dd4176e-FRA
prebid-request
onetag-sys.com/ 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://ask.fm
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
ib.adnxs.com/ut/v3/ 		11 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
423c811d794e62d7a6aa757c2506f2bc6a35a4184c72729748f99c5376198a89
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 10 Sep 2021 12:54:01 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.199.118.75; 91.199.118.75; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
434706fd-c1dc-48fa-b88a-39bb12275b27
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v2
i.connectad.io/api/ 		0
0
c
prebid.a-mo.net/a/ 		861 B
779 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
11d971a0a1debeac970a107b8a5eb5b2825be3e9d5a3aec247ad793431021570

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 10 Sep 2021 12:54:00 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
109
content-length
355
prebid
ib.adnxs.com/ut/v3/ 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
f7cb20644decb7967fa72d80cabc2106453cfe6b816be9669daf62055d7e7794
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 10 Sep 2021 12:54:01 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.199.118.75; 91.199.118.75; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c99e302b-e8b3-4932-a8bb-fd6cdc793fd5
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adagio.js
script.4dex.io/ 		71 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d13b828524033b9a73c68df3bf063d050d264b970d6292f5a177f885a27e6792

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:01 GMT
content-encoding
gzip
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
age
87459
x-amz-request-id
4EJZWQSPYJN0KPZG
x-amz-id-2
YC9klwmqqfwQDVFSMHtow4Ja5sHZlojW2QWsGiGTWvJc04JtRiK3mdot7Og40EhxdWPEzb01nLQ=
last-modified
Thu, 09 Sep 2021 12:35:54 GMT
server
cloudflare
etag
W/"80a6d470c029b1acfca7d8abeb00b240"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
cf-ray
68c8cd7258f64a68-FRA
expires
Fri, 10 Sep 2021 13:24:01 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame 805C 		0
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_44854a27.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.100.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-100-70.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ask.fm
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ Frame 805C 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_44854a27.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4c33b33cdeacf996983db545e89f5f538054ceb4d79fd6146de71617499531ac
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:01 GMT
X-Proxy-Origin
91.199.118.75; 91.199.118.75; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
551bbe8c-8991-4193-9bef-b7ea60254723
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
t
t.lkqd.net/ Frame 62AD 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 12:54:01 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 12:54:01 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=pc4cWHxqTkFnc05lcXhwTHdqbzJTMW5RendFWWw2STJXQ1ZZbVByMFkxRHI5ejQ3L0tsNmlkZUM2V3h0T25uNjJhTUdEVTIzNjZTM3B5STI1dW1vemt3V3JIS2o5NHJaOCtweXBnZFh1YmQwcDVPZGxUbFU5dklMREtiUVZBYXFSdEpnbWdwWVk1VzhNOHBWYWdOOFdGaUIzcGlmU3JORVhFTkxNWjBjUDR1RlVQUVR6WnZPS1ZlVmg0N2hKbmtwUVZva3hocmkyM3hXNVJtSitmNDZzNWJYMFdFZnhYUXZLSEFxZFlTSzIwczNtNFpVPXw&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1199
date
Fri, 10 Sep 2021 12:54:01 GMT
content-encoding
gzip
vary
Accept-Encoding
collect
stats.g.doubleclick.net/j/ 		1 B
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-12308109-15&cid=1644553059.1631278441&jid=916816006&gjid=19483792&_gid=33768156.1631278441&_u=YEBAAEAAAAAAAC~&z=1477134302
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 10 Sep 2021 12:54:01 GMT
content-type
text/plain
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
promo.m3u8
cdn.viadata.store/media/ 		413 B
751 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.viadata.store/media/promo.m3u8
Requested by
Host: cdn.viadata.store
URL: https://cdn.viadata.store/static/js/hls.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.172 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
78311911d14b21b090d929eaf97df372e3bf1c3d94109a39d017acb54e478265

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:01 GMT
last-modified
Wed, 13 Jan 2021 10:13:55 GMT
server
nginx
etag
"5ffec7e3-19d"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-allow-credentials
true
x-continent
EU
accept-ranges
bytes
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
413
truncated
/ 		331 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		740 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		384 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		782 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		395 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		449 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		480 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		371 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f32ab7d466ee99b7e292e7b830b4c2ae03c2f959a0555264a01ceb892a15392

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
756b9209561d2a2a4a54f2198bf8e6ebd9b8982452f3a7607026acc259211c81

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
viads-player-logo-50.png
cdn.viadata.store/static/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.viadata.store/static/viads-player-logo-50.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.172 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
c3f11ffbaaba9768b1b5b86613b1dfe237de5257be4ac0a8d477ec497e38a20c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:01 GMT
last-modified
Wed, 26 Feb 2020 10:23:58 GMT
server
nginx
etag
"5e56473e-26d1"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-allow-credentials
true
x-continent
EU
accept-ranges
bytes
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
9937
/
pl.viadata.store/export/102415/ Frame FA40 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pl.viadata.store/export/102415/?secured=1&language=en&page_url=https%3A%2F%2Fask.fm%2Fcactussupply519&pub_sid=102415&pub_sub=0&format=json&tgt=0&VIA_SUBID=&VIA_ABT=&pce=1&npx=1&VIA_DNT=0&page_domain=ask.fm&trackdomain=logs.viadata.store&VIA_DADPOS=1&avtoken=441511&VIA_WIDTH=432&VIA_HEIGHT=243&imp=false&rc=1&cb=1631278441565
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.119.12 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
d2b26ee086bef66c17fd068e44724bc22acfb82466cb4071b8b1faa0939e4f14

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:01 GMT
content-encoding
br
server
nginx/1.19.5
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
access-control-allow-credentials
true
access-control-allow-headers
sentry-trace
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 805C 		965 B
845 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&schain=1.0,1!vidoomy.com,54345,1,1631278441107,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_44854a27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
a44920e93409809816128ce5f7e1fe98a32144f7b335389730192bb2f42c4233

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:01 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
593
expires
Fri, 10 Sep 2021 12:54:01 GMT
sas-banner-1.2.js
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame C712 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e064 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
96bf34be96152a1e9b30121f463904332e2ee264399170c25749b5ba8a562443

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:01 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Sep 2021 13:05:57 GMT
Server
AkamaiNetStorage
ETag
"88d30f421fe92800cd38b52870556b28:1631106480.782098"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10406
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 23D8 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&schain=1.0,1!vidoomy.com,54345,1,1631278441107,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:01 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
bid
clientside-video-bidder.rutarget.ru/ Frame FA40 		27 B
687 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://clientside-video-bidder.rutarget.ru/bid?url=https%3A%2F%2Fask.fm%2Fcactussupply519&request_id=1278441729&placement_id=109&mimes=video%2Fmp4&placement=1&protocols=2&protocols=3&protocols=5&protocols=6&mimes=application/javascript&vd_api_0=VPAID_2_0
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.64.106.150 , Russian Federation, ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU),
Reverse DNS
s-fr5.rutarget.ru
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:01 GMT
Server
nginx
Access-Control-Allow-Methods
OPTIONS
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Access-Control-Allow-Origin
https://ask.fm
Rutarget-SameSite-Cookie
true
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/xml
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Ssp-Name
Content-Length
27
cs
rtb-msk-2.viadata.store/vast/ Frame FA40 		71 B
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb-msk-2.viadata.store/vast/cs?zone=102415&w=432&h=243&site=https%3A%2F%2Fask.fm%2Fcactussupply519&vp=2&cbb=1278441733
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.236 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
ea8c11136a7433434705f93ac9b944267b1e5b18cb713fe9817c7ca09c730cf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
age
0
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/xml; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-store
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
access-control-allow-headers
Content-Type, Accept
rle.cgi
ad.adriver.ru/cgi-bin/ Frame FA40 		5 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=222536&bn=1&bt=61&pz=0&w=400&h=220&vp=5&target=top&vmindn=5&vmaxdn=180&vminbtr=30&vmaxbtr=3000&tuid=1&rnd=1278441735&tail256=https%3A%2F%2Fask.fm%2F
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.108.48 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
37858626df4b108f6213cd262455bc11fbf68be16dfff8cd1832e7f8e342d361

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:01 GMT
Transfer-Encoding
chunked
P3P
policyref="https://adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Access-Control-Allow-Origin
https://ask.fm
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/xml
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
ads.viralize.tv/vast/ Frame FA40 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.viralize.tv/vast/?zid=AADPh4dFgdgbKwgH&u=ask.fm&cbb=1278441735
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
6dc1b3097165b12adf713a2382ddfffd7dfb8578967c542f139adf05b2caab2e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:01 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding, Origin
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
expires
0
vast
moevideo.biz/ Frame FA40 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/vast?ref=viads-ask.fm&impressionAfterPaid=1&es=1&vl=1&mvis=1&referrer=https%3A%2F%2Fask.fm%2Fcactussupply519&cbb=1278441735
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.38 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f7.moevideo.net
Software
nginx / PHP/5.5.38
Resource Hash
f8dff73ef2b801a62e76e263b475f587f925897c48a178d7a6f7516e840247ff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:01 GMT
Content-Encoding
gzip
X-Mv-Embed-Version
1373
X-Powered-By
PHP/5.5.38
Transfer-Encoding
chunked
Connection
keep-alive
X-My-Reqtime
0.095
Pragma
no-cache
Last-Modified
Fri, 10 Sep 2021 12:54:01 GMT
Server
nginx
X-My-Name
s41
Access-Control-Allow-Methods
GET, POST
Content-Type
application/xml
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
X-Mv-TryCache
0
X-My-App-Time
0.002
Access-Control-Allow-Headers
Content-Type, Accept
Expires
Thu, 19 Feb 1998 13:24:18 GMT
viads-vast
adx.com.ru/ Frame FA40
Redirect Chain
  • https://adx.com.ru/viads-vast?vpaid=true&rolltype=outstream&referer=https%3A%2F%2Fask.fm%2Fcactussupply519&uid=47a31a07-2c26-495d-9ada-39ecbe8d680e&cbb=1278441736
  • https://adx.com.ru/viads-vast?confirm=1&referer=https%3A%2F%2Fask.fm%2Fcactussupply519&rolltype=content-roll&uid=47a31a07-2c26-495d-9ada-39ecbe8d680e&vpaid=false
0
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.com.ru/viads-vast?confirm=1&referer=https%3A%2F%2Fask.fm%2Fcactussupply519&rolltype=content-roll&uid=47a31a07-2c26-495d-9ada-39ecbe8d680e&vpaid=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.34.131.134 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.134.131.34.188.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 12:54:01 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
server
nginx/1.18.0
p3p
CP="adx.com.ru does not have a P3P policy"

Redirect headers

date
Fri, 10 Sep 2021 12:54:01 GMT
server
nginx/1.18.0
access-control-allow-origin
https://ask.fm
p3p
CP="adx.com.ru does not have a P3P policy"
location
/viads-vast?confirm=1&referer=https%3A%2F%2Fask.fm%2Fcactussupply519&rolltype=content-roll&uid=47a31a07-2c26-495d-9ada-39ecbe8d680e&vpaid=false
cache-control
max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
content-length
242
ad_request
ads.aralego.com/ Frame FA40 		0
514 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?host=ask.fm&ver=UCX_WEB-20200113&adid=ad-8A29B9A43D442E8EFEE379B36E7ED89&atype=2&u=https%3A%2F%2Fask.fm%2Fcactussupply519&gdpr=0&euconsent-v2=&w=432&h=243&je=1&cbb=1278441736
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:02 GMT
X-Width
432
X-Height
243
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
https://ask.fm
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Access-Control-Allow-Credentials
true
X-Adtype
vast
Connection
close
i
dmg.digitaltarget.ru/awg/custom/7205/i/ Frame FA40
Redirect Chain
  • https://dmg.digitaltarget.ru/1/7205/i/i?a=945&e=47a31a07-2c26-495d-9ada-39ecbe8d680e&i=1631278441
  • https://dmg.digitaltarget.ru/awg/custom/7205/i/i?call_source=awg&a=945&e=47a31a07-2c26-495d-9ada-39ecbe8d680e&i=1631278441
49 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmg.digitaltarget.ru/awg/custom/7205/i/i?call_source=awg&a=945&e=47a31a07-2c26-495d-9ada-39ecbe8d680e&i=1631278441
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.15.175.157 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:07 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Request-Time
81
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
64
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Credentials
true

Redirect headers

Date
Fri, 10 Sep 2021 12:54:06 GMT
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Allow-Methods
GET, POST, OPTIONS
Location
https://dmg.digitaltarget.ru/awg/custom/7205/i/i?call_source=awg&a=945&e=47a31a07-2c26-495d-9ada-39ecbe8d680e&i=1631278441
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
master-only
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
86400
Connection
keep-alive
Request-Time
0
Content-Length
0
X-Content-Type-Options
nosniff
cookie
cm.adform.net/ Frame FA40 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Frtb-msk-2.viadata.store%2Ftools%2Fsync%3Fdsp%3D30%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:01 GMT
server
nginx
content-length
43
content-type
image/gif
partner
sync.search.spotxchange.com/ Frame FA40
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=273596&uid=47a31a07-2c26-495d-9ada-39ecbe8d680e
  • https://sync.search.spotxchange.com/partner?adv_id=273596&uid=47a31a07-2c26-495d-9ada-39ecbe8d680e&__user_check__=1&sync_id=2c087c05-1236-11ec-93d6-1bf9ad920106
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=273596&uid=47a31a07-2c26-495d-9ada-39ecbe8d680e&__user_check__=1&sync_id=2c087c05-1236-11ec-93d6-1bf9ad920106
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:01 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
93
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Fri, 10 Sep 2021 12:54:01 GMT
Server
nginx
Location
/partner?adv_id=273596&uid=47a31a07-2c26-495d-9ada-39ecbe8d680e&__user_check__=1&sync_id=2c087c05-1236-11ec-93d6-1bf9ad920106
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
138
Connection
keep-alive
Content-Length
0
dsp
logs.viadata.store/event/ Frame FA40 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logs.viadata.store/event/dsp?sid=102415&event=rtb&event2=request&cb=1631278441736&tids=2107,2110,2106,2552,4760,2111,2555,2109,7323,7378
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:01 GMT
x-content-type-options
nosniff
last-modified
Fri, 10 Sep 2021 12:54:01 GMT
server
nginx
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame C98E 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&schain=1.0,1!vidoomy.com,54345,1,1631278441107,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=21379
expires
Fri, 10 Sep 2021 18:50:20 GMT
date
Fri, 10 Sep 2021 12:54:01 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 23D8 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&schain=1.0,1!vidoomy.com,54345,1,1631278441107,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:01 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:07:52 GMT
server
Apache/2.2.15 (CentOS)
etag
"13006b6-974e-5c4c7cb53d8cb"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=21379
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13946
expires
Fri, 10 Sep 2021 18:50:20 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame C98E 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=33369603&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
199e6b89809978f2e45e44b4b7f75d72f422a36d3a1afd156e159b586659ca92

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:00 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame 518E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=CC146F8A-A2DF-4195-B4B5-D84003A697D4
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=CC146F8A-A2DF-4195-B4B5-D84003A697D4
35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=CC146F8A-A2DF-4195-B4B5-D84003A697D4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?CC=1&party=14&cid=CC146F8A-A2DF-4195-B4B5-D84003A697D4
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 10 Sep 2021 12:54:01 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=8371811613162394005; expires=Tue, 09 Nov 2021 12:54:01 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Fri, 10 Sep 2021 12:54:01 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=CC146F8A-A2DF-4195-B4B5-D84003A697D4
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
C=1; expires=Sun, 10 Oct 2021 12:54:01 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 1BB0
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5682155580754221045
42 B
209 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5682155580754221045
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5682155580754221045
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=CC146F8A-A2DF-4195-B4B5-D84003A697D4; chkChromeAb67Sec=1; DPSync3=1632441600%3A201_197_219%7C1631318400%3A174; SyncRTB3=1631836800%3A223_2_15%7C1632528000%3A35%7C1633824000%3A203%7C1632096000%3A63%7C1632441600%3A54_81_189_7_165_230_88_161_22_231_220_3_166_176_21_8_204_222_55_13_56_71_234_99; KRTBCOOKIE_1101=23040-7006287554795206796; PUBMDCID=3; KRTBCOOKIE_391=22924-7339593317579984733&KRTB&23263-7339593317579984733; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; KRTBCOOKIE_409=22966-lVmvfVRNQgYj0aC6bZu6XdXG; KRTBCOOKIE_57=22776-79558216986088634; PugT=1631278441; KRTBCOOKIE_188=3189-no-consent
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 10 Sep 2021 12:54:00 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-5682155580754221045; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 10-Oct-2021 12:54:00 GMT; path=/ PugT=1631278440; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 10-Oct-2021 12:54:00 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 09-Dec-2021 12:54:00 GMT; path=/
x-lat
amspug016:0:286
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5682155580754221045
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 17A2 		43 B
360 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Fri, 10 Sep 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1248
x-powered-by
ASP.NET
date
Fri, 10 Sep 2021 12:54:01 GMT
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 2052
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7006287554795206796
42 B
383 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7006287554795206796
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7006287554795206796
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=CC146F8A-A2DF-4195-B4B5-D84003A697D4; chkChromeAb67Sec=1; DPSync3=1632441600%3A201_197_219%7C1631318400%3A174; SyncRTB3=1631836800%3A223_2_15%7C1632528000%3A35%7C1633824000%3A203%7C1632096000%3A63%7C1632441600%3A54_81_189_7_165_230_88_161_22_231_220_3_166_176_21_8_204_222_55_13_56_71_234_99
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 10 Sep 2021 12:54:00 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_1101=23040-7006287554795206796; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 10-Oct-2021 12:54:00 GMT; path=/ PugT=1631278440; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 10-Oct-2021 12:54:00 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 09-Dec-2021 12:54:00 GMT; path=/
x-lat
amspug006:0:380
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Fri, 10 Sep 2021 12:54:01 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=7006287554795206796; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7006287554795206796
adx
match.prod.bidr.io/cookie-sync/ Frame 91DC
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBTnVFN0NkcXNBQUhqYXVTbWtyQQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
43 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.67.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-67-233.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Host
match.prod.bidr.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Cookie
bito=AAANuE7CdqsAAHjauSmkrA; bitoIsSecure=ok
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache, must-revalidate
content-type
image/gif
Date
Fri, 10 Sep 2021 12:54:02 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
43
Connection
keep-alive

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date
Fri, 10 Sep 2021 12:54:02 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
355
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Pug
simage2.pubmatic.com/AdServer/ Frame C344
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=CC146F8A-A2DF-4195-B4B5-D84003A697D4; chkChromeAb67Sec=1; DPSync3=1632441600%3A201_197_219%7C1631318400%3A174; SyncRTB3=1631836800%3A223_2_15%7C1632528000%3A35%7C1633824000%3A203%7C1632096000%3A63%7C1632441600%3A54_81_189_7_165_230_88_161_22_231_220_3_166_176_21_8_204_222_55_13_56_71_234_99
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 10 Sep 2021 12:54:00 GMT
content-type
text/html; charset=utf-8
x-lat
amspug004:2:397
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

set-cookie
viewer_token=dff90ddb-ce60-45eb-a7ba-3097381bf6ea; path=/; domain=csync.loopme.me; Expires=Sun, 10-Oct-2021 12:54:01 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length
0
date
Fri, 10 Sep 2021 12:54:01 GMT
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame 7A2E
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
42 B
217 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=CC146F8A-A2DF-4195-B4B5-D84003A697D4; chkChromeAb67Sec=1; DPSync3=1632441600%3A201_197_219%7C1631318400%3A174; SyncRTB3=1631836800%3A223_2_15%7C1632528000%3A35%7C1633824000%3A203%7C1632096000%3A63%7C1632441600%3A54_81_189_7_165_230_88_161_22_231_220_3_166_176_21_8_204_222_55_13_56_71_234_99
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 10 Sep 2021 12:54:01 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 09-Dec-2021 12:54:01 GMT; path=/ PugT=1631278441; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 10-Oct-2021 12:54:01 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 09-Dec-2021 12:54:01 GMT; path=/
x-lat
amspug019:0:446
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Fri, 10 Sep 2021 12:54:01 GMT
content-type
text/html
cache-control
no-store, no-cache, must-revalidate
expires
0
pragma
no-cache
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
etag
OPTOUT
bridge
cm.adgrx.com/ Frame 6146 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.170 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
ams-mon-1.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Date
Fri, 10 Sep 2021 12:54:01 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-2
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Pug
image2.pubmatic.com/AdServer/ Frame 2126
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=lVmvfVRNQgYj0aC6bZu6XdXG
42 B
216 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=lVmvfVRNQgYj0aC6bZu6XdXG
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=lVmvfVRNQgYj0aC6bZu6XdXG
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=CC146F8A-A2DF-4195-B4B5-D84003A697D4; chkChromeAb67Sec=1; DPSync3=1632441600%3A201_197_219%7C1631318400%3A174; SyncRTB3=1631836800%3A223_2_15%7C1632528000%3A35%7C1633824000%3A203%7C1632096000%3A63%7C1632441600%3A54_81_189_7_165_230_88_161_22_231_220_3_166_176_21_8_204_222_55_13_56_71_234_99
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 10 Sep 2021 12:54:00 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_409=22966-lVmvfVRNQgYj0aC6bZu6XdXG; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 10-Oct-2021 12:54:00 GMT; path=/ PugT=1631278440; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 10-Oct-2021 12:54:00 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 09-Dec-2021 12:54:00 GMT; path=/
x-lat
amspug005:0:374
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Fri, 10 Sep 2021 12:54:01 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=lVmvfVRNQgYj0aC6bZu6XdXG; Max-Age=31536000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=lVmvfVRNQgYj0aC6bZu6XdXG
strict-transport-security
max-age=0; includeSubDomains;
dpe
ad4m.at/ad/ Frame 1920 		42 B
974 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 10 Sep 2021 12:54:02 GMT
content-type
image/gif
content-length
42
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-7b12
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
68c8cd766bbe5b6e-FRA
i.match
s.tribalfusion.com/z/ Frame EA22
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
413 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
ANON_ID=apnoeURkP6M6eCnq8odss72rU9NqqoLHTIiKsEYw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 10 Sep 2021 12:54:02 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=aRns6EPME7fQmKvCiHhfT3HoYv3msX4oTNYbf2UdEtmW371WM4wxstWwZabn7hNBWW4jq7DBl3A7F3kZadxE9k; path=/; domain=.tribalfusion.com; expires=Thu, 09-Dec-2021 12:54:02 GMT; SameSite=None; Secure; ANON_ID_old=aRns6EPME7fQmKvCiHhfT3HoYv3msX4oTNYbf2UdEtmW371WM4wxstWwZabn7hNBWW4jq7DBl3A7F3kZadxE9k; path=/; domain=.tribalfusion.com; expires=Thu, 09-Dec-2021 12:54:02 GMT;
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
68c8cd77bc765b3e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Fri, 10 Sep 2021 12:54:02 GMT
content-type
text/html
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
94
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=apnoeURkP6M6eCnq8odss72rU9NqqoLHTIiKsEYw; path=/; domain=.tribalfusion.com; expires=Thu, 09-Dec-2021 12:54:02 GMT; SameSite=None; Secure; ANON_ID_old=apnoeURkP6M6eCnq8odss72rU9NqqoLHTIiKsEYw; path=/; domain=.tribalfusion.com; expires=Thu, 09-Dec-2021 12:54:02 GMT;
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
68c8cd7669bd5b3e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
rtb-h
trc.taboola.com/sg/pubmatic-ssp-network/1/ Frame AE74 		0
0
141
match.deepintent.com/usersync/ Frame CBC0 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C98E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=zBRviqLfQZW0tdhAA6aX1A%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:02 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=33796
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Fri, 10 Sep 2021 22:17:18 GMT

Redirect headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame C98E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=5dd5613b-5569-4400-ac7a-833d3c1373c2
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=5dd5613b-5569-4400-ac7a-833d3c1373c2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:01 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 10 Sep 2021 12:54:01 GMT
Server
MT3 3944 2bcb57b master cdg-pixel-x25 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=5dd5613b-5569-4400-ac7a-833d3c1373c2
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 10 Sep 2021 12:54:00 GMT
/
pixel.onaudience.com/ Frame C98E
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=CC146F8A-A2DF-4195-B4B5-D84003A697D4
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=661c39e90b0106cb1eccd656ed47cb80
35 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=661c39e90b0106cb1eccd656ed47cb80
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.210.112.236 , France, ASN16276 (OVH, FR),
Reverse DNS
pikafka-1.cloudy.ovh
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-length
35
content-type
image/gif

Redirect headers

date
Fri, 10 Sep 2021 12:54:02 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=661c39e90b0106cb1eccd656ed47cb80
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame C98E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0MxNDZGOEEtQTJERi00MTk1LUI0QjUtRDg0MDAzQTY5N0Q0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:00 GMT
cache-control
no-store, no-cache, private
x-lat
amspug014:0:378
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C98E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO51ZGjfYrPEJbupjfhZHSg&google_cver=1
42 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO51ZGjfYrPEJbupjfhZHSg&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:01 GMT
cache-control
no-store, no-cache, private
x-lat
amspug011:0:539
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO51ZGjfYrPEJbupjfhZHSg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame C98E 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:02 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 09 Sep 2021 12:54:02 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C98E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7339593317579984733
42 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7339593317579984733
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:01 GMT
cache-control
no-store, no-cache, private
x-lat
amspug003:0:462
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:01 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7339593317579984733
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame C98E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:981f613b-5569-4400-b0a4-0801701c12bf&gdpr=0&gdpr_consent=
42 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:981f613b-5569-4400-b0a4-0801701c12bf&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:00 GMT
cache-control
no-store, no-cache, private
x-lat
amspug012:0:368
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 10 Sep 2021 12:54:01 GMT
Server
MT3 3944 2bcb57b master cdg-pixel-x29 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:981f613b-5569-4400-b0a4-0801701c12bf&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 10 Sep 2021 12:54:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C98E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=41ea13fe-0ad5-4532-a924-7a4ded1cc58a
42 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=41ea13fe-0ad5-4532-a924-7a4ded1cc58a
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:01 GMT
cache-control
no-store, no-cache, private
x-lat
amspug016:0:409
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:02 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=41ea13fe-0ad5-4532-a924-7a4ded1cc58a
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame C98E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=79558216986088634&gdpr=0&gdpr_consent=
42 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=79558216986088634&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:01 GMT
cache-control
no-store, no-cache, private
x-lat
amspug002:0:389
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:01 GMT
X-Proxy-Origin
91.199.118.75; 91.199.118.75; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
26a5aaa1-43f2-43a0-b20a-6c40957e18e0
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=79558216986088634&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame C98E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=CC146F8A-A2DF-4195-B4B5-D84003A697D4&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=CC146F8A-A2DF-4195-B4B5-D84003A697D4&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Gzp.DJ1E2uUiGoQ4jZfzdP5LC13jFzk-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Gzp.DJ1E2uUiGoQ4jZfzdP5LC13jFzk-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:02 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 10 Sep 2021 12:54:02 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Gzp.DJ1E2uUiGoQ4jZfzdP5LC13jFzk-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
CC146F8A-A2DF-4195-B4B5-D84003A697D4
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame C98E 		43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/CC146F8A-A2DF-4195-B4B5-D84003A697D4?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:02 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C98E
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=4iDCA-EkxwD5IcFU4iDcWLclxlD5JskFsSDqh6M2
42 B
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=4iDCA-EkxwD5IcFU4iDcWLclxlD5JskFsSDqh6M2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:01 GMT
cache-control
no-store, no-cache, private
x-lat
amspug018:0:443
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:02 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=4iDCA-EkxwD5IcFU4iDcWLclxlD5JskFsSDqh6M2
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C98E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=d9baeb63-b8bf-4e5e-80a1-f874d429193b
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=d9baeb63-b8bf-4e5e-80a1-f874d429193b
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=236f4cbe-0aaa-42c8-a3f5-8abcc8e2c2fe&user_group=1&ssp=pubmatic&bsw_param=d9baeb63-b8bf-4e5e-80a1-f874d429193b
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d9baeb63-b8bf-4e5e-80a1-f874d429193b&gdpr=&gdpr_consent=&gdpr_pd=
1 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d9baeb63-b8bf-4e5e-80a1-f874d429193b&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:00 GMT
cache-control
no-store, no-cache, private
x-lat
amspug012:0:427
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d9baeb63-b8bf-4e5e-80a1-f874d429193b&gdpr=&gdpr_consent=&gdpr_pd=
date
Fri, 10 Sep 2021 12:54:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame C98E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YTtVagAAAmZurQA6&gdpr=0&gdpr_consent=&_test=YTtVagAAAmZurQA6
1 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YTtVagAAAmZurQA6&gdpr=0&gdpr_consent=&_test=YTtVagAAAmZurQA6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:00 GMT
cache-control
no-store, no-cache, private
x-lat
amspug010:0:508
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:02 GMT
via
1.1 varnish
server
Varnish
x-timer
S1631278442.185491,VS0,VE0
x-served-by
cache-fra19147-FRA
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YTtVagAAAmZurQA6&gdpr=0&gdpr_consent=&_test=YTtVagAAAmZurQA6
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame C98E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7665991417695659745&gdpr=0&gdpr_consent=&us_privacy=
1 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7665991417695659745&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:53:59 GMT
cache-control
no-store, no-cache, private
x-lat
amspug010:0:426
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7665991417695659745&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 10 Sep 2021 12:54:01 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame C98E 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=CC146F8A-A2DF-4195-B4B5-D84003A697D4&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:02 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame C98E
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:01 GMT
cache-control
no-store, no-cache, private
x-lat
amspug008:0:444
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:01 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C98E
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:5fd069ab-2ce8-43cf-ba14-78fb7c6cedfe&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:5fd069ab-2ce8-43cf-ba14-78fb7c6cedfe&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:00 GMT
cache-control
no-store, no-cache, private
x-lat
amspug007:0:371
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:5fd069ab-2ce8-43cf-ba14-78fb7c6cedfe&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Fri, 10 Sep 2021 12:54:02 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame C98E
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=79558216986088634
42 B
133 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=79558216986088634
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:01 GMT
cache-control
no-store, no-cache, private
x-lat
amspug003:0:386
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:02 GMT
X-Proxy-Origin
91.199.118.75; 91.199.118.75; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
fe5041de-6db6-42f4-af94-50d656516ecd
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=79558216986088634
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C98E
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_11738dd5-e334-48db-acfc-6d0d273aa84d
42 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_11738dd5-e334-48db-acfc-6d0d273aa84d
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:01 GMT
cache-control
no-store, no-cache, private
x-lat
amspug018:0:417
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_11738dd5-e334-48db-acfc-6d0d273aa84d
date
Fri, 10 Sep 2021 12:54:02 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
de-DE
st.min.html
apps.sascdn.com/rtb/transparency/handler/ Frame 258D 		531 B
811 B 		Document
General
Check archive.org
Download Go to
Full URL
https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22460599969362581564%22%2c%22adomain%22%3a%22betway.de%22%2c%22page%22%3a%221438277%22%2c%22format%22%3a%2289189%22%2c%22crid%22%3a%22409_19638%22%2c%22dsp%22%3a%2231%22%2c%22buyer%22%3a%22137327%22%2c%22cid%22%3a%221347%22%2c%22adid%22%3a%22409_19638%22%2c%22hash%22%3a%224099429373733943189%22%7d
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e039 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1

Request headers

Host
apps.sascdn.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ask.fm/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

Accept-Ranges
bytes
Content-Type
text/html
ETag
"cf77ec65ee9c36afad6942d47dda53fb:1613657530.934096"
Last-Modified
Thu, 18 Feb 2021 14:12:04 GMT
Server
AkamaiNetStorage
Content-Length
531
Date
Fri, 10 Sep 2021 12:54:02 GMT
Connection
keep-alive
Cookie set /
eu.sportradarserving.com/ul_cb/content/fBEwV5KhuBvern-KSrQJ5nQedudhzgT9tF-FO35PoYHkMJzVHUv_hQ36OYFW78UKAzZUYwjkxnPwy8AsBI4LFefet7TS7scuPwUr2OL37r5Kn3rZJiBsG23XUQjUb6XgVkzTDanFSZ4mkvfCsdqOigQWkhR6-_... Frame 6C43
Redirect Chain
  • https://eu.sportradarserving.com/content/fBEwV5KhuBvern-KSrQJ5nQedudhzgT9tF-FO35PoYHkMJzVHUv_hQ36OYFW78UKAzZUYwjkxnPwy8AsBI4LFefet7TS7scuPwUr2OL37r5Kn3rZJiBsG23XUQjUb6XgVkzTDanFSZ4mkvfCsdqOigQWkhR6...
  • https://eu.sportradarserving.com/ul_cb/content/fBEwV5KhuBvern-KSrQJ5nQedudhzgT9tF-FO35PoYHkMJzVHUv_hQ36OYFW78UKAzZUYwjkxnPwy8AsBI4LFefet7TS7scuPwUr2OL37r5Kn3rZJiBsG23XUQjUb6XgVkzTDanFSZ4mkvfCsdqOig...
13 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eu.sportradarserving.com/ul_cb/content/fBEwV5KhuBvern-KSrQJ5nQedudhzgT9tF-FO35PoYHkMJzVHUv_hQ36OYFW78UKAzZUYwjkxnPwy8AsBI4LFefet7TS7scuPwUr2OL37r5Kn3rZJiBsG23XUQjUb6XgVkzTDanFSZ4mkvfCsdqOigQWkhR6-_0yPTEGzfp0gYoseUvU6Te-PPtNMv01sYpE0DrJTGiUBYqwZ4fxFjDVL-fUrWuoTsJ1ysR4ANEjO0R_FxuQwmHPFGZixpIg_8SaqMckcrvhinAmxf3qNEw80TbfkXtFCB1AOqSIWFM3582qZ-oyolAMiTiXgZcV4_Ak_SDhyQZdnLDjoOXXSj-dqInz73l7UvH6EKBWYgvU3zFMhB5GxhJ_rK3wZtGjMjcmGHk4BzxWGsgT_zLgyzHFyo_rMZ9zxtMhAVA4ZONdMQK1B4yRI_s1iwPFGhut7xRz8y2ReyahgItIy1k1ifKmFz5J1XLob8QS1okijuJTRknTS8RSrI3CRBcJ715L-8-JQx0-qHtsah2YlHpMYFNrmitunnMqZLz2UfE02_ljFFIL9r4P9VzfhbD3Q3WK1WiLXPYB8WpsMdXWJGLTh65i22J9UtHY6EEnEnTuAJC8nX7EDVBVxWGKhTfOCdcoXIFJkGRtw5hqBgOZa-0eELG7MQqkTXmeoQyOdcKbu7_Pp610O1QxgL7gcWqj2cT7bRs1eTkGYBsEOchE7cLvUstEekJlexQvqPct9S2ER6gpI4W678XSW-oEGsJPOOQW_kBLHzr8-MWagJznt_0ZejAbrI4Q783oY6WtBw-J5g1H50g_FPrEH7nu9OI8NJC15TacWNZc7eMmP0WQV_wQQx4vocEd8lJ9OLy_myO2AUgXEnPFAiRSVs2s-F3y7ll1Dtw4K6L5OmMM0vM3lyiSmAxwBsGMzVy7x1oPewNMdY2CptBRuPyTby7WX_FYQUnANuKwWXiCc-P6ZVUb_m0yDm4Kox9amXi7ZzqiYljDuWzhtx37Cuc3DvCllffk6XyyIFpFZ7QmWPg4OGDAIUQY-TdqMoKkr2Ne_4MKr9CW5_AzAWcFgm3MT-w4tlsvV0HoSXg3Z34Iw2Hpb55runbzN1_qcMrgaLYJDkydQyVf_fUx7S7oLZlHZ6w4g7q6ZzBI93sj2UFEd3Bscwt1OAlYudReckFd5rB5_YTN/
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.4.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-4-26.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
128927f59836c27c5027834ede82532c33ae2ab29870b536d72594c722c0ab1c

Request headers

Host
eu.sportradarserving.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ask.fm/
Accept-Encoding
gzip, deflate, br
Cookie
zuuid=365aa3fc-bdd0-4286-a8dd-fb9f6e3f9fee; c=1631278442; zuuid_lu=1631278442
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 10 Sep 2021 12:54:02 GMT
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie
zuuid=365aa3fc-bdd0-4286-a8dd-fb9f6e3f9fee; path=/; expires=Sat, 10-Sep-2022 12:54:02 GMT; domain=sportradarserving.com; samesite=none; secure zuuid_lu=1631278442; path=/; expires=Sat, 10-Sep-2022 12:54:02 GMT; domain=sportradarserving.com; samesite=none; secure zuuid_k=1; path=/; expires=Sat, 10-Sep-2022 12:54:02 GMT; domain=sportradarserving.com; samesite=none; secure zuuid_k_lu=1631278442; path=/; expires=Sat, 10-Sep-2022 12:54:02 GMT; domain=sportradarserving.com; samesite=none; secure pvc2=fBEwV5KhuBvern-KSrQJ5nQedudhzgT9tF-FO35PoYHkMJzVHUv_hQ36OYFW78UKAzZUYwjkxnPwy8AsBI4LFefet7TS7scuPwUr2OL37r5Kn3rZJiBsG23XUQjUb6XgVkzTDanFSZ4mkvfCsdqOigQWkhR6-_0yPTEGzfp0gYoseUvU6Te-PPtNMv01sYpE0DrJTGiUBYqwZ4fxFjDVL-fUrWuoTsJ1ysR4ANEjO0R_FxuQwmHPFGZixpIg_8SaqMckcrvhinAmxf3qNEw80TbfkXtFCB1AOqSIWFM3582qZ-oyolAMiTiXgZcV4_Ak_SDhyQZdnLDjoOXXSj-dqInz73l7UvH6EKBWYgvU3zFMhB5GxhJ_rK3wZtGjMjcmGHk4BzxWGsgT_zLgyzHFyo_rMZ9zxtMhAVA4ZONdMQK1B4yRI_s1iwPFGhut7xRz8y2ReyahgItIy1k1ifKmFz5J1XLob8QS1okijuJTRknTS8RSrI3CRBcJ715L-8-JQx0-qHtsah2YlHpMYFNrmitunnMqZLz2UfE02_ljFFIL9r4P9VzfhbD3Q3WK1WiLXPYB8WpsMdXWJGLTh65i22J9UtHY6EEnEnTuAJC8nX7EDVBVxWGKhTfOCdcoXIFJkGRtw5hqBgOZa-0eELG7MQqkTXmeoQyOdcKbu7_Pp610O1QxgL7gcWqj2cT7bRs1eTkGYBsEOchE7cLvUstEekJlexQvqPct9S2ER6gpI4W678XSW-oEGsJPOOQW_kBLHzr8-MWagJznt_0ZejAbrI4Q783oY6WtBw-J5g1H50g_FPrEH7nu9OI8NJC15TacWNZc7eMmP0WQV_wQQx4vocEd8lJ9OLy_myO2AUgXEnPFAiRSVs2s-F3y7ll1Dtw4K6L5OmMM0vM3lyiSmAxwBsGMzVy7x1oPewNMdY2CptBRuPyTby7WX_FYQUnANuKwWXiCc-P6ZVUb_m0yDm4Kox9amXi7ZzqiYljDuWzhtx37Cuc3DvCllffk6XyyIFpFZ7QmWPg4OGDAIUQY-TdqMoKkr2Ne_4MKr9CW5_AzAWcFgm3MT-w4tlsvV0HoSXg3Z34Iw2Hpb55runbzN1_qcMrgaLYJDkydQyVf_fUx7S7oLZlHZ6w4g7q6ZzBI93sj2UFEd3Bscwt1OAlYudReckFd5rB5_YTN,iRFxMMc6WnFCJdw8MWRx4Q,i50n-DHBtSCOzsvQxsKTkA,WPmWukykxPIP5dHUIZplhg,i50n-DHBtSCOzsvQxsKTkA,kvHnb6J8Cc4FRKr7knZHXg,i50n-DHBtSCOzsvQxsKTkA,U6jq-n_6rENBinJDVjKfvw,i50n-DHBtSCOzsvQxsKTkA,MNjmGSind2a1B1A5UtXktg,i50n-DHBtSCOzsvQxsKTkA,ojE4Xe9--p0e6jWuZ3FXug,i50n-DHBtSCOzsvQxsKTkA,GC2YtHodDZYicqOLK8mnyQ,i50n-DHBtSCOzsvQxsKTkA,pEAUKGC6nhT7wCnM4wpMfQ,i50n-DHBtSCOzsvQxsKTkA; path=/; expires=Sat, 10-Sep-2022 12:54:02 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length
4879
Connection
keep-alive

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Date
Fri, 10 Sep 2021 12:54:02 GMT
Location
https://eu.sportradarserving.com/ul_cb/content/fBEwV5KhuBvern-KSrQJ5nQedudhzgT9tF-FO35PoYHkMJzVHUv_hQ36OYFW78UKAzZUYwjkxnPwy8AsBI4LFefet7TS7scuPwUr2OL37r5Kn3rZJiBsG23XUQjUb6XgVkzTDanFSZ4mkvfCsdqOigQWkhR6-_0yPTEGzfp0gYoseUvU6Te-PPtNMv01sYpE0DrJTGiUBYqwZ4fxFjDVL-fUrWuoTsJ1ysR4ANEjO0R_FxuQwmHPFGZixpIg_8SaqMckcrvhinAmxf3qNEw80TbfkXtFCB1AOqSIWFM3582qZ-oyolAMiTiXgZcV4_Ak_SDhyQZdnLDjoOXXSj-dqInz73l7UvH6EKBWYgvU3zFMhB5GxhJ_rK3wZtGjMjcmGHk4BzxWGsgT_zLgyzHFyo_rMZ9zxtMhAVA4ZONdMQK1B4yRI_s1iwPFGhut7xRz8y2ReyahgItIy1k1ifKmFz5J1XLob8QS1okijuJTRknTS8RSrI3CRBcJ715L-8-JQx0-qHtsah2YlHpMYFNrmitunnMqZLz2UfE02_ljFFIL9r4P9VzfhbD3Q3WK1WiLXPYB8WpsMdXWJGLTh65i22J9UtHY6EEnEnTuAJC8nX7EDVBVxWGKhTfOCdcoXIFJkGRtw5hqBgOZa-0eELG7MQqkTXmeoQyOdcKbu7_Pp610O1QxgL7gcWqj2cT7bRs1eTkGYBsEOchE7cLvUstEekJlexQvqPct9S2ER6gpI4W678XSW-oEGsJPOOQW_kBLHzr8-MWagJznt_0ZejAbrI4Q783oY6WtBw-J5g1H50g_FPrEH7nu9OI8NJC15TacWNZc7eMmP0WQV_wQQx4vocEd8lJ9OLy_myO2AUgXEnPFAiRSVs2s-F3y7ll1Dtw4K6L5OmMM0vM3lyiSmAxwBsGMzVy7x1oPewNMdY2CptBRuPyTby7WX_FYQUnANuKwWXiCc-P6ZVUb_m0yDm4Kox9amXi7ZzqiYljDuWzhtx37Cuc3DvCllffk6XyyIFpFZ7QmWPg4OGDAIUQY-TdqMoKkr2Ne_4MKr9CW5_AzAWcFgm3MT-w4tlsvV0HoSXg3Z34Iw2Hpb55runbzN1_qcMrgaLYJDkydQyVf_fUx7S7oLZlHZ6w4g7q6ZzBI93sj2UFEd3Bscwt1OAlYudReckFd5rB5_YTN/
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie
zuuid=365aa3fc-bdd0-4286-a8dd-fb9f6e3f9fee; path=/; expires=Sat, 10-Sep-2022 12:54:02 GMT; domain=sportradarserving.com; samesite=none; secure c=1631278442; path=/; expires=Sat, 10-Sep-2022 12:54:02 GMT; domain=sportradarserving.com; samesite=none; secure zuuid_lu=1631278442; path=/; expires=Sat, 10-Sep-2022 12:54:02 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length
0
Connection
keep-alive
aip
itx4.smartadserver.com/h/ Frame ED57 		43 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://itx4.smartadserver.com/h/aip?uii=460599969362602883&tmstp=6146143137&ckid=7913875953512040140&pubid=23&systgt=%24qc%3d1313506140%3b%24ql%3dUnknown%3b%24qpc%3d76726%3b%24qt%3d25_1767_24818t%3b%24dma%3d0%3b%24b%3d16890%3b%24o%3d11100&acd=1631278441335&envtype=0&opid=1afba946-e41e-466d-a03c-549a8af918f5&opdt=1631278441335&siteid=259837&tgt=%24dt%3d1t&gdpr=0&visit=S&statid=3&imptype=0&pgDomain=https%3a%2f%2fask.fm%2fcactussupply519&cappid=7913875953512040140&capp=1&mcrdbt=1&insid=10104881&imgid=0&pgid=1438277&fmtid=89189&isLazy=0&rtb=1&rtbnid=2079&rtbbid=460599969362581564&rtbh=b07bfcb32615cdaa86242cf6db1146427876c4e0&rtblt=637668752413389672&rtbet=0&rtbptnid=31&cftgid=d878bfc715be
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:01 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/ Frame ED57
Redirect Chain
  • https://aws-fr-sync.bidswitch.net/sync?ssp=smartadserver&dsp_id=409&imp=1
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=smartadserver
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=smartadserver
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=daee4435-3cac-4044-90f3-a4ff574d6235&ssp=smartadserver
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=d9baeb63-b8bf-4e5e-80a1-f874d429193b&gdpr=&gdpr_consent=
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=d9baeb63-b8bf-4e5e-80a1-f874d429193b&gdpr=&gdpr_consent=
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:07 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

location
//rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=d9baeb63-b8bf-4e5e-80a1-f874d429193b&gdpr=&gdpr_consent=
date
Fri, 10 Sep 2021 12:54:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersyncs
tags.feedad.com/1/ Frame 6C43 		42 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.feedad.com/1/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=365aa3fc-bdd0-4286-a8dd-fb9f6e3f9fee
Requested by
Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/fBEwV5KhuBvern-KSrQJ5nQedudhzgT9tF-FO35PoYHkMJzVHUv_hQ36OYFW78UKAzZUYwjkxnPwy8AsBI4LFefet7TS7scuPwUr2OL37r5Kn3rZJiBsG23XUQjUb6XgVkzTDanFSZ4mkvfCsdqOigQWkhR6-_0yPTEGzfp0gYoseUvU6Te-PPtNMv01sYpE0DrJTGiUBYqwZ4fxFjDVL-fUrWuoTsJ1ysR4ANEjO0R_FxuQwmHPFGZixpIg_8SaqMckcrvhinAmxf3qNEw80TbfkXtFCB1AOqSIWFM3582qZ-oyolAMiTiXgZcV4_Ak_SDhyQZdnLDjoOXXSj-dqInz73l7UvH6EKBWYgvU3zFMhB5GxhJ_rK3wZtGjMjcmGHk4BzxWGsgT_zLgyzHFyo_rMZ9zxtMhAVA4ZONdMQK1B4yRI_s1iwPFGhut7xRz8y2ReyahgItIy1k1ifKmFz5J1XLob8QS1okijuJTRknTS8RSrI3CRBcJ715L-8-JQx0-qHtsah2YlHpMYFNrmitunnMqZLz2UfE02_ljFFIL9r4P9VzfhbD3Q3WK1WiLXPYB8WpsMdXWJGLTh65i22J9UtHY6EEnEnTuAJC8nX7EDVBVxWGKhTfOCdcoXIFJkGRtw5hqBgOZa-0eELG7MQqkTXmeoQyOdcKbu7_Pp610O1QxgL7gcWqj2cT7bRs1eTkGYBsEOchE7cLvUstEekJlexQvqPct9S2ER6gpI4W678XSW-oEGsJPOOQW_kBLHzr8-MWagJznt_0ZejAbrI4Q783oY6WtBw-J5g1H50g_FPrEH7nu9OI8NJC15TacWNZc7eMmP0WQV_wQQx4vocEd8lJ9OLy_myO2AUgXEnPFAiRSVs2s-F3y7ll1Dtw4K6L5OmMM0vM3lyiSmAxwBsGMzVy7x1oPewNMdY2CptBRuPyTby7WX_FYQUnANuKwWXiCc-P6ZVUb_m0yDm4Kox9amXi7ZzqiYljDuWzhtx37Cuc3DvCllffk6XyyIFpFZ7QmWPg4OGDAIUQY-TdqMoKkr2Ne_4MKr9CW5_AzAWcFgm3MT-w4tlsvV0HoSXg3Z34Iw2Hpb55runbzN1_qcMrgaLYJDkydQyVf_fUx7S7oLZlHZ6w4g7q6ZzBI93sj2UFEd3Bscwt1OAlYudReckFd5rB5_YTN/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2015.1e100.net
Software
Google Frontend /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cloud-trace-context
e2511e9558e3945ec3c20738f07e2543
cache-control
private
server
Google Frontend
content-type
image/gif
date
Fri, 10 Sep 2021 12:54:02 GMT
content-length
42
expires
Fri, 10 Sep 2021 12:54:02 GMT
setuid
ib.adnxs.com/ Frame 6C43
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=365aa3fc-bdd0-4286-a8dd-fb9f6e3f9fee
  • https://ib.adnxs.com/setuid?entity=388&code=d9baeb63-b8bf-4e5e-80a1-f874d429193b
43 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=388&code=d9baeb63-b8bf-4e5e-80a1-f874d429193b
Requested by
Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/fBEwV5KhuBvern-KSrQJ5nQedudhzgT9tF-FO35PoYHkMJzVHUv_hQ36OYFW78UKAzZUYwjkxnPwy8AsBI4LFefet7TS7scuPwUr2OL37r5Kn3rZJiBsG23XUQjUb6XgVkzTDanFSZ4mkvfCsdqOigQWkhR6-_0yPTEGzfp0gYoseUvU6Te-PPtNMv01sYpE0DrJTGiUBYqwZ4fxFjDVL-fUrWuoTsJ1ysR4ANEjO0R_FxuQwmHPFGZixpIg_8SaqMckcrvhinAmxf3qNEw80TbfkXtFCB1AOqSIWFM3582qZ-oyolAMiTiXgZcV4_Ak_SDhyQZdnLDjoOXXSj-dqInz73l7UvH6EKBWYgvU3zFMhB5GxhJ_rK3wZtGjMjcmGHk4BzxWGsgT_zLgyzHFyo_rMZ9zxtMhAVA4ZONdMQK1B4yRI_s1iwPFGhut7xRz8y2ReyahgItIy1k1ifKmFz5J1XLob8QS1okijuJTRknTS8RSrI3CRBcJ715L-8-JQx0-qHtsah2YlHpMYFNrmitunnMqZLz2UfE02_ljFFIL9r4P9VzfhbD3Q3WK1WiLXPYB8WpsMdXWJGLTh65i22J9UtHY6EEnEnTuAJC8nX7EDVBVxWGKhTfOCdcoXIFJkGRtw5hqBgOZa-0eELG7MQqkTXmeoQyOdcKbu7_Pp610O1QxgL7gcWqj2cT7bRs1eTkGYBsEOchE7cLvUstEekJlexQvqPct9S2ER6gpI4W678XSW-oEGsJPOOQW_kBLHzr8-MWagJznt_0ZejAbrI4Q783oY6WtBw-J5g1H50g_FPrEH7nu9OI8NJC15TacWNZc7eMmP0WQV_wQQx4vocEd8lJ9OLy_myO2AUgXEnPFAiRSVs2s-F3y7ll1Dtw4K6L5OmMM0vM3lyiSmAxwBsGMzVy7x1oPewNMdY2CptBRuPyTby7WX_FYQUnANuKwWXiCc-P6ZVUb_m0yDm4Kox9amXi7ZzqiYljDuWzhtx37Cuc3DvCllffk6XyyIFpFZ7QmWPg4OGDAIUQY-TdqMoKkr2Ne_4MKr9CW5_AzAWcFgm3MT-w4tlsvV0HoSXg3Z34Iw2Hpb55runbzN1_qcMrgaLYJDkydQyVf_fUx7S7oLZlHZ6w4g7q6ZzBI93sj2UFEd3Bscwt1OAlYudReckFd5rB5_YTN/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:02 GMT
X-Proxy-Origin
91.199.118.75; 91.199.118.75; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
7c7b1476-b3d2-40dd-b41d-d7f2f10bd4dd
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location
//ib.adnxs.com/setuid?entity=388&code=d9baeb63-b8bf-4e5e-80a1-f874d429193b
date
Fri, 10 Sep 2021 12:54:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersyncs
api.feedad.com/1.1/web/ Frame 6C43 		42 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.feedad.com/1.1/web/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=365aa3fc-bdd0-4286-a8dd-fb9f6e3f9fee
Requested by
Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/fBEwV5KhuBvern-KSrQJ5nQedudhzgT9tF-FO35PoYHkMJzVHUv_hQ36OYFW78UKAzZUYwjkxnPwy8AsBI4LFefet7TS7scuPwUr2OL37r5Kn3rZJiBsG23XUQjUb6XgVkzTDanFSZ4mkvfCsdqOigQWkhR6-_0yPTEGzfp0gYoseUvU6Te-PPtNMv01sYpE0DrJTGiUBYqwZ4fxFjDVL-fUrWuoTsJ1ysR4ANEjO0R_FxuQwmHPFGZixpIg_8SaqMckcrvhinAmxf3qNEw80TbfkXtFCB1AOqSIWFM3582qZ-oyolAMiTiXgZcV4_Ak_SDhyQZdnLDjoOXXSj-dqInz73l7UvH6EKBWYgvU3zFMhB5GxhJ_rK3wZtGjMjcmGHk4BzxWGsgT_zLgyzHFyo_rMZ9zxtMhAVA4ZONdMQK1B4yRI_s1iwPFGhut7xRz8y2ReyahgItIy1k1ifKmFz5J1XLob8QS1okijuJTRknTS8RSrI3CRBcJ715L-8-JQx0-qHtsah2YlHpMYFNrmitunnMqZLz2UfE02_ljFFIL9r4P9VzfhbD3Q3WK1WiLXPYB8WpsMdXWJGLTh65i22J9UtHY6EEnEnTuAJC8nX7EDVBVxWGKhTfOCdcoXIFJkGRtw5hqBgOZa-0eELG7MQqkTXmeoQyOdcKbu7_Pp610O1QxgL7gcWqj2cT7bRs1eTkGYBsEOchE7cLvUstEekJlexQvqPct9S2ER6gpI4W678XSW-oEGsJPOOQW_kBLHzr8-MWagJznt_0ZejAbrI4Q783oY6WtBw-J5g1H50g_FPrEH7nu9OI8NJC15TacWNZc7eMmP0WQV_wQQx4vocEd8lJ9OLy_myO2AUgXEnPFAiRSVs2s-F3y7ll1Dtw4K6L5OmMM0vM3lyiSmAxwBsGMzVy7x1oPewNMdY2CptBRuPyTby7WX_FYQUnANuKwWXiCc-P6ZVUb_m0yDm4Kox9amXi7ZzqiYljDuWzhtx37Cuc3DvCllffk6XyyIFpFZ7QmWPg4OGDAIUQY-TdqMoKkr2Ne_4MKr9CW5_AzAWcFgm3MT-w4tlsvV0HoSXg3Z34Iw2Hpb55runbzN1_qcMrgaLYJDkydQyVf_fUx7S7oLZlHZ6w4g7q6ZzBI93sj2UFEd3Bscwt1OAlYudReckFd5rB5_YTN/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2215.1e100.net
Software
Google Frontend /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cloud-trace-context
f83088afd9c923ba05f4d8923777a2f4
cache-control
private
server
Google Frontend
content-type
image/gif
date
Fri, 10 Sep 2021 12:54:02 GMT
content-length
42
expires
Fri, 10 Sep 2021 12:54:02 GMT
youronlinechoices_icon.png
eu.sportradarserving.com/ Frame 6C43 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.sportradarserving.com/youronlinechoices_icon.png
Requested by
Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/fBEwV5KhuBvern-KSrQJ5nQedudhzgT9tF-FO35PoYHkMJzVHUv_hQ36OYFW78UKAzZUYwjkxnPwy8AsBI4LFefet7TS7scuPwUr2OL37r5Kn3rZJiBsG23XUQjUb6XgVkzTDanFSZ4mkvfCsdqOigQWkhR6-_0yPTEGzfp0gYoseUvU6Te-PPtNMv01sYpE0DrJTGiUBYqwZ4fxFjDVL-fUrWuoTsJ1ysR4ANEjO0R_FxuQwmHPFGZixpIg_8SaqMckcrvhinAmxf3qNEw80TbfkXtFCB1AOqSIWFM3582qZ-oyolAMiTiXgZcV4_Ak_SDhyQZdnLDjoOXXSj-dqInz73l7UvH6EKBWYgvU3zFMhB5GxhJ_rK3wZtGjMjcmGHk4BzxWGsgT_zLgyzHFyo_rMZ9zxtMhAVA4ZONdMQK1B4yRI_s1iwPFGhut7xRz8y2ReyahgItIy1k1ifKmFz5J1XLob8QS1okijuJTRknTS8RSrI3CRBcJ715L-8-JQx0-qHtsah2YlHpMYFNrmitunnMqZLz2UfE02_ljFFIL9r4P9VzfhbD3Q3WK1WiLXPYB8WpsMdXWJGLTh65i22J9UtHY6EEnEnTuAJC8nX7EDVBVxWGKhTfOCdcoXIFJkGRtw5hqBgOZa-0eELG7MQqkTXmeoQyOdcKbu7_Pp610O1QxgL7gcWqj2cT7bRs1eTkGYBsEOchE7cLvUstEekJlexQvqPct9S2ER6gpI4W678XSW-oEGsJPOOQW_kBLHzr8-MWagJznt_0ZejAbrI4Q783oY6WtBw-J5g1H50g_FPrEH7nu9OI8NJC15TacWNZc7eMmP0WQV_wQQx4vocEd8lJ9OLy_myO2AUgXEnPFAiRSVs2s-F3y7ll1Dtw4K6L5OmMM0vM3lyiSmAxwBsGMzVy7x1oPewNMdY2CptBRuPyTby7WX_FYQUnANuKwWXiCc-P6ZVUb_m0yDm4Kox9amXi7ZzqiYljDuWzhtx37Cuc3DvCllffk6XyyIFpFZ7QmWPg4OGDAIUQY-TdqMoKkr2Ne_4MKr9CW5_AzAWcFgm3MT-w4tlsvV0HoSXg3Z34Iw2Hpb55runbzN1_qcMrgaLYJDkydQyVf_fUx7S7oLZlHZ6w4g7q6ZzBI93sj2UFEd3Bscwt1OAlYudReckFd5rB5_YTN/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.4.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-4-26.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
30c065c5189582302f1fc91edd7f8c99956f6f8bd6c4b242081f41ab1c772b08

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/ul_cb/content/fBEwV5KhuBvern-KSrQJ5nQedudhzgT9tF-FO35PoYHkMJzVHUv_hQ36OYFW78UKAzZUYwjkxnPwy8AsBI4LFefet7TS7scuPwUr2OL37r5Kn3rZJiBsG23XUQjUb6XgVkzTDanFSZ4mkvfCsdqOigQWkhR6-_0yPTEGzfp0gYoseUvU6Te-PPtNMv01sYpE0DrJTGiUBYqwZ4fxFjDVL-fUrWuoTsJ1ysR4ANEjO0R_FxuQwmHPFGZixpIg_8SaqMckcrvhinAmxf3qNEw80TbfkXtFCB1AOqSIWFM3582qZ-oyolAMiTiXgZcV4_Ak_SDhyQZdnLDjoOXXSj-dqInz73l7UvH6EKBWYgvU3zFMhB5GxhJ_rK3wZtGjMjcmGHk4BzxWGsgT_zLgyzHFyo_rMZ9zxtMhAVA4ZONdMQK1B4yRI_s1iwPFGhut7xRz8y2ReyahgItIy1k1ifKmFz5J1XLob8QS1okijuJTRknTS8RSrI3CRBcJ715L-8-JQx0-qHtsah2YlHpMYFNrmitunnMqZLz2UfE02_ljFFIL9r4P9VzfhbD3Q3WK1WiLXPYB8WpsMdXWJGLTh65i22J9UtHY6EEnEnTuAJC8nX7EDVBVxWGKhTfOCdcoXIFJkGRtw5hqBgOZa-0eELG7MQqkTXmeoQyOdcKbu7_Pp610O1QxgL7gcWqj2cT7bRs1eTkGYBsEOchE7cLvUstEekJlexQvqPct9S2ER6gpI4W678XSW-oEGsJPOOQW_kBLHzr8-MWagJznt_0ZejAbrI4Q783oY6WtBw-J5g1H50g_FPrEH7nu9OI8NJC15TacWNZc7eMmP0WQV_wQQx4vocEd8lJ9OLy_myO2AUgXEnPFAiRSVs2s-F3y7ll1Dtw4K6L5OmMM0vM3lyiSmAxwBsGMzVy7x1oPewNMdY2CptBRuPyTby7WX_FYQUnANuKwWXiCc-P6ZVUb_m0yDm4Kox9amXi7ZzqiYljDuWzhtx37Cuc3DvCllffk6XyyIFpFZ7QmWPg4OGDAIUQY-TdqMoKkr2Ne_4MKr9CW5_AzAWcFgm3MT-w4tlsvV0HoSXg3Z34Iw2Hpb55runbzN1_qcMrgaLYJDkydQyVf_fUx7S7oLZlHZ6w4g7q6ZzBI93sj2UFEd3Bscwt1OAlYudReckFd5rB5_YTN/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:02 GMT
Last-Modified
Wed, 08 Sep 2021 09:22:51 GMT
ETag
16310929711319
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
max-age=86400
Connection
keep-alive
Content-Type
image/png
Content-Length
1319
fBEwV5KhuBvern-KSrQJ5nQedudhzgT9tF-FO35PoYHkMJzVHUv_hQ36OYFW78UKAzZUYwjkxnPwy8AsBI4LFefet7TS7scuPwUr2OL37r5Kn3rZJiBsG23XUQjUb6XgVkzTDanFSZ4mkvfCsdqOigQWkhR6-_0yPTEGzfp0gYoseUvU6Te-PPtNMv01sYpE0DrJT...
eu.sportradarserving.com/mimp/ Frame 6C43 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.sportradarserving.com/mimp/fBEwV5KhuBvern-KSrQJ5nQedudhzgT9tF-FO35PoYHkMJzVHUv_hQ36OYFW78UKAzZUYwjkxnPwy8AsBI4LFefet7TS7scuPwUr2OL37r5Kn3rZJiBsG23XUQjUb6XgVkzTDanFSZ4mkvfCsdqOigQWkhR6-_0yPTEGzfp0gYoseUvU6Te-PPtNMv01sYpE0DrJTGiUBYqwZ4fxFjDVL-fUrWuoTsJ1ysR4ANEjO0R_FxuQwmHPFGZixpIg_8SaqMckcrvhinAmxf3qNEw80TbfkXtFCB1AOqSIWFM3582qZ-oyolAMiTiXgZcV4_Ak_SDhyQZdnLDjoOXXSj-dqInz73l7UvH6EKBWYgvU3zFMhB5GxhJ_rK3wZtGjMjcmGHk4BzxWGsgT_zLgyzHFyo_rMZ9zxtMhAVA4ZONdMQK1B4yRI_s1iwPFGhut7xRz8y2ReyahgItIy1k1ifKmFz5J1XLob8QS1okijuJTRknTS8RSrI3CRBcJ715L-8-JQx0-qHtsah2YlHpMYFNrmitunnMqZLz2UfE02_ljFFIL9r4P9VzfhbD3Q3WK1WiLXPYB8WpsMdXWJGLTh65i22J9UtHY6EEnEnTuAJC8nX7EDVBVxWGKhTfOCdcoXIFJkGRtw5hqBgOZa-0eELG7MQqkTXmeoQyOdcKbu7_Pp610O1QxgL7gcWqj2cT7bRs1eTkGYBsEOchE7cLvUstEekJlexQvqPct9S2ER6gpI4W678XSW-oEGsJPOOQW_kBLHzr8-MWagJznt_0ZejAbrI4Q783oY6WtBw-J5g1H50g_FPrEH7nu9OI8NJC15TacWNZc7eMmP0WQV_wQQx4vocEd8lJ9OLy_myO2AUgXEnPFAiRSVs2s-F3y7ll1Dtw4K6L5OmMM0vM3lyiSmAxwBsGMzVy7x1oPewNMdY2CptBRuPyTby7WX_FYQUnANuKwWXiCc-P6ZVUb_m0yDm4Kox9amXi7ZzqiYljDuWzhtx37Cuc3DvCllffk6XyyIFpFZ7QmWPg4OGDAIUQY-TdqMoKkr2Ne_4MKr9CW5_AzAWcFgm3MT-w4tlsvV0HoSXg3Z34Iw2Hpb55runbzN1_qcMrgaLYJDkydQyVf_fUx7S7oLZlHZ6w4g7q6ZzBI93sj2UFEd3Bscwt1OAlYudReckFd5rB5_YTN
Requested by
Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/fBEwV5KhuBvern-KSrQJ5nQedudhzgT9tF-FO35PoYHkMJzVHUv_hQ36OYFW78UKAzZUYwjkxnPwy8AsBI4LFefet7TS7scuPwUr2OL37r5Kn3rZJiBsG23XUQjUb6XgVkzTDanFSZ4mkvfCsdqOigQWkhR6-_0yPTEGzfp0gYoseUvU6Te-PPtNMv01sYpE0DrJTGiUBYqwZ4fxFjDVL-fUrWuoTsJ1ysR4ANEjO0R_FxuQwmHPFGZixpIg_8SaqMckcrvhinAmxf3qNEw80TbfkXtFCB1AOqSIWFM3582qZ-oyolAMiTiXgZcV4_Ak_SDhyQZdnLDjoOXXSj-dqInz73l7UvH6EKBWYgvU3zFMhB5GxhJ_rK3wZtGjMjcmGHk4BzxWGsgT_zLgyzHFyo_rMZ9zxtMhAVA4ZONdMQK1B4yRI_s1iwPFGhut7xRz8y2ReyahgItIy1k1ifKmFz5J1XLob8QS1okijuJTRknTS8RSrI3CRBcJ715L-8-JQx0-qHtsah2YlHpMYFNrmitunnMqZLz2UfE02_ljFFIL9r4P9VzfhbD3Q3WK1WiLXPYB8WpsMdXWJGLTh65i22J9UtHY6EEnEnTuAJC8nX7EDVBVxWGKhTfOCdcoXIFJkGRtw5hqBgOZa-0eELG7MQqkTXmeoQyOdcKbu7_Pp610O1QxgL7gcWqj2cT7bRs1eTkGYBsEOchE7cLvUstEekJlexQvqPct9S2ER6gpI4W678XSW-oEGsJPOOQW_kBLHzr8-MWagJznt_0ZejAbrI4Q783oY6WtBw-J5g1H50g_FPrEH7nu9OI8NJC15TacWNZc7eMmP0WQV_wQQx4vocEd8lJ9OLy_myO2AUgXEnPFAiRSVs2s-F3y7ll1Dtw4K6L5OmMM0vM3lyiSmAxwBsGMzVy7x1oPewNMdY2CptBRuPyTby7WX_FYQUnANuKwWXiCc-P6ZVUb_m0yDm4Kox9amXi7ZzqiYljDuWzhtx37Cuc3DvCllffk6XyyIFpFZ7QmWPg4OGDAIUQY-TdqMoKkr2Ne_4MKr9CW5_AzAWcFgm3MT-w4tlsvV0HoSXg3Z34Iw2Hpb55runbzN1_qcMrgaLYJDkydQyVf_fUx7S7oLZlHZ6w4g7q6ZzBI93sj2UFEd3Bscwt1OAlYudReckFd5rB5_YTN/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.4.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-4-26.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/ul_cb/content/fBEwV5KhuBvern-KSrQJ5nQedudhzgT9tF-FO35PoYHkMJzVHUv_hQ36OYFW78UKAzZUYwjkxnPwy8AsBI4LFefet7TS7scuPwUr2OL37r5Kn3rZJiBsG23XUQjUb6XgVkzTDanFSZ4mkvfCsdqOigQWkhR6-_0yPTEGzfp0gYoseUvU6Te-PPtNMv01sYpE0DrJTGiUBYqwZ4fxFjDVL-fUrWuoTsJ1ysR4ANEjO0R_FxuQwmHPFGZixpIg_8SaqMckcrvhinAmxf3qNEw80TbfkXtFCB1AOqSIWFM3582qZ-oyolAMiTiXgZcV4_Ak_SDhyQZdnLDjoOXXSj-dqInz73l7UvH6EKBWYgvU3zFMhB5GxhJ_rK3wZtGjMjcmGHk4BzxWGsgT_zLgyzHFyo_rMZ9zxtMhAVA4ZONdMQK1B4yRI_s1iwPFGhut7xRz8y2ReyahgItIy1k1ifKmFz5J1XLob8QS1okijuJTRknTS8RSrI3CRBcJ715L-8-JQx0-qHtsah2YlHpMYFNrmitunnMqZLz2UfE02_ljFFIL9r4P9VzfhbD3Q3WK1WiLXPYB8WpsMdXWJGLTh65i22J9UtHY6EEnEnTuAJC8nX7EDVBVxWGKhTfOCdcoXIFJkGRtw5hqBgOZa-0eELG7MQqkTXmeoQyOdcKbu7_Pp610O1QxgL7gcWqj2cT7bRs1eTkGYBsEOchE7cLvUstEekJlexQvqPct9S2ER6gpI4W678XSW-oEGsJPOOQW_kBLHzr8-MWagJznt_0ZejAbrI4Q783oY6WtBw-J5g1H50g_FPrEH7nu9OI8NJC15TacWNZc7eMmP0WQV_wQQx4vocEd8lJ9OLy_myO2AUgXEnPFAiRSVs2s-F3y7ll1Dtw4K6L5OmMM0vM3lyiSmAxwBsGMzVy7x1oPewNMdY2CptBRuPyTby7WX_FYQUnANuKwWXiCc-P6ZVUb_m0yDm4Kox9amXi7ZzqiYljDuWzhtx37Cuc3DvCllffk6XyyIFpFZ7QmWPg4OGDAIUQY-TdqMoKkr2Ne_4MKr9CW5_AzAWcFgm3MT-w4tlsvV0HoSXg3Z34Iw2Hpb55runbzN1_qcMrgaLYJDkydQyVf_fUx7S7oLZlHZ6w4g7q6ZzBI93sj2UFEd3Bscwt1OAlYudReckFd5rB5_YTN/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:02 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length
43
Content-Type
image/gif
/
servedby.flashtalking.com/imp/1/152991;5602468;201;jsappend;Sportradar;DESportsFeedSportradarAudienceBuy970x90/ Frame 6C43 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servedby.flashtalking.com/imp/1/152991;5602468;201;jsappend;Sportradar;DESportsFeedSportradarAudienceBuy970x90/?ft_c1=&ftOBA=1&ft_domain=ask.fm&ft_ifb=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fask.fm%2F&gdpr=0&gdpr_consent=${GDPR_CONSENT_78}&us_privacy=${US_PRIVACY}&cachebuster=585715.2495397183
Requested by
Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/fBEwV5KhuBvern-KSrQJ5nQedudhzgT9tF-FO35PoYHkMJzVHUv_hQ36OYFW78UKAzZUYwjkxnPwy8AsBI4LFefet7TS7scuPwUr2OL37r5Kn3rZJiBsG23XUQjUb6XgVkzTDanFSZ4mkvfCsdqOigQWkhR6-_0yPTEGzfp0gYoseUvU6Te-PPtNMv01sYpE0DrJTGiUBYqwZ4fxFjDVL-fUrWuoTsJ1ysR4ANEjO0R_FxuQwmHPFGZixpIg_8SaqMckcrvhinAmxf3qNEw80TbfkXtFCB1AOqSIWFM3582qZ-oyolAMiTiXgZcV4_Ak_SDhyQZdnLDjoOXXSj-dqInz73l7UvH6EKBWYgvU3zFMhB5GxhJ_rK3wZtGjMjcmGHk4BzxWGsgT_zLgyzHFyo_rMZ9zxtMhAVA4ZONdMQK1B4yRI_s1iwPFGhut7xRz8y2ReyahgItIy1k1ifKmFz5J1XLob8QS1okijuJTRknTS8RSrI3CRBcJ715L-8-JQx0-qHtsah2YlHpMYFNrmitunnMqZLz2UfE02_ljFFIL9r4P9VzfhbD3Q3WK1WiLXPYB8WpsMdXWJGLTh65i22J9UtHY6EEnEnTuAJC8nX7EDVBVxWGKhTfOCdcoXIFJkGRtw5hqBgOZa-0eELG7MQqkTXmeoQyOdcKbu7_Pp610O1QxgL7gcWqj2cT7bRs1eTkGYBsEOchE7cLvUstEekJlexQvqPct9S2ER6gpI4W678XSW-oEGsJPOOQW_kBLHzr8-MWagJznt_0ZejAbrI4Q783oY6WtBw-J5g1H50g_FPrEH7nu9OI8NJC15TacWNZc7eMmP0WQV_wQQx4vocEd8lJ9OLy_myO2AUgXEnPFAiRSVs2s-F3y7ll1Dtw4K6L5OmMM0vM3lyiSmAxwBsGMzVy7x1oPewNMdY2CptBRuPyTby7WX_FYQUnANuKwWXiCc-P6ZVUb_m0yDm4Kox9amXi7ZzqiYljDuWzhtx37Cuc3DvCllffk6XyyIFpFZ7QmWPg4OGDAIUQY-TdqMoKkr2Ne_4MKr9CW5_AzAWcFgm3MT-w4tlsvV0HoSXg3Z34Iw2Hpb55runbzN1_qcMrgaLYJDkydQyVf_fUx7S7oLZlHZ6w4g7q6ZzBI93sj2UFEd3Bscwt1OAlYudReckFd5rB5_YTN/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip0x013.map2.ssl.hwcdn.net
Software
prod-xre-app18.frk11 /
Resource Hash
ac2ad6c17aac6e0ffc07c191a0c713205c18daf70856307c1a72fbed3858889a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:02 GMT
Server
prod-xre-app18.frk11
X-HW
1631278442.dop216.fr8.t,1631278442.cds266.fr8.shn,1631278442.dop216.fr8.t,1631278442.cds149.fr8.sc,1631278442.cds149.fr8.p
Content-Type
text/javascript
Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Length
1722
Expires
Fri, 01 Jan 1990 00:00:00 GMT
vpaid.min.js
moevideo.biz/embed/player/1707/vpaid/ Frame F15C 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/player/1707/vpaid/vpaid.min.js
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.38 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f7.moevideo.net
Software
nginx /
Resource Hash
3c50e9629fa1a0f26d8a6a017db615c5fc46af69bf4f2e28f6f5e6b05336289e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:02 GMT
Last-Modified
Mon, 30 Aug 2021 11:41:37 GMT
Server
nginx
X-My-Name
s40
ETag
"612cc3f1-1c64"
Content-Type
application/javascript
Content-Length
7268
Connection
keep-alive
Accept-Ranges
bytes
X-My-Reqtime
0.082
viralize_vpaid.min.9026482f.js
static.viralize.tv/ Frame FA80 		61 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.viralize.tv/viralize_vpaid.min.9026482f.js
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:9ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a10d306265feb9fd46afe61797ff3eb234550e49d93624d80212d4761296ce1b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:02 GMT
content-encoding
br
cf-cache-status
HIT
age
86079
x-guploader-uploadid
ADPycdsPuy3OU84YBtahS9TNprZMq2V8Aehs9_qlmBl3Cfj5wjjtiryzL_Lz3NJ8KIJP86xxbOMJM8RUxluY0kLr2KM
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 09 Sep 2021 12:54:55 GMT
server
cloudflare
etag
W/"9026482feeb11a8d20ff2d42d0817333"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=rErZ1Q==, md5=kCZIL+6xGo0g/y1C0IFzMw==
x-goog-generation
1631192095681511
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=2592000
x-goog-stored-content-length
62513
cf-ray
68c8cd787bf65b9e-FRA
expires
Sun, 10 Oct 2021 12:54:02 GMT
j-5602468-3529838.js
cdn.flashtalking.com/xre/560/5602468/3529838/js/ Frame 6C43 		92 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/xre/560/5602468/3529838/js/j-5602468-3529838.js
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/1/152991;5602468;201;jsappend;Sportradar;DESportsFeedSportradarAudienceBuy970x90/?ft_c1=&ftOBA=1&ft_domain=ask.fm&ft_ifb=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fask.fm%2F&gdpr=0&gdpr_consent=${GDPR_CONSENT_78}&us_privacy=${US_PRIVACY}&cachebuster=585715.2495397183
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-140-103.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
0666f491ae4559e1f3861052f7443feed7c344699dc225bb3f5c0660e3086915

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:02 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Sep 2021 05:04:01 GMT
Server
Flashtalking (AKA)
ETag
W/"58dc0e9641c989130c537cb809101e05"
Vary
Accept-Encoding
X-Varnish
153960344
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript; charset=utf-8
Content-Length
23956
Expires
Fri, 10 Sep 2021 13:14:02 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 23D8 		27 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&schain=1.0,1!vidoomy.com,54345,1,1631278441107,,&us_privacy=&cb=1631278441759&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fask.fm%252Fcactussupply519&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fask.fm%252Fcactussupply519&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-9-10%2012:54:2&ranreq=0.6231675790958155&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&schain=1.0,1!vidoomy.com,54345,1,1631278441107,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:02 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://ask.fm
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
context.js
an.yandex.ru/system/ 		292 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/system/context.js
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
f357c45123b16f4074266500339d3378c68262dbaed2b47cc024711213c01db6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
strict-transport-security
max-age=31536000
content-encoding
br
etag
333470993
x-yandex-req-id
1631278442396474-651076980734763412400346-production-app-host-man-pcode-116
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Fri, 10 Sep 2021 13:54:02 GMT
d9core
d9.flashtalking.com/ Frame 6C43 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d9.flashtalking.com/d9core
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/560/5602468/3529838/js/j-5602468-3529838.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.242.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-242-199.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash
b7eadcc5361f1c0638361ecc69600378ddf67317d10d85c1b130f6131f4237b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:02 GMT
Content-Encoding
gzip
Server
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips
ETag
5bc31bf7d4a298e1bef9d35fce222bfc
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin
d9.flashtalking.com
Cache-Control
private, must-revalidate, proxy-revalidate, max-age=172800
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript;charset=utf-8
Content-Length
3601
iframe
c.bannerflow.net/scripts/ Frame 1515 		1 KB
985 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc58&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602468%3B3529838%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/560/5602468/3529838/js/j-5602468-3529838.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
334b0a97ec6bd9277f5e2e9ccee5c95026a43510900d2b3b3ac8d448c8bdf903

Request headers

:method
GET
:authority
c.bannerflow.net
:scheme
https
:path
/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc58&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602468%3B3529838%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://eu.sportradarserving.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/

Response headers

date
Fri, 10 Sep 2021 12:54:02 GMT
content-type
text/html
content-md5
O1ygtjalgtxvBklW+VAa0A==
last-modified
Tue, 12 May 2020 17:45:55 GMT
x-ms-request-id
7cd6d601-e01e-0018-1642-a63241000000
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin
*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
68c8cd78cb6e1f29-FRA
content-encoding
br
score.min.js
js.ad-score.com/ Frame 6C43 		430 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.ad-score.com/score.min.js?pid=1000791&tt=g
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/560/5602468/3529838/js/j-5602468-3529838.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:7800:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
690ffda50762909fb778e25be1d99cd8e908476dfb993c3ecee01f25c4de2236

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 09 Sep 2021 21:25:40 GMT
Content-Encoding
gzip
Age
55702
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Thu, 09 Sep 2021 21:25:40 GMT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Via
1.1 3fd7afcdda21f0b562dfcbf7920c44a1.cloudfront.net (CloudFront)
Cache-Control
public, max-age=86400
Access-Control-Allow-Credentials
true
X-Amz-Cf-Pop
FRA60-P2
Access-Control-Allow-Headers
Cache-Control
X-Amz-Cf-Id
LMuI60YceXMfNW5-rS8A3IHa3GOqM2qySGCGjWTsIulSTgDTKS__OA==
Expires
Fri, 10 Sep 2021 21:25:40 GMT
moatad.js
z.moatads.com/betwayglobalftdisplay906661272790/ Frame 6C43 		297 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/betwayglobalftdisplay906661272790/moatad.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/560/5602468/3529838/js/j-5602468-3529838.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-57.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b813529904299f779a45fa707fdc40c9e883fc265bc18e93f7924281398a4d11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:02 GMT
content-encoding
gzip
last-modified
Tue, 31 Aug 2021 14:32:14 GMT
server
AmazonS3
x-amz-request-id
G4H9P3BSTDHDPHB1
etag
"70a7cb2647fea7905e9e4ca0a7358d18"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=41741
accept-ranges
bytes
content-length
102973
x-amz-id-2
LbLNqdDQ13nw4FANaAtm8u/86VIM5X4HC/rlDtgfwHF7sdNeXKng3qlf5+0iTFjwRAJKPAiCyQ8=
iconc.png
secure.flashtalking.com/oba/icon/ Frame 6C43 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.flashtalking.com/oba/icon/iconc.png?EDAA_icon=y
Requested by
Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/fBEwV5KhuBvern-KSrQJ5nQedudhzgT9tF-FO35PoYHkMJzVHUv_hQ36OYFW78UKAzZUYwjkxnPwy8AsBI4LFefet7TS7scuPwUr2OL37r5Kn3rZJiBsG23XUQjUb6XgVkzTDanFSZ4mkvfCsdqOigQWkhR6-_0yPTEGzfp0gYoseUvU6Te-PPtNMv01sYpE0DrJTGiUBYqwZ4fxFjDVL-fUrWuoTsJ1ysR4ANEjO0R_FxuQwmHPFGZixpIg_8SaqMckcrvhinAmxf3qNEw80TbfkXtFCB1AOqSIWFM3582qZ-oyolAMiTiXgZcV4_Ak_SDhyQZdnLDjoOXXSj-dqInz73l7UvH6EKBWYgvU3zFMhB5GxhJ_rK3wZtGjMjcmGHk4BzxWGsgT_zLgyzHFyo_rMZ9zxtMhAVA4ZONdMQK1B4yRI_s1iwPFGhut7xRz8y2ReyahgItIy1k1ifKmFz5J1XLob8QS1okijuJTRknTS8RSrI3CRBcJ715L-8-JQx0-qHtsah2YlHpMYFNrmitunnMqZLz2UfE02_ljFFIL9r4P9VzfhbD3Q3WK1WiLXPYB8WpsMdXWJGLTh65i22J9UtHY6EEnEnTuAJC8nX7EDVBVxWGKhTfOCdcoXIFJkGRtw5hqBgOZa-0eELG7MQqkTXmeoQyOdcKbu7_Pp610O1QxgL7gcWqj2cT7bRs1eTkGYBsEOchE7cLvUstEekJlexQvqPct9S2ER6gpI4W678XSW-oEGsJPOOQW_kBLHzr8-MWagJznt_0ZejAbrI4Q783oY6WtBw-J5g1H50g_FPrEH7nu9OI8NJC15TacWNZc7eMmP0WQV_wQQx4vocEd8lJ9OLy_myO2AUgXEnPFAiRSVs2s-F3y7ll1Dtw4K6L5OmMM0vM3lyiSmAxwBsGMzVy7x1oPewNMdY2CptBRuPyTby7WX_FYQUnANuKwWXiCc-P6ZVUb_m0yDm4Kox9amXi7ZzqiYljDuWzhtx37Cuc3DvCllffk6XyyIFpFZ7QmWPg4OGDAIUQY-TdqMoKkr2Ne_4MKr9CW5_AzAWcFgm3MT-w4tlsvV0HoSXg3Z34Iw2Hpb55runbzN1_qcMrgaLYJDkydQyVf_fUx7S7oLZlHZ6w4g7q6ZzBI93sj2UFEd3Bscwt1OAlYudReckFd5rB5_YTN/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-140-103.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:02 GMT
Last-Modified
Sat, 12 Apr 2014 19:14:32 GMT
Server
Flashtalking (AKA)
ETag
W/"db320ef6f3c45ab5c90887ef618de2bb"
X-Varnish
561592233 535945524
Cache-Control
max-age=339098
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
1308
Expires
Tue, 14 Sep 2021 11:05:40 GMT
/
sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/js/ 		2 KB
826 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/js/?r=78263940886
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.79.223 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.223.79.119.168.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
c81d385094258a16ed73e19cfef6b5ddd91ffcd692474281cc7b73b95f71a545

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:02 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
ac
www8.smartadserver.com/ 		16 B
320 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www8.smartadserver.com/ac?pgid=692816&insid=5733718&tmstp=9830544765&out=js
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
efded6408c7e64cd48c00b10bdd63b79539c5bb13a396b9f3773f71fe2d5a606

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:01 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
transfer-encoding
chunked
content-type
application/javascript; charset=UTF-8
/
c1.adform.net/serving/cookie/match/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=d5da3dddbeac10ccacfb4cf2f9574b1&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g098_7006287559060276834
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZDVkYTNkZGRiZWFjMTBjY2FjZmI0Y2YyZjk1NzRiMQ==&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEJeZ0pWiNkxAow2z-XDBUAc&google_cver=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=41ea13fe-0ad5-4532-a924-7a4ded1cc58a
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/d5da3dddbeac10ccacfb4cf2f9574b1&gdpr=0&gdpr_consent=?
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-aSlYOchE2oP7KmKlUrr5.0kCjzyNlxaIPNz2F9lx~A
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=79558216986088634
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=5dd5613b-5569-4400-ac7a-833d3c1373c2&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=W6couTJp1MoG2D5&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAANuE7CdqsAAHjauSmkrA&gdpr=0
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YTtVagAAAmZurQA6&gdpr=0
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0
0
0
pandg-sdk.js
pghub.io/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pghub.io/js/pandg-sdk.js
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
217.45.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
443d41c905362e5073c79212ec86c5f69ddcfbc38f5530c6409b73c604e74259

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:38:09 GMT
content-encoding
gzip
age
953
x-guploader-uploadid
ADPycdvSvCrDGLtj2IvAOytkuZCFnrq8xl4xMkIZKbcnZL36JwA2mjS8CmSMMkMvvqeVJJTKrvQAmzR8PuIkJkQaZQc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1482
last-modified
Wed, 07 Apr 2021 18:40:01 GMT
server
UploadServer
etag
"dd7e4933d35d1a7cb610442e9bea8b94"
vary
Accept-Encoding
x-goog-hash
crc32c=dtXWGA==, md5=3X5JM9NdGny2EEQum+qLlA==
x-goog-generation
1617820801121016
cache-control
public,max-age=3600
x-goog-stored-content-length
1482
accept-ranges
bytes
content-type
application/javascript
/
ads.viralize.tv/player/ Frame FA80 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.viralize.tv/player/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fask.fm&cbb=1278441735&sid=01ec12362c063514b82413aa72e16a51&ahd=1&enable_branding=0&player_session=%7B%22page_id%22%3A%22017bcfc5a773ab8e49739c8907c70f0%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22width%22%3A432%2C%22height%22%3A243%7D%7D&pub_platform=&dd=ask.fm&sc=1&gdpr=1&cs=&cmp=unavailable
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.9026482f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
befa7b6730402428d9818130a434450cbc8feed9777728920c535ff7a919b419

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:02 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
raven.min.js
cdn.ravenjs.com/3.17.0/ Frame D13B 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ravenjs.com/3.17.0/raven.min.js
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.9026482f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:02 GMT
content-encoding
gzip
last-modified
Thu, 13 Jul 2017 16:58:06 GMT
server
Fastly
age
45469
etag
"51d6eff0ea5151f41fa0e2f3310fc7c7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
9634
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.1/ Frame D13B 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.1/jquery.min.js
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.9026482f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 11:02:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
438671
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34056
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 05 Sep 2022 11:02:51 GMT
polyfill.min.js
polyfill.io/v3/ Frame D13B 		101 B
574 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es5,es6,es7&flags=gated
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.9026482f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:800::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
069a660398be8db8f9b6d8dad3f052d9a061b697b5354c24784c62d3df0a82f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
4965799
detected-user-agent
Chrome Mobile/89.0.4389
server-timing
HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=1
content-length
89
referrer-policy
origin-when-cross-origin
last-modified
Wed, 14 Jul 2021 15:46:48 GMT
date
Fri, 10 Sep 2021 12:54:02 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/89.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame D13B 		346 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.9026482f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe08c3a5fd2d4a0c5a4f33864bbb3bddc095f87d1aba54a588163f3370b33ff4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121963
x-xss-protection
0
expires
Fri, 10 Sep 2021 12:54:02 GMT
viralize_player.min.2f311be9.js
static.viralize.tv/ Frame D13B 		732 KB
214 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.viralize.tv/viralize_player.min.2f311be9.js
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.9026482f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:9ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5619551e2524d1359a848586c661da0966af70c18495b796b7ca40574aa0266

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:02 GMT
content-encoding
br
cf-cache-status
HIT
age
15729
x-guploader-uploadid
ADPycdv4EsVbsL9jusn-Z7OBG5nCmeljGq2ZNYIh96KJUvJOBAup6hpRTj0BGBiwFezQLGZtfdGeJOy4GQ5kR33x7nxlw1iq8g
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 10 Sep 2021 08:27:29 GMT
server
cloudflare
etag
W/"2f311be9e78c3c47a2ec282977e5c195"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=AgaRLg==, md5=LzEb6eeMPEei7Cgpd+XBlQ==
x-goog-generation
1631262449864973
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=2592000
x-goog-stored-content-length
750059
cf-ray
68c8cd7ab91a5b9e-FRA
expires
Sun, 10 Oct 2021 12:54:02 GMT
tag
pandg.tapad.com/ Frame 648F 		174 B
665 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pandg.tapad.com/tag?gdpr=0&gdpr_consent=&referrer_url=&page_url=https%3A%2F%2Fask.fm%2Fcactussupply519&owner=P%26G&bp_id=showheroes&data=%7B%7D
Requested by
Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
2a4244440a81878c0db4fbd16363fa8ff53cd48eca1b6732d761644a5a4a7120
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pandg.tapad.com
:scheme
https
:path
/tag?gdpr=0&gdpr_consent=&referrer_url=&page_url=https%3A%2F%2Fask.fm%2Fcactussupply519&owner=P%26G&bp_id=showheroes&data=%7B%7D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ask.fm/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

date
Fri, 10 Sep 2021 12:54:02 GMT
strict-transport-security
max-age=31536000
content-security-policy-report-only
default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
content-type
text/html;charset=utf-8
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie
TapAd_TS=1631278442452;Expires=Tue, 09 Nov 2021 12:54:02 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=21e2c742-253f-44e5-bb00-c0014c2404bf;Expires=Tue, 09 Nov 2021 12:54:02 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
content-length
174
via
1.1 google
alt-svc
clear
pixel.gif
px.moatads.com/ Frame 6C43 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=BETWAY_GLOBAL_FT_DISPLAY1&hp=1&ra=1&pxm=&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fask.fm&lp=https%3A%2F%2Fask.fm&t=1631278442420&de=452662085407&m=0&ar=503c7d4-clean&iw=85d6c64&q=2&cb=0&ym=0&cu=1631278442420&ll=2&lm=3&ln=1&em=0&en=0&d=152991%3A17602%3A5602468%3A3529838&zMoatMMStrategy=-&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fask.fm%2F&id=0&ii=9&bo=ask.fm&bd=ask.fm&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=betwayglobalftdisplay906661272790&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A373%3A373%3A0%3A125&fs=194337&na=1201677256&cs=0
Requested by
Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/fBEwV5KhuBvern-KSrQJ5nQedudhzgT9tF-FO35PoYHkMJzVHUv_hQ36OYFW78UKAzZUYwjkxnPwy8AsBI4LFefet7TS7scuPwUr2OL37r5Kn3rZJiBsG23XUQjUb6XgVkzTDanFSZ4mkvfCsdqOigQWkhR6-_0yPTEGzfp0gYoseUvU6Te-PPtNMv01sYpE0DrJTGiUBYqwZ4fxFjDVL-fUrWuoTsJ1ysR4ANEjO0R_FxuQwmHPFGZixpIg_8SaqMckcrvhinAmxf3qNEw80TbfkXtFCB1AOqSIWFM3582qZ-oyolAMiTiXgZcV4_Ak_SDhyQZdnLDjoOXXSj-dqInz73l7UvH6EKBWYgvU3zFMhB5GxhJ_rK3wZtGjMjcmGHk4BzxWGsgT_zLgyzHFyo_rMZ9zxtMhAVA4ZONdMQK1B4yRI_s1iwPFGhut7xRz8y2ReyahgItIy1k1ifKmFz5J1XLob8QS1okijuJTRknTS8RSrI3CRBcJ715L-8-JQx0-qHtsah2YlHpMYFNrmitunnMqZLz2UfE02_ljFFIL9r4P9VzfhbD3Q3WK1WiLXPYB8WpsMdXWJGLTh65i22J9UtHY6EEnEnTuAJC8nX7EDVBVxWGKhTfOCdcoXIFJkGRtw5hqBgOZa-0eELG7MQqkTXmeoQyOdcKbu7_Pp610O1QxgL7gcWqj2cT7bRs1eTkGYBsEOchE7cLvUstEekJlexQvqPct9S2ER6gpI4W678XSW-oEGsJPOOQW_kBLHzr8-MWagJznt_0ZejAbrI4Q783oY6WtBw-J5g1H50g_FPrEH7nu9OI8NJC15TacWNZc7eMmP0WQV_wQQx4vocEd8lJ9OLy_myO2AUgXEnPFAiRSVs2s-F3y7ll1Dtw4K6L5OmMM0vM3lyiSmAxwBsGMzVy7x1oPewNMdY2CptBRuPyTby7WX_FYQUnANuKwWXiCc-P6ZVUb_m0yDm4Kox9amXi7ZzqiYljDuWzhtx37Cuc3DvCllffk6XyyIFpFZ7QmWPg4OGDAIUQY-TdqMoKkr2Ne_4MKr9CW5_AzAWcFgm3MT-w4tlsvV0HoSXg3Z34Iw2Hpb55runbzN1_qcMrgaLYJDkydQyVf_fUx7S7oLZlHZ6w4g7q6ZzBI93sj2UFEd3Bscwt1OAlYudReckFd5rB5_YTN/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:02 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 10 Sep 2021 12:54:02 GMT
610a76f4256010b5f790cc58
c.bannerflow.net/a/ Frame 1515 		58 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/a/610a76f4256010b5f790cc58?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc58&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602468%3B3529838%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc58&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602468%3B3529838%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
288f53c9b416b02149af1d4a1e80a6cb7dd255742206b2ce59b8abce5b21692a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc58&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602468%3B3529838%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:02 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cf-ray
68c8cd79bcec1f29-FRA
link
<https://c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/published/966809/1214684/preload.jpg>; rel=preload; as=image
request-context
appId=cid-v1:8ccc0d93-c9cf-4965-a9de-1823f9df557e
i
vid-io-cle.springserve.com/vd/ Frame 805C 		0
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=56386aa4&ps_id=487310&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_44854a27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.12.29.116 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-12-29-116.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 12:54:02 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
track
aktrack.pubmatic.com/ Frame 805C 		0
0
Cookie set vpaid
moevideo.biz/embed/ Frame DB5C 		32 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/vpaid?token=iwT643WdNLW1YlIMGmBJS6htTCuxc3QK9RbD8jx0B7A57pbL7CfUD%2BYcsHH4Y%2FOw&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fcactussupply519&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/vpaid/vpaid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.38 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f7.moevideo.net
Software
nginx / PHP/5.5.38
Resource Hash
fd43f942f86285972e1a851578ace2d1fa6076aa6dea6f6067e7f523779743f5

Request headers

Host
moevideo.biz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ask.fm/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

Server
nginx
Date
Fri, 10 Sep 2021 12:54:02 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.5.38
Set-Cookie
mvuid=2aeac8bf8f14ce5af194;expires=Sat, 10-Sep-2022 15:54:02 GMT;Max-Age=31536000;path=/;SameSite=None mvsid=453ade90-9011-4880-943e-928572e7e4e8;path=/;SameSite=None
X-My-Adv-Time
0.00251293182373
Expires
Thu, 19 Feb 1998 13:24:18 GMT
Last-Modified
Fri, 10 Sep 2021 12:54:02 GMT
Cache-Control
max-age=0
Pragma
no-cache
X-Mv-TryCache
0
X-My-App-Time
0.01
X-Mv-Embed-Version
1373
X-My-Name
s35
X-My-Reqtime
0.105
Content-Encoding
gzip
cors
data.ad-score.com/data/ Frame 6C43 		60 B
615 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=RSQGGJYfEXmupzWoXrNmEpEveIZlFxPQ-FE7fPshldVrqKDwc0HLJEULAPg==-E0zCPc9laVXmNg==&pm_ct=c4db0bb0f08bd7294afabbba&pm_pl=1631278442625&pm_td=13&pid=1000791&en=1.1&callback=__pm_glbl_eV2OWD47z32DMOckkBATKNMu._gc1&tt=g&v=01ec985
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000791&tt=g
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
258f64bee111668968010bcbfc6282820dd36a703868d81839c9930dc82d4e1c

Request headers

Referer
https://eu.sportradarserving.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:03 GMT
Age
0
Access-Control-Allow-Methods
POST
P3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin
https://eu.sportradarserving.com
Cache-Control
post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
60
truncated
/ Frame 513E 		266 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 6C43 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
preload.jpg
c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/published/966809/1214684/ Frame 1515 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/published/966809/1214684/preload.jpg
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc58&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602468%3B3529838%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed16e1f9f8ee4b45970f8af91c65e1ef9434319912b06a0fc3471edddae3d062

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc58&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602468%3B3529838%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 Sep 2021 12:54:02 GMT
cf-cache-status
HIT
age
2684024
content-length
7497
x-ms-lease-status
unlocked
last-modified
Tue, 10 Aug 2021 11:20:06 GMT
server
cloudflare
etag
0x8D95BF0CE69B66B
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
0a65c714-f01e-0049-70d9-8dafcd000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
68c8cd7b8fa51f29-FRA
cf-bgj
h2pri
consumer-privacy-logo.png
secure.flashtalking.com/oba/icon/ Frame 6C43 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
Requested by
Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/fBEwV5KhuBvern-KSrQJ5nQedudhzgT9tF-FO35PoYHkMJzVHUv_hQ36OYFW78UKAzZUYwjkxnPwy8AsBI4LFefet7TS7scuPwUr2OL37r5Kn3rZJiBsG23XUQjUb6XgVkzTDanFSZ4mkvfCsdqOigQWkhR6-_0yPTEGzfp0gYoseUvU6Te-PPtNMv01sYpE0DrJTGiUBYqwZ4fxFjDVL-fUrWuoTsJ1ysR4ANEjO0R_FxuQwmHPFGZixpIg_8SaqMckcrvhinAmxf3qNEw80TbfkXtFCB1AOqSIWFM3582qZ-oyolAMiTiXgZcV4_Ak_SDhyQZdnLDjoOXXSj-dqInz73l7UvH6EKBWYgvU3zFMhB5GxhJ_rK3wZtGjMjcmGHk4BzxWGsgT_zLgyzHFyo_rMZ9zxtMhAVA4ZONdMQK1B4yRI_s1iwPFGhut7xRz8y2ReyahgItIy1k1ifKmFz5J1XLob8QS1okijuJTRknTS8RSrI3CRBcJ715L-8-JQx0-qHtsah2YlHpMYFNrmitunnMqZLz2UfE02_ljFFIL9r4P9VzfhbD3Q3WK1WiLXPYB8WpsMdXWJGLTh65i22J9UtHY6EEnEnTuAJC8nX7EDVBVxWGKhTfOCdcoXIFJkGRtw5hqBgOZa-0eELG7MQqkTXmeoQyOdcKbu7_Pp610O1QxgL7gcWqj2cT7bRs1eTkGYBsEOchE7cLvUstEekJlexQvqPct9S2ER6gpI4W678XSW-oEGsJPOOQW_kBLHzr8-MWagJznt_0ZejAbrI4Q783oY6WtBw-J5g1H50g_FPrEH7nu9OI8NJC15TacWNZc7eMmP0WQV_wQQx4vocEd8lJ9OLy_myO2AUgXEnPFAiRSVs2s-F3y7ll1Dtw4K6L5OmMM0vM3lyiSmAxwBsGMzVy7x1oPewNMdY2CptBRuPyTby7WX_FYQUnANuKwWXiCc-P6ZVUb_m0yDm4Kox9amXi7ZzqiYljDuWzhtx37Cuc3DvCllffk6XyyIFpFZ7QmWPg4OGDAIUQY-TdqMoKkr2Ne_4MKr9CW5_AzAWcFgm3MT-w4tlsvV0HoSXg3Z34Iw2Hpb55runbzN1_qcMrgaLYJDkydQyVf_fUx7S7oLZlHZ6w4g7q6ZzBI93sj2UFEd3Bscwt1OAlYudReckFd5rB5_YTN/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-140-103.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:02 GMT
Last-Modified
Thu, 11 Feb 2021 15:39:51 GMT
Server
Flashtalking (AKA)
ETag
W/"d675694ab4d4d2eb56cca854c25d9c36"
X-Varnish
122419651 121928791
Cache-Control
max-age=1158
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
5953
Expires
Fri, 10 Sep 2021 13:13:20 GMT
0150ffea-9a45-4097-a444-ed43a1508d1a
https://eu.sportradarserving.com/ Frame 6C43 		720 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://eu.sportradarserving.com/0150ffea-9a45-4097-a444-ed43a1508d1a
Requested by
Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/fBEwV5KhuBvern-KSrQJ5nQedudhzgT9tF-FO35PoYHkMJzVHUv_hQ36OYFW78UKAzZUYwjkxnPwy8AsBI4LFefet7TS7scuPwUr2OL37r5Kn3rZJiBsG23XUQjUb6XgVkzTDanFSZ4mkvfCsdqOigQWkhR6-_0yPTEGzfp0gYoseUvU6Te-PPtNMv01sYpE0DrJTGiUBYqwZ4fxFjDVL-fUrWuoTsJ1ysR4ANEjO0R_FxuQwmHPFGZixpIg_8SaqMckcrvhinAmxf3qNEw80TbfkXtFCB1AOqSIWFM3582qZ-oyolAMiTiXgZcV4_Ak_SDhyQZdnLDjoOXXSj-dqInz73l7UvH6EKBWYgvU3zFMhB5GxhJ_rK3wZtGjMjcmGHk4BzxWGsgT_zLgyzHFyo_rMZ9zxtMhAVA4ZONdMQK1B4yRI_s1iwPFGhut7xRz8y2ReyahgItIy1k1ifKmFz5J1XLob8QS1okijuJTRknTS8RSrI3CRBcJ715L-8-JQx0-qHtsah2YlHpMYFNrmitunnMqZLz2UfE02_ljFFIL9r4P9VzfhbD3Q3WK1WiLXPYB8WpsMdXWJGLTh65i22J9UtHY6EEnEnTuAJC8nX7EDVBVxWGKhTfOCdcoXIFJkGRtw5hqBgOZa-0eELG7MQqkTXmeoQyOdcKbu7_Pp610O1QxgL7gcWqj2cT7bRs1eTkGYBsEOchE7cLvUstEekJlexQvqPct9S2ER6gpI4W678XSW-oEGsJPOOQW_kBLHzr8-MWagJznt_0ZejAbrI4Q783oY6WtBw-J5g1H50g_FPrEH7nu9OI8NJC15TacWNZc7eMmP0WQV_wQQx4vocEd8lJ9OLy_myO2AUgXEnPFAiRSVs2s-F3y7ll1Dtw4K6L5OmMM0vM3lyiSmAxwBsGMzVy7x1oPewNMdY2CptBRuPyTby7WX_FYQUnANuKwWXiCc-P6ZVUb_m0yDm4Kox9amXi7ZzqiYljDuWzhtx37Cuc3DvCllffk6XyyIFpFZ7QmWPg4OGDAIUQY-TdqMoKkr2Ne_4MKr9CW5_AzAWcFgm3MT-w4tlsvV0HoSXg3Z34Iw2Hpb55runbzN1_qcMrgaLYJDkydQyVf_fUx7S7oLZlHZ6w4g7q6ZzBI93sj2UFEd3Bscwt1OAlYudReckFd5rB5_YTN/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
720
Content-Type
application/javascript
cors
data.ad-score.com/data/ Frame 6C43 		1 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=RSQGGJYfEXmupzWoXrNmEpEveIZlFxPQ-FE7fPshldVrqKDwc0HLJEULAPg==-E0zCPc9laVXmNg==&pm_ct=c4db0bb0f08bd7294afabbba&pm_pl=1631278442625&pm_td=228&pid=1000791&en=1.1&callback=__pm_glbl_eV2OWD47z32DMOckkBATKNMu._gc2&tt=g&v=01ec985
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000791&tt=g
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://eu.sportradarserving.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://eu.sportradarserving.com
Date
Fri, 10 Sep 2021 12:54:03 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
truncated
/ Frame 6C43 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
polyfill.min.js
polyfill.io/v3/ Frame D13B 		101 B
137 B 		Other
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es5,es6,es7&flags=gated
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:800::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
069a660398be8db8f9b6d8dad3f052d9a061b697b5354c24784c62d3df0a82f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
4965800
detected-user-agent
Chrome Mobile/89.0.4389
server-timing
HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=1
content-length
89
referrer-policy
origin-when-cross-origin
last-modified
Wed, 14 Jul 2021 15:46:48 GMT
date
Fri, 10 Sep 2021 12:54:02 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/89.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
pixel.gif
px.moatads.com/ Frame 6C43 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fc.bannerflow.net%2Fscripts%2Fiframe%3Fdid%3D5dc013805badb900016a47c1%26deeplink%3Don%26a%3D610a76f4256010b5f790cc58%26redirecturl%3Dhttp%253A%252F%252Fservedby.flashtalking.com%252Fclick%252F1%252F152991%253B5602468%253B3529838%253B211%253B0%253Furl%253Dhttps%253A%252F%252Fbetway.de%252Fbwp%252Fsports-welcome-mr-instinkt-soccer-de%252Fde-de%252F%253Fs%253Dbw213892%2526a%253DDDR3259481681987463%2526utm_medium%253Ddisplay%2526utm_source%253DSportradar%2526utm_campaign%253DFeed%2526utm_content%253DAlwaysOn&i=BETWAY_GLOBAL_FT_DISPLAY1&ol=1058780619&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%3AxkrG%3D01%60%3CY%24d!K%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-R2Yyp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&sc=1&os=1-gw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=970&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fask.fm%2F&id=0&ii=9&f=1&j=https%3A%2F%2Fask.fm&lp=https%3A%2F%2Fask.fm&t=1631278442420&de=452662085407&cu=1631278442420&m=82&ar=503c7d4-clean&iw=85d6c64&cb=0&ym=0&ll=2&lm=3&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A373%3A373%3A0%3A125&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=60&cd=0&ah=60&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=152991%3A17602%3A5602468%3A3529838&bo=ask.fm&bd=ask.fm&gw=betwayglobalftdisplay906661272790&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMMStrategy=-&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=194337&na=779125559&cs=0
Requested by
Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/fBEwV5KhuBvern-KSrQJ5nQedudhzgT9tF-FO35PoYHkMJzVHUv_hQ36OYFW78UKAzZUYwjkxnPwy8AsBI4LFefet7TS7scuPwUr2OL37r5Kn3rZJiBsG23XUQjUb6XgVkzTDanFSZ4mkvfCsdqOigQWkhR6-_0yPTEGzfp0gYoseUvU6Te-PPtNMv01sYpE0DrJTGiUBYqwZ4fxFjDVL-fUrWuoTsJ1ysR4ANEjO0R_FxuQwmHPFGZixpIg_8SaqMckcrvhinAmxf3qNEw80TbfkXtFCB1AOqSIWFM3582qZ-oyolAMiTiXgZcV4_Ak_SDhyQZdnLDjoOXXSj-dqInz73l7UvH6EKBWYgvU3zFMhB5GxhJ_rK3wZtGjMjcmGHk4BzxWGsgT_zLgyzHFyo_rMZ9zxtMhAVA4ZONdMQK1B4yRI_s1iwPFGhut7xRz8y2ReyahgItIy1k1ifKmFz5J1XLob8QS1okijuJTRknTS8RSrI3CRBcJ715L-8-JQx0-qHtsah2YlHpMYFNrmitunnMqZLz2UfE02_ljFFIL9r4P9VzfhbD3Q3WK1WiLXPYB8WpsMdXWJGLTh65i22J9UtHY6EEnEnTuAJC8nX7EDVBVxWGKhTfOCdcoXIFJkGRtw5hqBgOZa-0eELG7MQqkTXmeoQyOdcKbu7_Pp610O1QxgL7gcWqj2cT7bRs1eTkGYBsEOchE7cLvUstEekJlexQvqPct9S2ER6gpI4W678XSW-oEGsJPOOQW_kBLHzr8-MWagJznt_0ZejAbrI4Q783oY6WtBw-J5g1H50g_FPrEH7nu9OI8NJC15TacWNZc7eMmP0WQV_wQQx4vocEd8lJ9OLy_myO2AUgXEnPFAiRSVs2s-F3y7ll1Dtw4K6L5OmMM0vM3lyiSmAxwBsGMzVy7x1oPewNMdY2CptBRuPyTby7WX_FYQUnANuKwWXiCc-P6ZVUb_m0yDm4Kox9amXi7ZzqiYljDuWzhtx37Cuc3DvCllffk6XyyIFpFZ7QmWPg4OGDAIUQY-TdqMoKkr2Ne_4MKr9CW5_AzAWcFgm3MT-w4tlsvV0HoSXg3Z34Iw2Hpb55runbzN1_qcMrgaLYJDkydQyVf_fUx7S7oLZlHZ6w4g7q6ZzBI93sj2UFEd3Bscwt1OAlYudReckFd5rB5_YTN/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:02 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 10 Sep 2021 12:54:02 GMT
661657f2759065c08f43.js
yastatic.net/partner-code-bundles/43447/ 		80 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/43447/661657f2759065c08f43.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
aa1cfed1a9a07ce73fe93c1ba6d474db5fb4dc2081f8bd94444be5204e632d60
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:02 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
17390
last-modified
Thu, 09 Sep 2021 15:27:42 GMT
server
nginx/1.17.9
etag
"fde3677e085e823ea6fbb39e86bc6e32"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Sep 2051 19:26:27 GMT
host.js
yastatic.net/safeframe-bundles/0.82/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.82/host.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
10c861bc88c25be1f3ee98f7652bc7fbb35857f42f923e00c6037b757c77685e
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:02 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8879
last-modified
Mon, 28 Jun 2021 10:29:24 GMT
server
nginx/1.17.9
etag
"e4627697ff619d2b610d2b2fee975531"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Sep 2051 19:29:30 GMT
c8872c8d73888e78c628.js
yastatic.net/partner-code-bundles/43447/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/43447/c8872c8d73888e78c628.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
81e882f9dcaa9b198ce6f04005a11caec7d8b7a10d14a6ebe223b0135193cc4e
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:02 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
4459
last-modified
Thu, 09 Sep 2021 15:27:42 GMT
server
nginx/1.17.9
etag
"52ab83ff0ad5f917cd247e6d8a3bdc14"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Sep 2051 19:26:50 GMT
8b06666274b4aae5804c.js
yastatic.net/partner-code-bundles/43447/ 		1 MB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/43447/8b06666274b4aae5804c.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
334631bba8f046f05e088386fda836476680cdb8920919dd666879c905e40fba
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:02 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
206588
last-modified
Thu, 09 Sep 2021 15:27:42 GMT
server
nginx/1.17.9
etag
"964f1a92586d767a3f54d4a8940e4a7d"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Sep 2051 19:27:00 GMT
d568138d5d0a99ddb429.js
yastatic.net/partner-code-bundles/43447/ 		337 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/43447/d568138d5d0a99ddb429.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
82da2ddb7612ff4bffd6abc5f89684ffac5604f451f128d35f1ddbba5f2e20b4
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:02 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
62611
last-modified
Thu, 09 Sep 2021 15:27:42 GMT
server
nginx/1.17.9
etag
"65bfdd56768ae11dd43f471d1127f8d5"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Sep 2051 19:27:00 GMT
lgc
d9.flashtalking.com/ Frame 6C43 		103 B
747 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d9.flashtalking.com/lgc
Requested by
Host: d9.flashtalking.com
URL: https://d9.flashtalking.com/d9core
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.242.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-242-199.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash
846b194e92a819c14244a0293f1e3c0b135d1f942db64462258dc669f695b29f

Request headers

Referer
https://eu.sportradarserving.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Fri, 10 Sep 2021 12:54:01 GMT
Content-Encoding
gzip
Server
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin
https://eu.sportradarserving.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=ISO-8859-1
Content-Length
79
advast
ice.360yield.com/ Frame D13B 		27 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/advast?p=22424681&w=16&h=9&minduration=1&maxduration=60&player_width=432&player_height=243&referrer=https%3A%2F%2Fask.fm&gdpr=&vast_version=3&vpaid_version=2&video_format_type=instream&schain=1.0,1!viralize.com,4704,1,,,
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.206.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-206-125.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 12:54:03 GMT
access-control-allow-credentials
true
content-type
application/xml; charset=UTF-8
content-length
27
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
ads.viralize.tv/t-bid-opportunity/ Frame D13B 		0
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ec12362c063514b82413aa72e16a51&item=YWRuXzU4ODWl2fkMABKEIg%3D%3D.1.wp1sc1
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:02 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 12:54:03 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame 62AD 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 12:54:03 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
cors
data.ad-score.com/data/ Frame 6C43 		1 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=RSQGGJYfEXmupzWoXrNmEpEveIZlFxPQ-FE7fPshldVrqKDwc0HLJEULAPg==-E0zCPc9laVXmNg==&pm_ct=c4db0bb0f08bd7294afabbba&pm_pl=1631278442625&pm_td=364&pid=1000791&en=1.1&callback=__pm_glbl_eV2OWD47z32DMOckkBATKNMu._gc3&tt=g&v=01ec985
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000791&tt=g
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://eu.sportradarserving.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://eu.sportradarserving.com
Date
Fri, 10 Sep 2021 12:54:03 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
1
mc.yandex.com/watch/48953915/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/48953915/1?page-url=https%3A%2F%2Fask.fm%2Fcactussupply519&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A1%3Adp%3A1%3Als%3A604330922601%3Ahid%3A668703111%3Az%3A0%3Ai%3A202109010125402%3Aet%3A1631278443%3Ac%3A1%3Arn%3A515110991%3Arqn%3A2%3Au%3A1631278440708263106%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1631278439185%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1767%2C1767%2C13%2C%3Adsn%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1767%2C1767%2C13%2C%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1631278443
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:03 GMT
last-modified
Fri, 10-Sep-2021 12:54:03 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 10-Sep-2021 12:54:03 GMT
652294
an.yandex.ru/meta/ 		219 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/meta/652294?grab=dGxhd3NvbnNwZW5jZXIxOTggKEBjYWN0dXNzdXBwbHk1MTkpIOKAkyBGcmFnIG1pY2ggYWxsZXMgfCBBU0tm&target-ref=https%3A%2F%2Fask.fm%2Fcactussupply519&charset=utf-8&pcode-test-ids=415665%2C0%2C41%3B411839%2C0%2C81%3B413059%2C0%2C73%3B416749%2C0%2C46%3B400734%2C0%2C34%3B416575%2C0%2C65&pcode-flags-map=%7B%22FEATURE_TOGGLE_FLAG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22386182%22%7D%5D%2C%22UNILOADER_BLACKLIST_RE%22%3A%5B%7B%22value%22%3A%5B%22secretmag.ru%22%2C%22passion.ru%22%2C%22rambler.ru%22%2C%22moslenta.ru%22%2C%22lenta.ru%22%2C%22letidor.ru%22%2C%22gazeta.ru%22%2C%22eda.ru%22%2C%22championat.com%22%2C%22motor.ru%22%2C%22afisha.ru%22%2C%22wmj.ru%22%2C%22quto.ru%22%2C%22livejournal.com%22%2C%22ferra.ru%22%5D%2C%22testId%22%3A%22391067%22%7D%5D%2C%22YANDEX_RU_DOMAIN%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22415665%22%7D%5D%2C%22VISIBILITY_SLOT_NODE%22%3A%5B%7B%22value%22%3A%22containerNode%22%2C%22testId%22%3A%22411839%22%7D%5D%2C%22ADSDK_FIXED_VER%22%3A%5B%7B%22value%22%3A408121%2C%22testId%22%3A%22411839%22%7D%5D%2C%22COMBO_NEW_DESIGN%22%3A%5B%7B%22value%22%3A%22whiteBlur%22%2C%22testId%22%3A%22411839%22%7D%5D%2C%22SMART_BANNER_INDICATOR_CLICKS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22413059%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22416749%22%7D%5D%2C%22ZEN_FORMAT_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22USE_PUNY_DOMAIN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22416749%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22416749%22%7D%5D%2C%22ZEN_REDESIGN_TOUCH_CARD%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22FIX_IMAGES_CALCULATIONS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22GLOBAL_SIZE_INFO%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22400734%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2243447%22%2C%22testId%22%3A%22416575%22%7D%5D%7D&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=5105679731631278442&duid=MTYzMTI3ODQ0MDcwODI2MzEwNg%3D%3D&imp-id=2&enable-flat-highlight=1&test-tag=241342802296834&ad-session-id=3737661631278442998&target-id=79185103&tga-with-creatives=1&pcode-version=43447&pcodever=43447&flash-ver=0&available-width=432&available-height=243&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.9%2C%22w%22%3A432%2C%22h%22%3A243%2C%22width%22%3A432%2C%22height%22%3A243%2C%22visible%22%3A1%2C%22left%22%3A584%2C%22top%22%3A982%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&uniformat=true&callback=Ya%5B9353226913054%5D
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
4455b1dcc6d914ad05ce4909da51de19f20cd99020ff20e98ab5fea35a29db0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:03 GMT
content-encoding
gzip
last-modified
Fri, 10 Sep 2021 12:54:03 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1631278443044563-1235207043916903736200344-production-app-host-man-pcode-36
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 10 Sep 2021 12:54:03 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 648F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=21e2c742-253f-44e5-bb00-c0014c2404bf&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=41ea13fe-0ad5-4532-a924-7a4ded1cc58a&ttd_puid=21e2c742-253f-44e5-bb00-c0014c2404bf
95 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=41ea13fe-0ad5-4532-a924-7a4ded1cc58a&ttd_puid=21e2c742-253f-44e5-bb00-c0014c2404bf
Requested by
Host: pandg.tapad.com
URL: https://pandg.tapad.com/tag?gdpr=0&gdpr_consent=&referrer_url=&page_url=https%3A%2F%2Fask.fm%2Fcactussupply519&owner=P%26G&bp_id=showheroes&data=%7B%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pandg.tapad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:03 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:03 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=41ea13fe-0ad5-4532-a924-7a4ded1cc58a&ttd_puid=21e2c742-253f-44e5-bb00-c0014c2404bf
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
347
pixel
c.bannerflow.net/tr/v2/ Frame 1515 		0
97 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/tr/v2/pixel
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/610a76f4256010b5f790cc58?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc58&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602468%3B3529838%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc58&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602468%3B3529838%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 10 Sep 2021 12:54:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
68c8cd7ce9bb1f29-FRA
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
request-context
appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e
pixel.gif
px.moatads.com/ Frame 6C43 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&pxm=&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=BETWAY_GLOBAL_FT_DISPLAY1&ol=1058780619&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%3AxkrG%3D01%60%3CY%24d!K%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-R2Yyp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&sc=1&os=1-gw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=970&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fask.fm%2F&id=0&ii=9&f=1&j=https%3A%2F%2Fask.fm&lp=https%3A%2F%2Fask.fm&t=1631278442420&de=452662085407&cu=1631278442420&m=446&ar=503c7d4-clean&iw=85d6c64&cb=0&ym=0&ll=2&lm=3&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A373%3A373%3A0%3A125&aa=0&ad=185&cn=0&gk=185&gl=0&ik=185&ic=185&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=60&cd=60&ah=60&am=60&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=152991%3A17602%3A5602468%3A3529838&bo=ask.fm&bd=ask.fm&gw=betwayglobalftdisplay906661272790&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMMStrategy=-&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=194337&na=1911641362&cs=0
Requested by
Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/fBEwV5KhuBvern-KSrQJ5nQedudhzgT9tF-FO35PoYHkMJzVHUv_hQ36OYFW78UKAzZUYwjkxnPwy8AsBI4LFefet7TS7scuPwUr2OL37r5Kn3rZJiBsG23XUQjUb6XgVkzTDanFSZ4mkvfCsdqOigQWkhR6-_0yPTEGzfp0gYoseUvU6Te-PPtNMv01sYpE0DrJTGiUBYqwZ4fxFjDVL-fUrWuoTsJ1ysR4ANEjO0R_FxuQwmHPFGZixpIg_8SaqMckcrvhinAmxf3qNEw80TbfkXtFCB1AOqSIWFM3582qZ-oyolAMiTiXgZcV4_Ak_SDhyQZdnLDjoOXXSj-dqInz73l7UvH6EKBWYgvU3zFMhB5GxhJ_rK3wZtGjMjcmGHk4BzxWGsgT_zLgyzHFyo_rMZ9zxtMhAVA4ZONdMQK1B4yRI_s1iwPFGhut7xRz8y2ReyahgItIy1k1ifKmFz5J1XLob8QS1okijuJTRknTS8RSrI3CRBcJ715L-8-JQx0-qHtsah2YlHpMYFNrmitunnMqZLz2UfE02_ljFFIL9r4P9VzfhbD3Q3WK1WiLXPYB8WpsMdXWJGLTh65i22J9UtHY6EEnEnTuAJC8nX7EDVBVxWGKhTfOCdcoXIFJkGRtw5hqBgOZa-0eELG7MQqkTXmeoQyOdcKbu7_Pp610O1QxgL7gcWqj2cT7bRs1eTkGYBsEOchE7cLvUstEekJlexQvqPct9S2ER6gpI4W678XSW-oEGsJPOOQW_kBLHzr8-MWagJznt_0ZejAbrI4Q783oY6WtBw-J5g1H50g_FPrEH7nu9OI8NJC15TacWNZc7eMmP0WQV_wQQx4vocEd8lJ9OLy_myO2AUgXEnPFAiRSVs2s-F3y7ll1Dtw4K6L5OmMM0vM3lyiSmAxwBsGMzVy7x1oPewNMdY2CptBRuPyTby7WX_FYQUnANuKwWXiCc-P6ZVUb_m0yDm4Kox9amXi7ZzqiYljDuWzhtx37Cuc3DvCllffk6XyyIFpFZ7QmWPg4OGDAIUQY-TdqMoKkr2Ne_4MKr9CW5_AzAWcFgm3MT-w4tlsvV0HoSXg3Z34Iw2Hpb55runbzN1_qcMrgaLYJDkydQyVf_fUx7S7oLZlHZ6w4g7q6ZzBI93sj2UFEd3Bscwt1OAlYudReckFd5rB5_YTN/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:03 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 10 Sep 2021 12:54:03 GMT
cors
data.ad-score.com/data/ Frame 6C43 		1 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=RSQGGJYfEXmupzWoXrNmEpEveIZlFxPQ-FE7fPshldVrqKDwc0HLJEULAPg==-E0zCPc9laVXmNg==&pm_ct=c4db0bb0f08bd7294afabbba&pm_pl=1631278442625&pm_td=426&pid=1000791&en=1.1&callback=__pm_glbl_eV2OWD47z32DMOckkBATKNMu._gc4&tt=g&v=01ec985
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000791&tt=g
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://eu.sportradarserving.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://eu.sportradarserving.com
Date
Fri, 10 Sep 2021 12:54:03 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
48953915
mc.yandex.com/webvisor/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=1&wv-hit=668703111&page-url=https%3A%2F%2Fask.fm%2Fcactussupply519&rn=474985515&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1631278443%3Aw%3A1600x1200%3Av%3A631%3Az%3A0%3Ai%3A202109010125403%3Au%3A1631278440708263106%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1631278443
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:03 GMT
last-modified
Fri, 10-Sep-2021 12:54:03 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 10-Sep-2021 12:54:03 GMT
48953915
mc.yandex.com/webvisor/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=1&wv-hit=668703111&page-url=https%3A%2F%2Fask.fm%2Fcactussupply519&rn=275451848&wv-type=5&browser-info=gdpr%3A14%3Aet%3A1631278443%3Aw%3A1600x1200%3Av%3A631%3Az%3A0%3Ai%3A202109010125403%3Au%3A1631278440708263106%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1631278443
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:03 GMT
last-modified
Fri, 10-Sep-2021 12:54:03 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 10-Sep-2021 12:54:03 GMT
styles.css
moevideo.biz/embed/player/1707/skins/gray/ Frame DB5C 		54 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/player/1707/skins/gray/styles.css
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=iwT643WdNLW1YlIMGmBJS6htTCuxc3QK9RbD8jx0B7A57pbL7CfUD%2BYcsHH4Y%2FOw&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fcactussupply519&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.38 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f7.moevideo.net
Software
nginx /
Resource Hash
8981b7634262efb2ccddde3aaf691c544eb2e2a9f95fe7f7976d6574a14999e4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/embed/vpaid?token=iwT643WdNLW1YlIMGmBJS6htTCuxc3QK9RbD8jx0B7A57pbL7CfUD%2BYcsHH4Y%2FOw&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fcactussupply519&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:05 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Aug 2021 11:40:34 GMT
Server
nginx
X-My-Name
s41
ETag
W/"612cc3b2-d99f"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
X-My-Reqtime
1.941
mvplayer.min.js
moevideo.biz/embed/player/1707/ Frame DB5C 		580 KB
580 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/player/1707/mvplayer.min.js
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=iwT643WdNLW1YlIMGmBJS6htTCuxc3QK9RbD8jx0B7A57pbL7CfUD%2BYcsHH4Y%2FOw&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fcactussupply519&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.38 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f7.moevideo.net
Software
nginx /
Resource Hash
bd204debaaee1468075efbf39237f0e7e60da7ae5c1130a0eace92b59f578585

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/embed/vpaid?token=iwT643WdNLW1YlIMGmBJS6htTCuxc3QK9RbD8jx0B7A57pbL7CfUD%2BYcsHH4Y%2FOw&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fcactussupply519&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:03 GMT
Last-Modified
Mon, 30 Aug 2021 11:41:48 GMT
Server
nginx
X-My-Name
s13
ETag
"612cc3fc-90ecf"
Content-Type
application/javascript
Content-Length
593615
Connection
keep-alive
Accept-Ranges
bytes
X-My-Reqtime
0.093
set
playreplay.me/api/cookie/ Frame DB5C 		0
332 B 		Script
General
Check archive.org
Download Go to
Full URL
https://playreplay.me/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%222aeac8bf8f14ce5af194%22},{%22key%22:%22mvsid%22,%22value%22:%22453ade90-9011-4880-943e-928572e7e4e8%22}]
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=iwT643WdNLW1YlIMGmBJS6htTCuxc3QK9RbD8jx0B7A57pbL7CfUD%2BYcsHH4Y%2FOw&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fcactussupply519&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.54 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f51.moevideo.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:03 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
X-My-Reqtime
0.092
set
thesame.tv/api/cookie/ Frame DB5C 		0
332 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thesame.tv/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%222aeac8bf8f14ce5af194%22},{%22key%22:%22mvsid%22,%22value%22:%22453ade90-9011-4880-943e-928572e7e4e8%22}]
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=iwT643WdNLW1YlIMGmBJS6htTCuxc3QK9RbD8jx0B7A57pbL7CfUD%2BYcsHH4Y%2FOw&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fcactussupply519&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.191 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f31.moevideo.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:04 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
X-My-Reqtime
0.087
set
moevideo.biz/api/cookie/ Frame DB5C 		0
332 B 		Script
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%222aeac8bf8f14ce5af194%22},{%22key%22:%22mvsid%22,%22value%22:%22453ade90-9011-4880-943e-928572e7e4e8%22}]
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=iwT643WdNLW1YlIMGmBJS6htTCuxc3QK9RbD8jx0B7A57pbL7CfUD%2BYcsHH4Y%2FOw&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fcactussupply519&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.38 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f7.moevideo.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/embed/vpaid?token=iwT643WdNLW1YlIMGmBJS6htTCuxc3QK9RbD8jx0B7A57pbL7CfUD%2BYcsHH4Y%2FOw&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fcactussupply519&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:04 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
X-My-Reqtime
0.081
set
cs-0.moevideo.biz/api/cookie/ Frame DB5C 		0
332 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cs-0.moevideo.biz/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%222aeac8bf8f14ce5af194%22},{%22key%22:%22mvsid%22,%22value%22:%22453ade90-9011-4880-943e-928572e7e4e8%22}]
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=iwT643WdNLW1YlIMGmBJS6htTCuxc3QK9RbD8jx0B7A57pbL7CfUD%2BYcsHH4Y%2FOw&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fcactussupply519&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
83.229.25.15 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:04 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
X-My-Reqtime
0.097
set
playreplay.net/api/cookie/ Frame DB5C 		0
332 B 		Script
General
Check archive.org
Download Go to
Full URL
https://playreplay.net/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%222aeac8bf8f14ce5af194%22},{%22key%22:%22mvsid%22,%22value%22:%22453ade90-9011-4880-943e-928572e7e4e8%22}]
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=iwT643WdNLW1YlIMGmBJS6htTCuxc3QK9RbD8jx0B7A57pbL7CfUD%2BYcsHH4Y%2FOw&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fcactussupply519&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.54 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f51.moevideo.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:04 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
X-My-Reqtime
0.083
/
servedby.flashtalking.com/state/5602468;3529838;0;401;20877938-3A83-B9F4-D401-B71114E9591E/ Frame 6C43 		42 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servedby.flashtalking.com/state/5602468;3529838;0;401;20877938-3A83-B9F4-D401-B71114E9591E/?ft_data=d9:47280623d6ae4788be168a88f7a391fc;d9s:47280623d6ae4788be168a88f7a391fc&cachebuster=365477305
Requested by
Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/fBEwV5KhuBvern-KSrQJ5nQedudhzgT9tF-FO35PoYHkMJzVHUv_hQ36OYFW78UKAzZUYwjkxnPwy8AsBI4LFefet7TS7scuPwUr2OL37r5Kn3rZJiBsG23XUQjUb6XgVkzTDanFSZ4mkvfCsdqOigQWkhR6-_0yPTEGzfp0gYoseUvU6Te-PPtNMv01sYpE0DrJTGiUBYqwZ4fxFjDVL-fUrWuoTsJ1ysR4ANEjO0R_FxuQwmHPFGZixpIg_8SaqMckcrvhinAmxf3qNEw80TbfkXtFCB1AOqSIWFM3582qZ-oyolAMiTiXgZcV4_Ak_SDhyQZdnLDjoOXXSj-dqInz73l7UvH6EKBWYgvU3zFMhB5GxhJ_rK3wZtGjMjcmGHk4BzxWGsgT_zLgyzHFyo_rMZ9zxtMhAVA4ZONdMQK1B4yRI_s1iwPFGhut7xRz8y2ReyahgItIy1k1ifKmFz5J1XLob8QS1okijuJTRknTS8RSrI3CRBcJ715L-8-JQx0-qHtsah2YlHpMYFNrmitunnMqZLz2UfE02_ljFFIL9r4P9VzfhbD3Q3WK1WiLXPYB8WpsMdXWJGLTh65i22J9UtHY6EEnEnTuAJC8nX7EDVBVxWGKhTfOCdcoXIFJkGRtw5hqBgOZa-0eELG7MQqkTXmeoQyOdcKbu7_Pp610O1QxgL7gcWqj2cT7bRs1eTkGYBsEOchE7cLvUstEekJlexQvqPct9S2ER6gpI4W678XSW-oEGsJPOOQW_kBLHzr8-MWagJznt_0ZejAbrI4Q783oY6WtBw-J5g1H50g_FPrEH7nu9OI8NJC15TacWNZc7eMmP0WQV_wQQx4vocEd8lJ9OLy_myO2AUgXEnPFAiRSVs2s-F3y7ll1Dtw4K6L5OmMM0vM3lyiSmAxwBsGMzVy7x1oPewNMdY2CptBRuPyTby7WX_FYQUnANuKwWXiCc-P6ZVUb_m0yDm4Kox9amXi7ZzqiYljDuWzhtx37Cuc3DvCllffk6XyyIFpFZ7QmWPg4OGDAIUQY-TdqMoKkr2Ne_4MKr9CW5_AzAWcFgm3MT-w4tlsvV0HoSXg3Z34Iw2Hpb55runbzN1_qcMrgaLYJDkydQyVf_fUx7S7oLZlHZ6w4g7q6ZzBI93sj2UFEd3Bscwt1OAlYudReckFd5rB5_YTN/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip0x013.map2.ssl.hwcdn.net
Software
prod-xre-app29.frk11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:03 GMT
Server
prod-xre-app29.frk11
X-HW
1631278442.dop216.fr8.t,1631278442.cds266.fr8.shn,1631278442.dop216.fr8.t,1631278443.cds149.fr8.sc,1631278443.cds149.fr8.p
Content-Type
image/gif
Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Length
42
Expires
Fri, 01 Jan 1990 00:00:00 GMT
/
s.richaudience.com/vid/MP_Ua8BIWjxkR/1631278442/ Frame D13B 		160 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/vid/MP_Ua8BIWjxkR/1631278442/?hasConsent=1&consentString=&mref=https%3A%2F%2Fask.fm&fp=130
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.0.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.13.0.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
21aa80733a2e64012e3f4f18beb996d922b2cbe4eb24fe383c556ee13baf1fd2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:03 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://ask.fm
access-control-max-age
86400
access-control-allow-credentials
true
/
ads.viralize.tv/t-bid-opportunity/ Frame D13B 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ec12362c063514b82413aa72e16a51&item=YWRuXzU0MDa7VgRR7a8xUg%3D%3D.2.wp2sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:03 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
ads.viralize.tv/track/ Frame D13B 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec12362c063514b82413aa72e16a51%3A0%3AYWRuXzU4ODWl2fkMABKEIg%3D%3D~wp1sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzU4ODWl2fkMABKEIg%3D%3D~wp1sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:03 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
280214
search.spotxchange.com/vast/2.0/ Frame D13B 		67 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/280214?VPAID=JS&content_page_url=https%3A%2F%2Fask.fm&cb=1631278442&player_width=432&player_height=243&gdpr=1&gdpr_consent=&custom[format]=instream&schain=1.0,1!viralize.com,4704,1,,,
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-spotx-Exception-RESULT
exception
Content-Encoding
gzip
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-spotx-Exception-Message
SpotMarket execution was halted.
X-spotx-Exception-global_blacklist-ID
SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require
0.000372
X-SpotX-Timing-SpotMarket-Secondary
0.000000
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000023
X-SpotX-Timing-Page
0.012930
Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:08 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://ask.fm
X-SpotX-Timing-Page-Exception
0.000016
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-URI
0.000009
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
X-SpotX-Timing-SpotMarket-Primary
0.008210
X-SpotX-Timing-Transform
0.000332
X-SpotX-Timing-SpotMarket
0.008210
X-fe
081
X-SpotX-Timing-Page-Misc
0.003433
Content-Length
77
X-SpotX-Timing-Page-Context
0.000325
Last-Modified
Fri, 10 Sep 2021 12:54:08 GMT
Server
nginx
X-spotx-Exception-global_blacklist-RESULT
failure
X-spotx-Exception-global_blacklist-Message
The referer 'ask.fm' is blacklisted.
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-Mux
0.000210
/
ads.viralize.tv/t-bid-opportunity/ Frame D13B 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ec12362c063514b82413aa72e16a51&item=YWRuXzQ2MjEalpzxTDwl2A%3D%3D.3.wp3sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:03 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
652294
mc.yandex.com/watch/ 		295 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/652294?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fcactussupply519&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A2%3Adp%3A1%3Als%3A772066380839%3Ahid%3A668703111%3Az%3A0%3Ai%3A202109010125403%3Aet%3A1631278443%3Ac%3A1%3Arn%3A658928252%3Au%3A1631278440708263106%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1631278439185%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1631278443%3At%3Alawsonspencer198%20(%40cactussupply519)%20%E2%80%93%20Frag%20mich%20alles%20%7C%20ASKfm
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
7db6f55ad0876e2e00b75bc9c0a1f844cb9f6535a51526fad76357a57ac82a22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:03 GMT
x-content-type-options
nosniff
last-modified
Fri, 10-Sep-2021 12:54:03 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
295
x-xss-protection
1; mode=block
expires
Fri, 10-Sep-2021 12:54:03 GMT
652294
an.yandex.ru/meta/ 		219 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/meta/652294?grab=dGxhd3NvbnNwZW5jZXIxOTggKEBjYWN0dXNzdXBwbHk1MTkpIOKAkyBGcmFnIG1pY2ggYWxsZXMgfCBBU0tm&target-ref=https%3A%2F%2Fask.fm%2Fcactussupply519&charset=utf-8&pcode-test-ids=415665%2C0%2C41%3B411839%2C0%2C81%3B413059%2C0%2C73%3B416749%2C0%2C46%3B400734%2C0%2C34%3B416575%2C0%2C65&pcode-flags-map=%7B%22FEATURE_TOGGLE_FLAG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22386182%22%7D%5D%2C%22UNILOADER_BLACKLIST_RE%22%3A%5B%7B%22value%22%3A%5B%22secretmag.ru%22%2C%22passion.ru%22%2C%22rambler.ru%22%2C%22moslenta.ru%22%2C%22lenta.ru%22%2C%22letidor.ru%22%2C%22gazeta.ru%22%2C%22eda.ru%22%2C%22championat.com%22%2C%22motor.ru%22%2C%22afisha.ru%22%2C%22wmj.ru%22%2C%22quto.ru%22%2C%22livejournal.com%22%2C%22ferra.ru%22%5D%2C%22testId%22%3A%22391067%22%7D%5D%2C%22YANDEX_RU_DOMAIN%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22415665%22%7D%5D%2C%22VISIBILITY_SLOT_NODE%22%3A%5B%7B%22value%22%3A%22containerNode%22%2C%22testId%22%3A%22411839%22%7D%5D%2C%22ADSDK_FIXED_VER%22%3A%5B%7B%22value%22%3A408121%2C%22testId%22%3A%22411839%22%7D%5D%2C%22COMBO_NEW_DESIGN%22%3A%5B%7B%22value%22%3A%22whiteBlur%22%2C%22testId%22%3A%22411839%22%7D%5D%2C%22SMART_BANNER_INDICATOR_CLICKS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22413059%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22416749%22%7D%5D%2C%22ZEN_FORMAT_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22USE_PUNY_DOMAIN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22416749%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22416749%22%7D%5D%2C%22ZEN_REDESIGN_TOUCH_CARD%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22FIX_IMAGES_CALCULATIONS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416749%22%7D%5D%2C%22GLOBAL_SIZE_INFO%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22400734%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2243447%22%2C%22testId%22%3A%22416575%22%7D%5D%7D&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=5105679731631278442&duid=MTYzMTI3ODQ0MDcwODI2MzEwNg%3D%3D&imp-id=1&enable-flat-highlight=1&test-tag=241342802296834&ad-session-id=3737661631278442998&target-id=90941621&tga-with-creatives=1&pcode-version=43447&pcodever=43447&flash-ver=0&available-width=432&available-height=243&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.9%2C%22w%22%3A432%2C%22h%22%3A243%2C%22width%22%3A432%2C%22height%22%3A243%2C%22visible%22%3A1%2C%22left%22%3A584%2C%22top%22%3A982%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A0%2C%22req_no%22%3A1%7D&uniformat=true&callback=Ya%5B2318189376583%5D
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
a2fa359af410cfec360147b04e6802bcc6107bc9ce6ed1d012efa10f5fa8efb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:03 GMT
content-encoding
gzip
last-modified
Fri, 10 Sep 2021 12:54:03 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1631278443221732-591027604174725253900281-production-app-host-man-pcode-92
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 10 Sep 2021 12:54:03 GMT
/
ads.viralize.tv/track/ Frame D13B 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec12362c063514b82413aa72e16a51%3A0%3AYWRuXzU0MDa7VgRR7a8xUg%3D%3D~wp2sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzU0MDa7VgRR7a8xUg%3D%3D~wp2sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:03 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
1
mc.yandex.com/watch/652294/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/652294/1?page-url=https%3A%2F%2Fask.fm%2Fcactussupply519&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A843%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A2%3Adp%3A1%3Als%3A772066380839%3Ahid%3A668703111%3Az%3A0%3Ai%3A202109010125403%3Aet%3A1631278443%3Ac%3A1%3Arn%3A243150714%3Arqn%3A1%3Au%3A1631278440708263106%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1631278439185%3Ads%3A8%2C311%2C184%2C95%2C0%2C0%2C%2C162%2C126%2C1767%2C1767%2C13%2C675%3Adsn%3A7%2C311%2C185%2C94%2C%2C0%2C%2C77%2C127%2C1767%2C1767%2C13%2C675%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1631278443
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:03 GMT
last-modified
Fri, 10-Sep-2021 12:54:03 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 10-Sep-2021 12:54:03 GMT
652294
mc.yandex.com/watch/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/652294?page-url=https%3A%2F%2Fask.fm%2Fcactussupply519&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A2%3Adp%3A1%3Als%3A772066380839%3Ahid%3A668703111%3Az%3A0%3Ai%3A202109010125403%3Aet%3A1631278443%3Ac%3A1%3Arn%3A9166809%3Arqn%3A2%3Au%3A1631278440708263106%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1631278439185%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1631278443%3At%3Alawsonspencer198%20(%40cactussupply519)%20%E2%80%93%20Frag%20mich%20alles%20%7C%20ASKfm
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:03 GMT
last-modified
Fri, 10-Sep-2021 12:54:03 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 10-Sep-2021 12:54:03 GMT
action
www8.smartadserver.com/track/ Frame C712 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www8.smartadserver.com/track/action?sid=1631278441706&pid=1438277&iid=10104881&cid=0&key=viewcount&rtb=1&rtbbid=460599969362581564&rtbet=0&rtblt=637668752413389672&rtbnid=2079&rtbh=b07bfcb32615cdaa86242cf6db1146427876c4e0&ts=1631278441706
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:02 GMT
transfer-encoding
chunked
content-type
image/gif
cors
data.ad-score.com/data/ Frame 6C43 		1 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=RSQGGJYfEXmupzWoXrNmEpEveIZlFxPQ-FE7fPshldVrqKDwc0HLJEULAPg==-E0zCPc9laVXmNg==&pm_ct=c4db0bb0f08bd7294afabbba&pm_pl=1631278442625&pm_td=770&pid=1000791&en=1.1&callback=__pm_glbl_eV2OWD47z32DMOckkBATKNMu._gc5&tt=g&v=01ec985
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000791&tt=g
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://eu.sportradarserving.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://eu.sportradarserving.com
Date
Fri, 10 Sep 2021 12:54:03 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
ad
v.lkqd.net/ Frame F5CC 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=54348506&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
42f3c743155b5fd69a1b27ce2847c0e90aabf80ae3936128eb73efc6d0ac567b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:03 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1344
fBEwV5KhuBvern-KSrQJ5nQedudhzgT9tF-FO35PoYHkMJzVHUv_hQ36OYFW78UKAzZUYwjkxnPwy8AsBI4LFefet7TS7scuPwUr2OL37r5Kn3rZJiBsG23XUQjUb6XgVkzTDanFSZ4mkvfCsdqOigQWkhR6-_0yPTEGzfp0gYoseUvU6Te-PPtNMv01sYpE0DrJT...
eu.sportradarserving.com/vimp/ Frame 6C43 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.sportradarserving.com/vimp/fBEwV5KhuBvern-KSrQJ5nQedudhzgT9tF-FO35PoYHkMJzVHUv_hQ36OYFW78UKAzZUYwjkxnPwy8AsBI4LFefet7TS7scuPwUr2OL37r5Kn3rZJiBsG23XUQjUb6XgVkzTDanFSZ4mkvfCsdqOigQWkhR6-_0yPTEGzfp0gYoseUvU6Te-PPtNMv01sYpE0DrJTGiUBYqwZ4fxFjDVL-fUrWuoTsJ1ysR4ANEjO0R_FxuQwmHPFGZixpIg_8SaqMckcrvhinAmxf3qNEw80TbfkXtFCB1AOqSIWFM3582qZ-oyolAMiTiXgZcV4_Ak_SDhyQZdnLDjoOXXSj-dqInz73l7UvH6EKBWYgvU3zFMhB5GxhJ_rK3wZtGjMjcmGHk4BzxWGsgT_zLgyzHFyo_rMZ9zxtMhAVA4ZONdMQK1B4yRI_s1iwPFGhut7xRz8y2ReyahgItIy1k1ifKmFz5J1XLob8QS1okijuJTRknTS8RSrI3CRBcJ715L-8-JQx0-qHtsah2YlHpMYFNrmitunnMqZLz2UfE02_ljFFIL9r4P9VzfhbD3Q3WK1WiLXPYB8WpsMdXWJGLTh65i22J9UtHY6EEnEnTuAJC8nX7EDVBVxWGKhTfOCdcoXIFJkGRtw5hqBgOZa-0eELG7MQqkTXmeoQyOdcKbu7_Pp610O1QxgL7gcWqj2cT7bRs1eTkGYBsEOchE7cLvUstEekJlexQvqPct9S2ER6gpI4W678XSW-oEGsJPOOQW_kBLHzr8-MWagJznt_0ZejAbrI4Q783oY6WtBw-J5g1H50g_FPrEH7nu9OI8NJC15TacWNZc7eMmP0WQV_wQQx4vocEd8lJ9OLy_myO2AUgXEnPFAiRSVs2s-F3y7ll1Dtw4K6L5OmMM0vM3lyiSmAxwBsGMzVy7x1oPewNMdY2CptBRuPyTby7WX_FYQUnANuKwWXiCc-P6ZVUb_m0yDm4Kox9amXi7ZzqiYljDuWzhtx37Cuc3DvCllffk6XyyIFpFZ7QmWPg4OGDAIUQY-TdqMoKkr2Ne_4MKr9CW5_AzAWcFgm3MT-w4tlsvV0HoSXg3Z34Iw2Hpb55runbzN1_qcMrgaLYJDkydQyVf_fUx7S7oLZlHZ6w4g7q6ZzBI93sj2UFEd3Bscwt1OAlYudReckFd5rB5_YTN
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.4.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-4-26.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/ul_cb/content/fBEwV5KhuBvern-KSrQJ5nQedudhzgT9tF-FO35PoYHkMJzVHUv_hQ36OYFW78UKAzZUYwjkxnPwy8AsBI4LFefet7TS7scuPwUr2OL37r5Kn3rZJiBsG23XUQjUb6XgVkzTDanFSZ4mkvfCsdqOigQWkhR6-_0yPTEGzfp0gYoseUvU6Te-PPtNMv01sYpE0DrJTGiUBYqwZ4fxFjDVL-fUrWuoTsJ1ysR4ANEjO0R_FxuQwmHPFGZixpIg_8SaqMckcrvhinAmxf3qNEw80TbfkXtFCB1AOqSIWFM3582qZ-oyolAMiTiXgZcV4_Ak_SDhyQZdnLDjoOXXSj-dqInz73l7UvH6EKBWYgvU3zFMhB5GxhJ_rK3wZtGjMjcmGHk4BzxWGsgT_zLgyzHFyo_rMZ9zxtMhAVA4ZONdMQK1B4yRI_s1iwPFGhut7xRz8y2ReyahgItIy1k1ifKmFz5J1XLob8QS1okijuJTRknTS8RSrI3CRBcJ715L-8-JQx0-qHtsah2YlHpMYFNrmitunnMqZLz2UfE02_ljFFIL9r4P9VzfhbD3Q3WK1WiLXPYB8WpsMdXWJGLTh65i22J9UtHY6EEnEnTuAJC8nX7EDVBVxWGKhTfOCdcoXIFJkGRtw5hqBgOZa-0eELG7MQqkTXmeoQyOdcKbu7_Pp610O1QxgL7gcWqj2cT7bRs1eTkGYBsEOchE7cLvUstEekJlexQvqPct9S2ER6gpI4W678XSW-oEGsJPOOQW_kBLHzr8-MWagJznt_0ZejAbrI4Q783oY6WtBw-J5g1H50g_FPrEH7nu9OI8NJC15TacWNZc7eMmP0WQV_wQQx4vocEd8lJ9OLy_myO2AUgXEnPFAiRSVs2s-F3y7ll1Dtw4K6L5OmMM0vM3lyiSmAxwBsGMzVy7x1oPewNMdY2CptBRuPyTby7WX_FYQUnANuKwWXiCc-P6ZVUb_m0yDm4Kox9amXi7ZzqiYljDuWzhtx37Cuc3DvCllffk6XyyIFpFZ7QmWPg4OGDAIUQY-TdqMoKkr2Ne_4MKr9CW5_AzAWcFgm3MT-w4tlsvV0HoSXg3Z34Iw2Hpb55runbzN1_qcMrgaLYJDkydQyVf_fUx7S7oLZlHZ6w4g7q6ZzBI93sj2UFEd3Bscwt1OAlYudReckFd5rB5_YTN/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length
43
Content-Type
image/gif
vpaid.js
ad.lkqd.net/vpaid/ Frame 413D 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:03 GMT
content-encoding
gzip
last-modified
Mon, 10 May 2021 16:09:54 GMT
etag
"18431b5d583ab7507824ab63424fc76a"
x-hw
1631278443.cds142.fr8.hn,1631278443.cds107.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62012
usync.html
ad.lkqd.net/cookie-sync/ Frame 912C 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 10 Sep 2021 12:54:03 GMT
content-encoding
gzip
content-length
1868
content-type
text/html
last-modified
Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges
bytes
etag
"81f08e6987a7c8675462207e3514d72e"
cache-control
public, max-age=1209600
x-hw
1631278443.cds142.fr8.hn,1631278443.cds226.fr8.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=54348506&m=&rtv=1&thost=ask.fm
Protocol
H2
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 12:54:03 GMT
content-length
0
access-control-allow-origin
https://ask.fm
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
ad
v.lkqd.net/ Frame 413D 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=54348506&m=&rtv=1&thost=ask.fm
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
42761907775a3869fbd2b51a15a5bf53e8b3204e799a708a505f97b6b740ba97

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 10 Sep 2021 12:54:03 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
2111
cs
cs.lkqd.net/ Frame 912C 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:03 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 912C 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:03 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 912C 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:03 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 912C 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:03 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 912C
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7665991417695659745
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7665991417695659745
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:03 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7665991417695659745
pragma
no-cache
date
Fri, 10 Sep 2021 12:54:03 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pixel.gif
px.moatads.com/ Frame 6C43 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&pxm=&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=BETWAY_GLOBAL_FT_DISPLAY1&ol=1058780619&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%3AxkrG%3D01%60%3CY%24d!K%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-R2Yyp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&sc=1&os=1-gw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=970&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fask.fm%2F&id=0&ii=9&f=1&j=https%3A%2F%2Fask.fm&lp=https%3A%2F%2Fask.fm&t=1631278442420&de=452662085407&cu=1631278442420&m=1288&ar=503c7d4-clean&iw=85d6c64&cb=0&ym=0&ll=2&lm=3&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A373%3A373%3A1129%3A125&aa=1&ad=1028&cn=185&gn=1&gk=1028&gl=185&ik=1028&ic=1028&ez=1&co=1028&cp=1068&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1068&cd=60&ah=1068&am=60&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=152991%3A17602%3A5602468%3A3529838&bo=ask.fm&bd=ask.fm&gw=betwayglobalftdisplay906661272790&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMMStrategy=-&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=194337&na=705131019&cs=0
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:03 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 10 Sep 2021 12:54:03 GMT
pixel.gif
px.moatads.com/ Frame 6C43 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&pxm=&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=BETWAY_GLOBAL_FT_DISPLAY1&ol=1058780619&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%3AxkrG%3D01%60%3CY%24d!K%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-R2Yyp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&sc=1&os=1-gw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=970&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fask.fm%2F&id=0&ii=9&f=1&j=https%3A%2F%2Fask.fm&lp=https%3A%2F%2Fask.fm&t=1631278442420&de=452662085407&cu=1631278442420&m=1292&ar=503c7d4-clean&iw=85d6c64&cb=0&ym=0&ll=2&lm=3&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A373%3A373%3A1129%3A125&aa=1&ad=1028&cn=1028&gn=1&gk=1028&gl=1028&ik=1028&ic=1028&ez=1&co=1028&cp=1068&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1068&cd=1068&ah=1068&am=1068&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=152991%3A17602%3A5602468%3A3529838&bo=ask.fm&bd=ask.fm&gw=betwayglobalftdisplay906661272790&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMMStrategy=-&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=194337&na=1642223579&cs=0
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:03 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 10 Sep 2021 12:54:03 GMT
pixel.gif
px.moatads.com/ Frame 6C43 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&pxm=&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=BETWAY_GLOBAL_FT_DISPLAY1&ol=1058780619&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%3AxkrG%3D01%60%3CY%24d!K%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-R2Yyp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&sc=1&os=1-gw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=970&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fask.fm%2F&id=0&ii=9&f=1&j=https%3A%2F%2Fask.fm&lp=https%3A%2F%2Fask.fm&t=1631278442420&de=452662085407&cu=1631278442420&m=1295&ar=503c7d4-clean&iw=85d6c64&cb=0&ym=0&ll=2&lm=3&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A373%3A373%3A1129%3A125&aa=1&ad=1028&cn=1028&gn=1&gk=1028&gl=1028&ik=1028&ic=1028&ez=1&co=1028&cp=1068&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1068&cd=1068&ah=1068&am=1068&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=152991%3A17602%3A5602468%3A3529838&bo=ask.fm&bd=ask.fm&gw=betwayglobalftdisplay906661272790&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMMStrategy=-&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=194337&na=1522294658&cs=0
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:03 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 10 Sep 2021 12:54:03 GMT
t
t.lkqd.net/ Frame 8D32 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 12:54:03 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 12:54:03 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 12:54:03 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame 8D32 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 12:54:04 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
cors
data.ad-score.com/data/ Frame 6C43 		1 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=RSQGGJYfEXmupzWoXrNmEpEveIZlFxPQ-FE7fPshldVrqKDwc0HLJEULAPg==-E0zCPc9laVXmNg==&pm_ct=c4db0bb0f08bd7294afabbba&pm_pl=1631278442625&pm_td=1270&pid=1000791&en=1.1&callback=__pm_glbl_eV2OWD47z32DMOckkBATKNMu._gc6&tt=g&v=01ec985
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000791&tt=g
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://eu.sportradarserving.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://eu.sportradarserving.com
Date
Fri, 10 Sep 2021 12:54:03 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
widget.81c6784b5877a281166d.js
c.bannerflow.net/scripts/ Frame 1515 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/widget.81c6784b5877a281166d.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/610a76f4256010b5f790cc58?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc58&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602468%3B3529838%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
407837d8c439977d467f0868cc7be102ffbe3e0d354b3375cbf5d60804d98fd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc58&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602468%3B3529838%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 Sep 2021 12:54:03 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
iPO6K46q8/CbzZoIAMTVog==
age
3613451
cf-polished
origSize=19905
x-ms-lease-status
unlocked
last-modified
Thu, 29 Jul 2021 12:49:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
78aa67c6-a01e-0044-4e65-856719000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2009-09-19
cf-ray
68c8cd827acc1f29-FRA
cf-bgj
minify
feed.72c1100847dd73ecbd0a.js
c.bannerflow.net/scripts/ Frame 1515 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/feed.72c1100847dd73ecbd0a.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/610a76f4256010b5f790cc58?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc58&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602468%3B3529838%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09a1035ead5512982d8e543a9f0ca11d44a49f301e105236bd0f32cf6da3e120

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc58&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602468%3B3529838%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 Sep 2021 12:54:03 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
mCALpUEGzShtLdm5CRhzxA==
age
3631396
cf-polished
origSize=5343
x-ms-lease-status
unlocked
last-modified
Thu, 29 Jul 2021 12:49:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
42901388-701e-0078-563b-854ede000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2009-09-19
cf-ray
68c8cd827ace1f29-FRA
cf-bgj
minify
document.5cc1a1d250.js
c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/published/966809/1214684/ Frame 1515 		102 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/published/966809/1214684/document.5cc1a1d250.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/610a76f4256010b5f790cc58?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc58&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602468%3B3529838%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
577c219be707f0fd68f4bf96b12882451f14f01164d2c541a52db2caa810ebf9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc58&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602468%3B3529838%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 Sep 2021 12:54:03 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
XMGh0lCgvz9nHry9CMlUog==
age
2684024
cf-polished
origSize=108057
x-ms-lease-status
unlocked
last-modified
Tue, 10 Aug 2021 11:20:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
16651823-f01e-0082-23d9-8dac98000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2009-09-19
cf-ray
68c8cd827acf1f29-FRA
cf-bgj
minify
animated-creative.3e2f59a6b242873c0282.js
c.bannerflow.net/scripts/ Frame 1515 		131 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/animated-creative.3e2f59a6b242873c0282.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/610a76f4256010b5f790cc58?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc58&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602468%3B3529838%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b21e8894208f8d634fc7efcad5afa5d3bef4a18a9525d01392cddb6b808691c1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc58&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602468%3B3529838%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 Sep 2021 12:54:03 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
3uwMcSr/fpqz/DEHIqBWYw==
age
3645639
cf-polished
origSize=133712
x-ms-lease-status
unlocked
last-modified
Thu, 29 Jul 2021 17:12:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
3ad89df4-901e-005f-6f1a-85591a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2009-09-19
cf-ray
68c8cd827ad41f29-FRA
cf-bgj
minify
truncated
/ Frame 1515 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
60d0815c37670160b4539414.json
c.bannerflow.net/sfeeds/581701278d987c10bca61aed/ Frame 1515 		19 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/sfeeds/581701278d987c10bca61aed/60d0815c37670160b4539414.json
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/feed.72c1100847dd73ecbd0a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9b1f42d0a9b100d27138d26ebcacaff27ec31f617b67a209bfe8a3362124d54

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc58&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602468%3B3529838%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:04 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
344
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
public, max-age=600, stale-if-error=28800, stale-while-revalidate=28800
cf-ray
68c8cd83dcb61f29-FRA
request-context
appId=cid-v1:75ea8019-1544-4ba8-a6db-e73bdcff9d5b
font
c.bannerflow.net/fs/api/v2/ Frame 1515 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F581700858d987c12245d04b2%2F7b49bac3-4e85-4c34-b3ea-72a1852603f7.woff&t=%20%24%2C%2F012356%40ABCDEHINORSUZkmnortux%C2%A3%E2%82%AC%E2%82%B9
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc58&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602468%3B3529838%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79902b0180a228985c5f89c1ee05083861390e437de9600b3756c8edc32833c9

Request headers

Referer
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc58&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602468%3B3529838%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Origin
https://c.bannerflow.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:04 GMT
cf-cache-status
HIT
server
cloudflare
age
3117798
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=7b49bac3-4e85-4c34-b3ea-72a1852603f7-subset.woff
cf-ray
68c8cd840cf91f29-FRA
expires
Fri, 05 Aug 2022 10:50:46 GMT
font
c.bannerflow.net/fs/api/v2/ Frame 1515 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F581700858d987c12245d04b2%2F8586c66f-7c84-4e0e-881c-e8dca530b008.woff&t=%20%26%27%2B.18%40ACEGKSTVacdeghijklmnoprstuvxy%7C%C3%A4%C3%A5%C3%BC%D8%A3%D8%A7%D8%A8%D8%AA%D8%AD%D8%B1%D8%B4%D8%B7%D9%82%D9%83%D9%84%D9%85%D9%88%E0%A4%82%E0%A4%94%E0%A4%97%E0%A4%A4%E0%A4%A8%E0%A4%AE%E0%A4%AF%E0%A4%B0%E0%A4%B2%E0%A4%B6%E0%A4%BE%E0%A4%BF%E0%A5%82%E0%A5%87%E0%A5%8D
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc58&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602468%3B3529838%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47f24e87af9697fea839c98bb060789be65892c3c6500632d5db312590400344

Request headers

Referer
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc58&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602468%3B3529838%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Origin
https://c.bannerflow.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:04 GMT
cf-cache-status
HIT
server
cloudflare
age
2682697
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=8586c66f-7c84-4e0e-881c-e8dca530b008-subset.woff
cf-ray
68c8cd840cfd1f29-FRA
expires
Wed, 10 Aug 2022 11:42:27 GMT
font
c.bannerflow.net/fs/api/v2/ Frame 1515 		4 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F581700858d987c12245d04b2%2F42eeb52d-4ab8-44ad-9b90-6a5b55a7192c.woff&t=%20%27%40ACDEGIJKLNORSTYetx%C3%96%D8%A5%D8%B6%D9%85%D9%86%E0%A4%82%E0%A4%95%E0%A4%9C%E0%A4%9F%E0%A4%B0%E0%A4%B8%E0%A4%BF%E0%A5%87%E0%A5%8D
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc58&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602468%3B3529838%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
548d56f93a6178c16825a79ab897b01652aca5b1bda32c07c6d7ba550b13aeab

Request headers

Referer
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc58&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602468%3B3529838%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Origin
https://c.bannerflow.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:04 GMT
cf-cache-status
HIT
server
cloudflare
age
2500245
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=42eeb52d-4ab8-44ad-9b90-6a5b55a7192c-subset.woff
cf-ray
68c8cd840d001f29-FRA
expires
Fri, 12 Aug 2022 14:23:19 GMT
optad360.js
serving.stat-rock.com/player/ 		307 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serving.stat-rock.com/player/optad360.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
ap8.adplayer.pro
Software
nginx /
Resource Hash
dec9b1658814521902f86d8ba736b2e32de4fc3642069815e0a7d852f0ca9383

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:04 GMT
content-encoding
gzip
last-modified
Mon, 06 Sep 2021 07:45:44 GMT
server
nginx
etag
W/"6135c728-4caf3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=600
/
adx.adform.net/adx/ 		5 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTgwMjYyMCZ0cmFuc2FjdGlvbklkPTA1M2UwM2Q0LTgxYTAtNDA5MC04OTIwLTM2ZjdjMDRiMWY2NyZyY3VyPVBMTg%3D%3D&pt=gross&stid=9f358f8a-28f6-4925-8e76-502aa450600e&gdpr=0&gdpr_consent=undefined&fd=1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ba035cdbd3f36ad13f51ae65d8936311e46cd3f9cf65684892f6b1f05401aa06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:04 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://ask.fm
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
f050c9ec734121a1688a36225b4b5b05eb5337504cc07f7d6869654933345e67
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:04 GMT
X-Proxy-Origin
91.199.118.75; 91.199.118.75; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
dda1a921-a55d-44a2-93b0-88c144fd0b93
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b04e63db4ab9aef3c7ec9013344a95f80daaeb8616d368420a28266b6920659f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:04 GMT
X-Proxy-Origin
91.199.118.75; 91.199.118.75; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
4d474fa3-eca8-4d2f-b60f-2a5e6e9b92ea
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
optimize
c.bannerflow.net/io/api/image/ Frame BE16 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetway%2F581701278d987c10bca61aed%2Fimages%2Fe56741f2-e1b9-4438-b2ab-ed263b2e70c2.png&w=104&h=90&q=90&f=webp&rt=contain
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9811c1becea5c0c134342f37f302f4362f781675ae5e131f45e8a5434a97d2d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:04 GMT
cf-cache-status
HIT
api-supported-versions
2.0
age
53329
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
68c8cd84add51f29-FRA
content-length
3454
server
cloudflare
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
717f7a99-6bee-4744-a66c-3442b78fe3e7.svg
c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/images/ Frame BE16 		27 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/images/717f7a99-6bee-4744-a66c-3442b78fe3e7.svg
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1dd11385bf9a9e2e67c1107000d9e30010e95da3ef8b8c29b1b5c5071546595

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 Sep 2021 12:54:04 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
JDZegjfRvShKsHUH2G1lsg==
age
2907
x-ms-lease-status
unlocked
last-modified
Mon, 21 Jun 2021 11:53:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
8220472f-901e-005f-48e4-89591a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
cf-ray
68c8cd84add91f29-FRA
60247ad2-a231-4d4d-b281-7cee8fd1d189.svg
c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/images/ Frame BE16 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/images/60247ad2-a231-4d4d-b281-7cee8fd1d189.svg
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
115d3d222e948b73289c8180d4c821ae08feed8d7c3c62d7abff966e1f890bbb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 Sep 2021 12:54:04 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
7YVF1fdK2DQLVpofOPigCA==
age
2907
x-ms-lease-status
unlocked
last-modified
Wed, 02 Jun 2021 09:28:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
b67a7397-e01e-0027-6be4-89fae2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
cf-ray
68c8cd84adda1f29-FRA
9e2bc361-3646-41a4-a61c-2f9c8b372d9d.svg
c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/images/ Frame BE16 		14 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/images/9e2bc361-3646-41a4-a61c-2f9c8b372d9d.svg
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a566ae2a1e7934ac507ab1f3f7b34f7f7d4a2ecf6463c98cb1b2305e8efb19f1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 Sep 2021 12:54:04 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
z/n/saqDL/0Fn4YhkL3Dgg==
age
981
x-ms-lease-status
unlocked
last-modified
Wed, 21 Jul 2021 11:46:34 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
fe8fb778-f01e-0092-06e7-8969f0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
cf-ray
68c8cd84ce1b1f29-FRA
optimize
c.bannerflow.net/io/api/image/ Frame 5B7F 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetway%2F581701278d987c10bca61aed%2Fimages%2Ffa473745-880c-42d3-9470-5aed7b5ae848.png&w=130&h=135&q=90&f=webp&rt=contain
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac2b85ac1f278e16f50127dc46574bef15d731608a21d5eeeb7fea8813599270

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:04 GMT
cf-cache-status
HIT
api-supported-versions
2.0
age
4292
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
68c8cd84ee4b1f29-FRA
content-length
7068
server
cloudflare
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame 5B7F 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetway%2F581701278d987c10bca61aed%2Fimages%2Ffa473745-880c-42d3-9470-5aed7b5ae848.png&w=130&h=135&q=90&f=webp&rt=contain
Requested by
Host:
URL: widget-dc307f45-dbf8-4d8f-845b-c6d89cfe61d7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac2b85ac1f278e16f50127dc46574bef15d731608a21d5eeeb7fea8813599270

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:04 GMT
cf-cache-status
HIT
api-supported-versions
2.0
age
4292
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
68c8cd850ead1f29-FRA
content-length
7068
server
cloudflare
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
ad
v.lkqd.net/ Frame F5CC 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=80755725&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
175220fd96c68c199b07b3e496a9a6ce1fc52d7ba23bf732cacd9a010760c2e2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:04 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1345
vpaid.js
ad.lkqd.net/vpaid/ Frame B9F3 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:04 GMT
content-encoding
gzip
last-modified
Mon, 10 May 2021 16:09:54 GMT
etag
"18431b5d583ab7507824ab63424fc76a"
x-hw
1631278444.cds142.fr8.hn,1631278444.cds107.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62012
truncated
/ 		630 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
vast
bid.g.doubleclick.net/dbm/ 		14 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-C5hyN5zPX0Wwgy0nNEOh5SGi-8IQfwgxkVls0weLlBWTv9kNNtcj-oi7eXgdJoffxEP5MuDus9TA079-lvWtHbBaTnHQ&cry=1&dbm_d=AKAmf-AYrZdgungzpI_-_QiuJNTJQ9Oc-9he1uliKYrWj25kWP1FBW8mr3jJ3zqxAiJFUe-xDNGLbAj51qKWv1pEty2t1vIpB2_RpmJuC0TXQXOwomaX12qz-2RpiW93c5qRh7xKWbczMdvAITMnNMlkH_QxiIv7x-0qeJYriiOUurdmKyzmTTFJD7IDZhQCgNfvxb5JlF8gF1K3bLpc9tM3S_7uVAQAGhUGYDukIMeGWvbS9TegBoqeeP8jAQRwVjwo69aggK1vknld6X8VIM-U3MI1WQjEeLghC2wQD1pswF2BAz2ZUc3ALCDCcGrl9dX1Ho6d22qoT6diNuLWCi3acyHWFUh40W5p06g1OeSrO2fYC-Q7_2NMWQgS7M22EXj04St_EAlcUcoHe78tJ_-GP81wXnm6c4w456WM8-7gE26nB1nMaTuoABXmvxXmDZyss-OQLW8ajKq2Swp9Y3xbklDsJfY4KR5IpqDlc8KtVXuRaxI7Jgm0xMWp4CWNOGw4q4n-2u6dAnTiIrHjxcWILhytG8FWZOLtQqTif3lp3hXYeyZSzFvVi26sjwgH3KyrY8CKuGobQRy9Ex4b6o3TIy_HmajX15MFBXVW-CFWbxtjwD8WsnP_vi2JCzWa8BXNFkh7ZCblXi8JcGsafcVq8vmOCI8vM-EeKlRqhaHyEdZZ_ke5zN4biMGNyMpUt-be4XLL0TzeiqAQ5Tf1VAF2-cbbGzJeh_Izi_SXF1eCnUZYk0Sye2BS5pn9oROjEZexqg1MHpv9ANYnxng1Ts_5AD1XsujPs6VFBBkbUhao6Zk7MmnyamWPRT2GgqciBUlEeSkOrxFEMVbnHYdd4hVtsnnuWmlEvig46S31L9vJm4aJ0YMo3llpkc4V24kCfNRMEOCWeqOeTDu7LDwhMDgEDXSVuPS4AS8AD9Abmft5B8CuQ8ykhzZ1p2lbiyLqtnLecHmT_o6pDBZE-55zSADN8CBEzxMR4AcSG_76CBWNbnrzfF_0xnqxsY0vLAjx2BpqfoKPdF20VD0X9bQUw3u16ews4_ruOmwVDMltZX_RW1jdwanugvSoZIOjPBMZ4dhawZaxTEmWDuWE_RbYmdJyupLFR4fPJYIy7QvBjYFI9rTZiMvBudIklhux1xi-Z8YprC5mGFjGQICWI5iv4qCg2mgSlvuadHllimkmkqIMq-Kvvdov6E2YIj8qDChVvcfzVC73jHQSeHWqL3r2ZWuyC2OPY2zCvHByPsXlCktYQH0q_fIzSyUx9qTenDkphXcW2uZt3M1SsnJSe0TwQqO1svAIyKbSf5FQ3jXgrjMHEkaCGE2kUdB7ki1lF-lgfM-xd4PVIsNjgYkKhrbaUmFbSff0rDsUSUPQBabwEV6Z9NIGncA28FMIYIbUZYCW1Ao6e13EyjG4poL9UZCH4SouyvOIRSdHqK37btyTJqbJrrE6bcEwtDCmTiUv6N3Og7Ydzk8yJqjDUMsrmDGLTfTFY9OnyFPrm3G0onP4I7w0pAHY3qTr9-ptjUX31zy6Qo_xlk60zXTwT8HJG_p2ucelhQgM90lSVokuK0hg3NlxcGiw_RcGVDvcdlzkWdXEoiYkWIucjoR34P8XAbnaVg60q6jmL95d5Fz30VAaItclK2or23pN4Ih6gGuVMwdp7_5yhPK2VMzjiCihbro7ccmj_hHGIcGx9YzMHlUOzQARTUZYC843_9eic2IGCpgRGwxSCpqTK1RJiSdEwOFkvH_Krbtw7ried40rz35yTklsFr2dsM4OzxqZ1g9-b1W4SkXMS7DGYKwzBO1U1LLxtx7D_B8XDeej1sarNUCNIDfTM1YJeb-N6fzStjuAYxB4epN-Xq3zftMN9daqtk-0fUESYbKCiExI5OG5q6VhsKfAJionVaB-d4Idy_u_AU5BO8uP6bxplyJUuRACKJo4zOTFq1Bco5RW69HuGypHZJ7SgV-jE1JAy4VgRtcuZUgruqv_AvDlFSUDXxz2mSSGk2rxxOS-FAaemNVMPcZOb1YZisxb3C6wfPp-4AWuTHfGopifSGhajFhnUfRGL2rwffSj1kIeVt4KKY3jDlU41aNq4jHxac2_Ws0RdMfg9iaPPmvElMohVz3xhKz0e-vtYVjVVxm-uIAY4qRd4xmOzjFG1gDn7VBRv5PfTMwDWTp71wbdw8GefVMNMt5i5Nx04D-EAQKdB6qLPF3XIWjyR19-AeiXoXrliqOtgb9Aat10heAixXNlnEwcAcyEm2UbuejHa63LIUNLuHrmyyIrCLXqINTbkKnFx5QZYtA_bmymFoEuDuwxc5UABUrDcAbfD-07fXiM7uZj00YErfvP3C98Y5gH5SSeOExXsVxOGwMkaENYScFFCDRmjqNzmHPG7XrenMP3jcMbz7rEE4WeiPj3egSjwJ5Qv33_-Dkquiha8XLmuVkKPz1RGpvXR5R7r89zuNxtvn8UoxO5Z8O28i8HIAIzGag1XruBTEXlnV-P37mtUyw-uqYRAqWsFDY_AKCAXmpXj9dL3UpuE9uTmlRHElcOTRW44lAhImfAVGL9iUVZiTfd5RnrwAZVxi9JeQrU8FAFjXpGWbbcfc89y-HPaZXupL7bqAAEhIO_S79aXhpBhVBy9fppoSy1fKm7eO3Wrp3dn5dZJaryll7E5g62XFtxgULjY-QwIHB0YH_4mhsmcJ44mU-abDXas6PvXLD16lFey8rN5NdwhEjdM8ACgTDpdQUVmJajQbyIvxAQnu_M9h_bSxgxHY6MxF3x_E4nBwkSioHNaNioyI7YmMlH1eXZJcF97B-oIu-3pG0NUpKfbNBEEE75Po1XhALpaZMzoB1g9-cPEVQXSY4YH3EGQNV-yFY_Zvt8MNaZKLzPy3Ta3NKLltuuByTzC0ujCeFBJoe0rpVWtyVni8XkkOZGqhsw9_4dOPqR4tFMzbYHcCXmauy2HJPf6QDbFDIo3EHhda7i4wv36DT6SrzK6UdHTlvsaKIWr5d9LzUgZb9fbmYO9v4EN68L_g5OvEuSSFWAkiULS1g9EDoc-76ZwdLndbxgEPhpu50&cid=CAASBORo2JY&pr=63:0.2364753850025692
Requested by
Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/optad360.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.102.1.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wb-in-f155.1e100.net
Software
cafe /
Resource Hash
a357241d63b459f58c556fe32697a5f0177da218e7000876aafd670c62268f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4605
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
1
serving.stat-rock.com/v1/log/js/ 		35 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1631278444519.747&type=INIT&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fcactussupply519&t=185&v=96&width=528&z=p%3Adf%3Bv%3AinView%3B&r=0.5178321334248963
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
ap8.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 12:54:04 GMT
srvf
78.140.185.32
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
1
serving.stat-rock.com/v1/log/js/ 		35 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1631278444519.747&type=REQUEST&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fcactussupply519&t=193&v=96&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.40496758124574095
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
ap8.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 12:54:04 GMT
srvf
78.140.185.32
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
usync.html
ad.lkqd.net/cookie-sync/ Frame 2827 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 10 Sep 2021 12:54:04 GMT
content-encoding
gzip
content-length
1868
content-type
text/html
last-modified
Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges
bytes
etag
"81f08e6987a7c8675462207e3514d72e"
cache-control
public, max-age=1209600
x-hw
1631278444.cds142.fr8.hn,1631278444.cds226.fr8.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=80755725&m=&rtv=1&thost=ask.fm
Protocol
H2
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 12:54:04 GMT
content-length
0
access-control-allow-origin
https://ask.fm
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
ad
v.lkqd.net/ Frame B9F3 		12 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=80755725&m=&rtv=1&thost=ask.fm
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
1b33cdb7b2a268b367f49f834a2b5bc6d51313a4c9f7cf9e1df8882896b8ab8c

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 10 Sep 2021 12:54:04 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
3217
cs
cs.lkqd.net/ Frame 2827 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:04 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 2827 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:04 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 2827 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:04 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 2827 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:04 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 2827
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7665991417695659745
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7665991417695659745
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:04 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7665991417695659745
pragma
no-cache
date
Fri, 10 Sep 2021 12:54:04 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
1
serving.stat-rock.com/v1/log/js/ 		35 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1631278444519.747&type=OPPORTUNITY&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fcactussupply519&t=277&v=96&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.46124997805100465
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
ap8.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 12:54:04 GMT
srvf
78.140.185.32
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
file.mp4
r3---sn-4g5lznes.c.2mdn.net/videoplayback/id/a94f4d7b3fe25b13/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1662814444/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip...
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/a94f4d7b3fe25b13/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1662814444/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
  • https://r3---sn-4g5lznes.c.2mdn.net/videoplayback/id/a94f4d7b3fe25b13/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1662814444/sparams/acao,ctier,expire,id,ip,ipbits,ita...
2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r3---sn-4g5lznes.c.2mdn.net/videoplayback/id/a94f4d7b3fe25b13/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1662814444/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0A3111254F694F242F79D52E9145F1355092B4F2.65AF1A2EC5C8C73A1859209CF75964D3FC367FE8/key/cms1/cms_redirect/yes/mh/Tu/mip/2a0f:9441:5:0:e7::1/mm/42/mn/sn-4g5lznes/ms/onc/mt/1631277984/mv/u/mvi/3/pl/48/file/file.mp4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:10::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
2c95edb514059559d1aafd3345ece82176c76390deb4225914c4eafface4c3f5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:04 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 06 Aug 2020 18:00:03 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-2260355/2260356
Cache-Control
private, max-age=86400
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2260356
Expires
Fri, 10 Sep 2021 12:54:04 GMT

Redirect headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:04 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r3---sn-4g5lznes.c.2mdn.net/videoplayback/id/a94f4d7b3fe25b13/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1662814444/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0A3111254F694F242F79D52E9145F1355092B4F2.65AF1A2EC5C8C73A1859209CF75964D3FC367FE8/key/cms1/cms_redirect/yes/mh/Tu/mip/2a0f:9441:5:0:e7::1/mm/42/mn/sn-4g5lznes/ms/onc/mt/1631277984/mv/u/mvi/3/pl/48/file/file.mp4
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
649
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/usync/ Frame 992A 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1631278441331
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?cb=1631278441331
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ask.fm/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
/
onetag-sys.com/usync/ Frame 580F 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1631278444214
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?cb=1631278444214
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ask.fm/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
apacdex
sync.quantumdex.io/usersync/ Frame 2183 		3 KB
922 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aea958fc561b6df4a36ba723c33b7ed895f0e6940d927bc5c1e127ee900a04a1

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/apacdex
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ask.fm/
accept-encoding
gzip, deflate, br
cookie
uid=b5238009-f0ef-4e4a-9707-79f4d9c9a4af
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

date
Fri, 10 Sep 2021 12:54:04 GMT
content-type
text/html
set-cookie
uid=b5238009-f0ef-4e4a-9707-79f4d9c9a4af; expires=Thu, 30 Sep 2021 12:54:04 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
68c8cd878ff1176e-FRA
content-encoding
gzip
async_usersync.html
acdn.adnxs.com/dmp/ Frame 8CD3 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ask.fm/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=79558216986088634; anj=dTM7k!M4.FEVNsVF']wIg2E?bqI22o!]tbPl@/j]O5#y!=0vT718@c'g_LlK.y9:@/m7dSkB<_]>hL^=lf)p[fS<Ke6*e(^[ojS<(j#iP(Md+>)fy-DMQbOt; icu=ChgI_t1aEAoYASABKAEw7KrtiQY4AUABSAEKGAjV03UQChgBIAEoATDpqu2JBjgBQAFIARDsqu2JBhgB
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Fri, 03 Sep 2021 04:45:39 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 10 Sep 2021 12:54:04 GMT
Age
29291
X-Served-By
cache-lga21923-LGA, cache-fra19127-FRA
X-Cache
HIT, HIT
X-Cache-Hits
1, 259059
X-Timer
S1631278445.744266,VS0,VE0
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 4850 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ask.fm/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Fri, 10 Sep 2021 12:54:04 GMT
Connection
keep-alive
async_usersync.html
acdn.adnxs.com/dmp/ Frame E916 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ask.fm/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=79558216986088634; anj=dTM7k!M4.FEVNsVF']wIg2E?bqI22o!]tbPl@/j]O5#y!=0vT718@c'g_LlK.y9:@/m7dSkB<_]>hL^=lf)p[fS<Ke6*e(^[ojS<(j#iP(Md+>)fy-DMQbOt; icu=ChgI_t1aEAoYASABKAEw7KrtiQY4AUABSAEKGAjV03UQChgBIAEoATDpqu2JBjgBQAFIARDsqu2JBhgB
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Fri, 03 Sep 2021 04:45:39 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 10 Sep 2021 12:54:04 GMT
Age
29292
X-Served-By
cache-lga21923-LGA, cache-fra19146-FRA
X-Cache
HIT, HIT
X-Cache-Hits
1, 266467
X-Timer
S1631278445.744329,VS0,VE0
Vary
Accept-Encoding
connectmyusers.php
cdn.connectad.io/ Frame 9B0E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
cdn.connectad.io
:scheme
https
:path
/connectmyusers.php?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ask.fm/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

date
Fri, 10 Sep 2021 12:54:04 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
referrer-policy
same-origin
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
68c8cd879afc4e97-FRA
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
onetag-sys.com/usync/ 		0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?tag=img
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
setuid
prebid.a-mo.net/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D8585b578-8fb9-43cd-ba83-4d1240d10b4f%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID
  • https://prebid.a-mo.net/setuid?A=8585b578-8fb9-43cd-ba83-4d1240d10b4f&D=&bidder=pubmatic&uid=CC146F8A-A2DF-4195-B4B5-D84003A697D4
0
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=8585b578-8fb9-43cd-ba83-4d1240d10b4f&D=&bidder=pubmatic&uid=CC146F8A-A2DF-4195-B4B5-D84003A697D4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:04 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=8585b578-8fb9-43cd-ba83-4d1240d10b4f&D=&bidder=pubmatic&uid=CC146F8A-A2DF-4195-B4B5-D84003A697D4
date
Fri, 10 Sep 2021 12:54:04 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
verizon_video
prebid.a-mo.net/setuid/
Redirect Chain
  • https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=8585b578-8fb9-43cd-ba83-4d1240d10b4f
  • https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=8585b578-8fb9-43cd-ba83-4d1240d10b4f&verify=true
  • https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=8585b578-8fb9-43cd-ba83-4d1240d10b4f&apid=UP2dcb61af-1236-11ec-a253-02bfdf4ddc98
  • https://prebid.a-mo.net/setuid/verizon_video?uid=UP2dcb61af-1236-11ec-a253-02bfdf4ddc98&gdpr=0&gdpr_consent=
0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/verizon_video?uid=UP2dcb61af-1236-11ec-a253-02bfdf4ddc98&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:04 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Date
Fri, 10 Sep 2021 12:54:04 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://prebid.a-mo.net/setuid/verizon_video?uid=UP2dcb61af-1236-11ec-a253-02bfdf4ddc98&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
setuid
prebid.a-mo.net/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D8585b578-8fb9-43cd-ba83-4d1240d10b4f%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=8585b578-8fb9-43cd-ba83-4d1240d10b4f&D=&bidder=appnexus&uid=79558216986088634
0
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=8585b578-8fb9-43cd-ba83-4d1240d10b4f&D=&bidder=appnexus&uid=79558216986088634
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:04 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:04 GMT
X-Proxy-Origin
91.199.118.75; 91.199.118.75; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
07c09c9c-0fc1-4c3f-aa36-d9accf4ea09f
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://prebid.a-mo.net/setuid?A=8585b578-8fb9-43cd-ba83-4d1240d10b4f&D=&bidder=appnexus&uid=79558216986088634
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
prebid.a-mo.net/
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D8585b578-8fb9-43cd-ba83-4d1240d10b4f%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D8585b578-8fb9-43cd-ba83-4d1240d10b4f%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://prebid.a-mo.net/setuid?A=8585b578-8fb9-43cd-ba83-4d1240d10b4f&D=&bidder=sovrn&uid=20ded1ad0a4ebf521902437d
0
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=8585b578-8fb9-43cd-ba83-4d1240d10b4f&D=&bidder=sovrn&uid=20ded1ad0a4ebf521902437d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:04 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Date
Fri, 10 Sep 2021 12:54:04 GMT
Server
nginx
Location
https://prebid.a-mo.net/setuid?A=8585b578-8fb9-43cd-ba83-4d1240d10b4f&D=&bidder=sovrn&uid=20ded1ad0a4ebf521902437d
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
prebid.a-mo.net/
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D8585b578-8fb9-43cd-ba83-4d1240d10b4f%26D%3D%26bidder%3Dindex_rtb%26uid%3D
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D8585b578-8fb9-43cd-ba83-4d1240d10b4f%26D%3D%26bidder%3Dindex_rtb%26uid%3D&s=191503&C=1
  • https://prebid.a-mo.net/setuid?A=8585b578-8fb9-43cd-ba83-4d1240d10b4f&D=&bidder=index_rtb&uid=YTtVbOjN.jM4EEKfh0Zp3QAA%261173
0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=8585b578-8fb9-43cd-ba83-4d1240d10b4f&D=&bidder=index_rtb&uid=YTtVbOjN.jM4EEKfh0Zp3QAA%261173
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:04 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://prebid.a-mo.net/setuid?A=8585b578-8fb9-43cd-ba83-4d1240d10b4f&D=&bidder=index_rtb&uid=YTtVbOjN.jM4EEKfh0Zp3QAA%261173
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
321
Expires
Fri, 10 Sep 2021 12:54:04 GMT
1
serving.stat-rock.com/v1/log/js/ 		35 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1631278444519.747&type=LOADED&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fcactussupply519&t=406&v=96&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.3332020379425624
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
ap8.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 12:54:04 GMT
srvf
78.140.185.32
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52f714c3f78011bc97493a37219e75e9edf220b7e9de5e7c3f40d6644c7a3232

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		674 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a59e8d8491b501831dd2cb45a4ef16eb2aa3c8c52a80d185d39e257917472bd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
1
serving.stat-rock.com/v1/log/js/ 		35 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1631278444519.747&type=STARTED&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=VAST&u=https%3A%2F%2Fask.fm%2Fcactussupply519&t=410&v=96&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.4709840312752238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
ap8.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 12:54:04 GMT
srvf
78.140.185.32
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
1
serving.stat-rock.com/v1/log/js/ 		35 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1631278444519.747&type=IMPRESSION&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fcactussupply519&t=410&v=96&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.06448486324518976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
ap8.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 12:54:04 GMT
srvf
78.140.185.32
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
/
adx.adform.net/adx/ssp/imp/ 		35 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adx.adform.net/adx/ssp/imp/?data=7TnbnHB7PJ0BFgKzI9_MZrjRvvgPQNTSgds5ewra8_q1k8yWv930JJWWQIVCwURCCLpofqeeD2ZXJE3PR5kQ28oRzkJ5Wl6Nx690QEReIwH827lDENmztfzx3lbLJO_UGC3O272hNxjEzp8ZINpHCorYwEHBxMZCCf_6GD3sCReDr6itlVhbtA2&adxvars=JdTz6gDGQD4E2Efb994J9DCEqHrBWcQGf_7Zv19A_TpWft3OUgzq9HHuB2Ai5n1E6WJncinS6OAfob7gS13HWBevHIzuhoqQokPuNEAiD8PDp5L_oCu607cHeDDnRrJ67aTvvMJ20RrzXO-2AAv9vUXT-fK69Er7n6wwdMRoyduCi_PanoO4oam4z6nvQ6UjKWxs1mpGzZ6HIY-QSVMd3Q2&ord=826950
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:04 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
expires
-1
pixel
cm.adform.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adform
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=adform&ssp_user_id=d9baeb63-b8bf-4e5e-80a1-f874d429193b
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=180896394&expires=5&ssp=adform
  • https://cm.adform.net/pixel?adform_pid=3&adform_pc=d9baeb63-b8bf-4e5e-80a1-f874d429193b&adform_v=1
43 B
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=3&adform_pc=d9baeb63-b8bf-4e5e-80a1-f874d429193b&adform_v=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:04 GMT
last-modified
Wed, 10 Apr 2019 10:06:26 GMT
server
nginx
accept-ranges
bytes
etag
"5cadc022-2b"
content-length
43
content-type
image/gif

Redirect headers

location
//cm.adform.net/pixel?adform_pid=3&adform_pc=d9baeb63-b8bf-4e5e-80a1-f874d429193b&adform_v=1
date
Fri, 10 Sep 2021 12:54:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.adform.net/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID
  • https://cm.adform.net/pixel?adform_pid=16&adform_pc=79558216986088634
43 B
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=16&adform_pc=79558216986088634
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:04 GMT
last-modified
Wed, 10 Apr 2019 10:06:26 GMT
server
nginx
accept-ranges
bytes
etag
"5cadc022-2b"
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:04 GMT
X-Proxy-Origin
91.199.118.75; 91.199.118.75; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
483dda0b-ca0a-4765-a7ba-da847ea0188d
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.adform.net/pixel?adform_pid=16&adform_pc=79558216986088634
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.adform.net/
Redirect Chain
  • https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID
  • https://cm.adform.net/pixel?adform_pid=18&adform_pc=5fd069ab-2ce8-43cf-ba14-78fb7c6cedfe
43 B
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=18&adform_pc=5fd069ab-2ce8-43cf-ba14-78fb7c6cedfe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:04 GMT
last-modified
Wed, 10 Apr 2019 10:06:26 GMT
server
nginx
accept-ranges
bytes
etag
"5cadc022-2b"
content-length
43
content-type
image/gif

Redirect headers

Location
https://cm.adform.net/pixel?adform_pid=18&adform_pc=5fd069ab-2ce8-43cf-ba14-78fb7c6cedfe
Date
Fri, 10 Sep 2021 12:54:04 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
view
googleads4.g.doubleclick.net/pcs/ 		0
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssWckyFh3B88rxRNKQmG7rwbRQcqlaqdZ0DxDMdSW1VtAme3FIbV-f_EwoUh17269egC4fXzN0OzGiEndiV6gEOT_EZRHkxOCoyT8FUaq9xX54hPBWT2NcJpvK1p325q98l7sbCccRN3jKQLD-ne03mMr1ttdf2uvybdDarj16q041MfyiZbfGKR_cRLoDgPHNfSr99Qm8I8MIUiYY8meDarpKL-HpmTvRXZ7NOr8Z6CEQrMu-xSxnEAp7C1-ySk7QZQnKjO0TyRKkFNZn0P_h1huTKh7gItriXnFH34ABDNRPhymEAbZ0cfFu8pQEr6T4LsOR3RtNZxq8TtJZkswQyw-CECPKjCkeSvu__HwnpeHuEtOWlLByjUM1AHpWtjQ2Lq_WFvKb7UwmcpGyXMZ196jtu0s_hZRjqdh4sHxr_de0tL-x-76VM6Vek7iu-4dF27ZlPSlxMLSoslM8llhQrWki7-jOdySbpJOx6yrYcv_nQ_mn1LMpzmMo-t8Kgdzus_Vk49rl9Pltih22aD_I0N1z_NhKcNiZn9oGozzdvf2l68071NYL2pQW9GrVOIZLULow2R_ifNCGjW-joDJAagZeMRdk-hfmaeH6aO_35M30muvY28lG1369Qf8Yn30RC-ykR9ymZdmEqfzJGkaEYOEdRxmtP1_hdSEnLwYeagcWGXOi_yEYbnzwJCOsLR5WRBIoHR4Xx4eEBuZswPoIrYBMATZrTwfN_xEtZ_iQIAC7NsPk5w_Klz9NCU4drMKn6Xq9gWZy-v2AdQIWniOnohK20sIYxWbtPT9gcYlLqMJZ0F8HPKugJEiLjcj7aTjn1qxYCG2nZCLMZMNP1ba1_oJrDvR3GQ5Hxw-KxCooCEksG5c522GijSg2ejLdjOu_SeW48UojRkKNp73jJmnatGlORR3__Ly0-8JqUDZ3GgtJ0RIWeopXc-eaLNCJ-VlG8bUTMk_BJUDeJ7NZA4aRV9wVsKPx_Z6R0CsH3NtQrIqc-I7wNggt4xNbIBPU6DpoatvZq2Hrr1E7AfOIU9os&sai=AMfl-YR6AQ-B1QkhbfWkuW-ciIkEUWTCjx335sJKZEUJz5AA8odQ9QIwvS1yNoi8izjkR3y1Vy9Ne2v8g9vlbojoIYQTPR4F32QD8r1PdrNjuPzfdkxnZkMVAjTL5Z4PuLxRB3d1&sig=Cg0ArKJSzAgB6_ZOvQITEAE&pr=63:0.2364753850025692&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Fri, 10 Sep 2021 12:54:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
/
cm.adsafety.net/
Redirect Chain
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-8yQIQ78_RAhj1l86BASABMAE&v=APEucNULsNOMp16uphWUVVhu7lRg-Wvu-DvBgpOEc3X4HiLmsGOkwK9tnpXO3jZi7Sj_DQnR8_-cXnhBCLhylf6mMPOJeHnZH5CINDxBou9akXh_cVVzzx0
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm&gdpr=0
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&gdpr=0&google_gid=CAESECaE8iQXIwxrZfyccA7gCCw&google_cver=1
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESECaE8iQXIwxrZfyccA7gCCw&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=3bfbe5e470cd903478c794471556b2b9&uid=3bfbe5e470cd903478c794471556b...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1
  • https://cm.adsafety.net/?_cmsrc=ttdx&idt=100&did=41ea13fe-0ad5-4532-a924-7a4ded1cc58a
  • https://tags.adsafety.net/v1/cm?cm_uid=CM12021091012f0f451a7d65b61b7b14&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Ddefault%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D
  • https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=default&idt=100&did=3bfbe5e470cd903478c794471556b2b9
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=default&idt=100&did=3bfbe5e470cd903478c794471556b2b9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.82.217.103 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:05 GMT
Last-Modified
Fri, 10 Sep 2021 12:54:05 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection
keep-alive
Expires
Mon, 28 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:05 GMT
Last-Modified
Fri, 10 Sep 2021 12:54:05 GMT
Server
nginx
Location
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=default&idt=100&did=3bfbe5e470cd903478c794471556b2b9
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
post-check=0, pre-check=0
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
t
t.lkqd.net/ Frame 2C78 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 12:54:04 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 12:54:04 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
truncated
/ Frame B9F3 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
vpaid_44854a27.js
vpaid.springserve.com/production/ Frame 6BD9 		487 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_44854a27.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:b000:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
11e41d859e2bb2f97068bbbffff15522b7852828e938a464164ffbad62cfa389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Aug 2021 15:01:09 GMT
content-encoding
br
last-modified
Wed, 25 Aug 2021 15:00:31 GMT
server
AmazonS3
age
1374776
etag
W/"d48d9d8b9aa42be3c59a03030903498a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
-ArSGEWbmmQM5Max2rxjyOntc6fsdjtcjXmu25UwnWDwNZuYw5IvRg==
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame F905 		0
758 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Cookie
CMID=YTtVbOjN.jM4EEKfh0Zp3QAA; CMPS=5226; CMPRO=1173; CMST=YTtVbGE7VWwA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Accept-Ranges
bytes
Content-Length
0
Content-Type
text/html
ETag
"0"
Last-Modified
Fri, 18 Sep 2020 03:08:00 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Fri, 10 Sep 2021 12:54:04 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:04 GMT
Connection
keep-alive
Set-Cookie
CMID=YTtVbOjN.jM4EEKfh0Zp3QAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 10 Sep 2022 12:54:04 GMT CMPS=5226;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 09 Dec 2021 12:54:04 GMT CMPRO=1173;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 09 Dec 2021 12:54:04 GMT
1
serving.stat-rock.com/v1/log/js/ 		35 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1631278444519.747&type=VIEWED_0&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&typeA=PRE&contentTypeA=VIDEO&u=https%3A%2F%2Fask.fm%2Fcactussupply519&t=530&v=96&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.7969924604498075
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
ap8.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 12:54:04 GMT
srvf
78.140.185.32
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
dc_oe=ChMIibbh4bn08gIVaUH2CB1KBQ5WEAAYACCA9OpAQhMIx-jL4bn08gIVA48nAh2RvwU4;met=1;ecn1=1;etm1=0;eid1=11;
ade.googlesyndication.com/ddm/activity/ 		42 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIibbh4bn08gIVaUH2CB1KBQ5WEAAYACCA9OpAQhMIx-jL4bn08gIVA48nAh2RvwU4;met=1;ecn1=1;etm1=0;eid1=11;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 8CD3 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:04 GMT
X-Proxy-Origin
91.199.118.75; 91.199.118.75; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
79cc38ba-1018-4c40-b2ad-aef857a5294e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame E916 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:04 GMT
X-Proxy-Origin
91.199.118.75; 91.199.118.75; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
c15b44d1-2d17-4478-9c51-13ffcde7f1f8
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame 6BD9 		0
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_44854a27.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.100.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-100-70.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ask.fm
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ Frame 6BD9 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_44854a27.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
f40b905db28a7e80d8dfff3d9814bba89fe2760ecc06035942ec58591c0de8d2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:04 GMT
X-Proxy-Origin
91.199.118.75; 91.199.118.75; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
9df469c1-e199-46e2-8f8b-1dfb31e22595
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 2183
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=79558216986088634
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=79558216986088634
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
68c8cd88f9ff176e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:04 GMT
X-Proxy-Origin
91.199.118.75; 91.199.118.75; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
87925c9f-ed9c-4997-a0b8-a22f95d38844
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=79558216986088634
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 2183
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
68c8cd892a4a176e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:04 GMT
server
Tengine
etag
OPTOUT
content-type
text/html
location
https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT
cache-control
no-store, no-cache, must-revalidate
expires
0
setuid
sync.quantumdex.io/ Frame 2183
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP2dcb61af-1236-11ec-a253-02bfdf4ddc98
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP2dcb61af-1236-11ec-a253-02bfdf4ddc98
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP2dcb61af-1236-11ec-a253-02bfdf4ddc98
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
68c8cd893a5f176e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Fri, 10 Sep 2021 12:54:04 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP2dcb61af-1236-11ec-a253-02bfdf4ddc98
Connection
keep-alive
Content-Length
0
1.gif
id5-sync.com/c/495/0/0/ Frame 2183
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.47 Sheridan, United States, ASN16276 (OVH, FR),
Reverse DNS
p02.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:02 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

Location
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Date
Fri, 10 Sep 2021 12:54:02 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
us
sync.go.sonobi.com/ Frame 2183 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:04 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame 2183
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=46c81401-87b4-446f-8acb-a6d19d6802e2
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=46c81401-87b4-446f-8acb-a6d19d6802e2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
68c8cd892a48176e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=46c81401-87b4-446f-8acb-a6d19d6802e2
date
Fri, 10 Sep 2021 12:54:04 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame 2183
Redirect Chain
  • https://ms.quantumdex.io/user/sync/quantumdex
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=6d0a5a0d-e7fa-4c28-809c-918f2e0fa7b2
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=6d0a5a0d-e7fa-4c28-809c-918f2e0fa7b2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
68c8cd898ae1176e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=6d0a5a0d-e7fa-4c28-809c-918f2e0fa7b2
date
Fri, 10 Sep 2021 12:54:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
68c8cd88e9f0176e-FRA
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
setuid
sync.quantumdex.io/ Frame 2183
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=79558216986088634
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=79558216986088634
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
68c8cd892a42176e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:04 GMT
X-Proxy-Origin
91.199.118.75; 91.199.118.75; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
c38c92c2-2965-4dcb-bdfa-3077f96a5a9f
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=79558216986088634
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 2183
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=20ded1ad0a4ebf521902437d
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=20ded1ad0a4ebf521902437d
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
68c8cd891a32176e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Fri, 10 Sep 2021 12:54:04 GMT
Server
nginx
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=20ded1ad0a4ebf521902437d
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
sync.quantumdex.io/ Frame 2183
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-HgBxBZlE2uGL_Wpw3koGMArz5aYB66MxTxgTonI-~A
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-HgBxBZlE2uGL_Wpw3koGMArz5aYB66MxTxgTonI-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
68c8cd892a44176e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Fri, 10 Sep 2021 12:54:04 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-HgBxBZlE2uGL_Wpw3koGMArz5aYB66MxTxgTonI-~A
Connection
keep-alive
Content-Length
0
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 39A7 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
091e7752097d92c1b923c87ab56a547d190f2bdf0b53ab666622ea1bd45a3d25

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Cookie
CMID=YTtVbOjN.jM4EEKfh0Zp3QAA; CMPS=5226; CMPRO=1173; CMST=YTtVbGE7VWwA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|39|45|241|176|64|13|191
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1689
Expires
Fri, 10 Sep 2021 12:54:04 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:04 GMT
Connection
keep-alive
Set-Cookie
CMID=YTtVbOjN.jM4EEKfh0Zp3QAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 10 Sep 2022 12:54:04 GMT CMPS=5226;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 09 Dec 2021 12:54:04 GMT CMPRO=1173;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 09 Dec 2021 12:54:04 GMT CMRUM3=0d613b556c05a0&bf613b556c05a0&f1613b556c05a0&b0613b556c05a00&e6613b556c2760&40613b556c05a0&2d613b556c05a0&27613b556c0b40;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 10 Sep 2022 12:54:04 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E27F 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=CC146F8A-A2DF-4195-B4B5-D84003A697D4; chkChromeAb67Sec=1; DPSync3=1632441600%3A201_197_219%7C1631318400%3A174; SyncRTB3=1631836800%3A223_2_15%7C1632528000%3A35%7C1633824000%3A203%7C1632096000%3A63%7C1632441600%3A54_81_189_7_165_230_88_161_22_231_220_3_166_176_21_8_204_222_55_13_56_71_234_99; KRTBCOOKIE_1101=23040-7006287554795206796; PUBMDCID=3; KRTBCOOKIE_391=22924-7339593317579984733&KRTB&23263-7339593317579984733; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; KRTBCOOKIE_409=22966-lVmvfVRNQgYj0aC6bZu6XdXG; KRTBCOOKIE_57=22776-79558216986088634; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_80=22987-CAESEO51ZGjfYrPEJbupjfhZHSg&KRTB&16514-CAESEO51ZGjfYrPEJbupjfhZHSg&KRTB&23025-CAESEO51ZGjfYrPEJbupjfhZHSg; KRTBCOOKIE_22=14911-7665991417695659745; KRTBCOOKIE_153=19420-4iDCA-EkxwD5IcFU4iDcWLclxlD5JskFsSDqh6M2&KRTB&22979-4iDCA-EkxwD5IcFU4iDcWLclxlD5JskFsSDqh6M2; KRTBCOOKIE_27=16735-uid:981f613b-5569-4400-b0a4-0801701c12bf&KRTB&16736-uid:981f613b-5569-4400-b0a4-0801701c12bf&KRTB&23019-uid:981f613b-5569-4400-b0a4-0801701c12bf&KRTB&23114-uid:981f613b-5569-4400-b0a4-0801701c12bf; KRTBCOOKIE_336=5844-5682155580754221045; SPugT=1631278442; KRTBCOOKIE_466=16530-d9baeb63-b8bf-4e5e-80a1-f874d429193b; KRTBCOOKIE_1074=22956-e_11738dd5-e334-48db-acfc-6d0d273aa84d; KRTBCOOKIE_377=6810-41ea13fe-0ad5-4532-a924-7a4ded1cc58a&KRTB&22918-41ea13fe-0ad5-4532-a924-7a4ded1cc58a&KRTB&23031-41ea13fe-0ad5-4532-a924-7a4ded1cc58a; KRTBCOOKIE_218=22978-YTtVagAAAmZurQA6&KRTB&23194-YTtVagAAAmZurQA6&KRTB&23209-YTtVagAAAmZurQA6&KRTB&23244-YTtVagAAAmZurQA6; PugT=1631278440; pp=156498; PMDTSHR=cat:
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=33794
expires
Fri, 10 Sep 2021 22:17:18 GMT
date
Fri, 10 Sep 2021 12:54:04 GMT
vary
Accept-Encoding
Cookie set uc.html
sync.go.sonobi.com/ Frame 6F7B 		43 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Date
Fri, 10 Sep 2021 12:54:04 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s57129|YTtVb; path=/; domain=.go.sonobi.com
/
onetag-sys.com/usync/ Frame C7FB 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
t
t.lkqd.net/ Frame 2C78 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 12:54:05 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 12:54:05 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
PugMaster
image6.pubmatic.com/AdServer/ Frame E27F 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=15804954&p=156498&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0bd268b65711e333aa0bfbe06ce8011ce4377fcdee457a2ebb2451a238f17c21

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1594
content-type
text/html; charset=UTF-8
cors
data.ad-score.com/data/ Frame 6C43 		1 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=RSQGGJYfEXmupzWoXrNmEpEveIZlFxPQ-FE7fPshldVrqKDwc0HLJEULAPg==-E0zCPc9laVXmNg==&pm_ct=c4db0bb0f08bd7294afabbba&pm_pl=1631278442625&pm_td=2388&pid=1000791&en=1.1&callback=__pm_glbl_eV2OWD47z32DMOckkBATKNMu._gc7&tt=g&v=01ec985
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000791&tt=g
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://eu.sportradarserving.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://eu.sportradarserving.com
Date
Fri, 10 Sep 2021 12:54:05 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
usermatchredir
ssum-sec.casalemedia.com/ Frame 39A7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YTtVbOjN-jM4EEKfh0Zp3QAABJUAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELfk1fqXGTFQHnIXJ7XiLCc&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELfk1fqXGTFQHnIXJ7XiLCc&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 10 Sep 2021 12:54:05 GMT

Redirect headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELfk1fqXGTFQHnIXJ7XiLCc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 39A7 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:05 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 39A7
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YTtVbOjN.jM4EEKfh0Zp3QAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN-Gs9HvgVhtihG7Ppq170c&google_cver=1&gdpr=1&google_hm=2
43 B
1010 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN-Gs9HvgVhtihG7Ppq170c&google_cver=1&gdpr=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 10 Sep 2021 12:54:05 GMT

Redirect headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN-Gs9HvgVhtihG7Ppq170c&google_cver=1&gdpr=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 39A7
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YTtVbOjN-jM4EEKfh0Zp3QAABJUAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YTtVbOjN-jM4EEKfh0Zp3QAABJUAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YTtVbOjN-jM4EEKfh0Zp3QAABJUAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:05 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
7M3M9GFDBDWFD7JBSMD9
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:05 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
TZ2XDS25K58Y3F9ZG91X
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YTtVbOjN-jM4EEKfh0Zp3QAABJUAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
113
match.deepintent.com/usersync/ Frame 39A7 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:06 GMT
content-length
0
server
b
rum
dsum-sec.casalemedia.com/ Frame 39A7
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1633870445
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1633870445
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 10 Sep 2021 12:54:05 GMT

Redirect headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:04 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1633870445
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
crum
dsum-sec.casalemedia.com/ Frame 39A7
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06b12204021570d529829543&expiration=[EXPIRATION]&gdpr=1
43 B
1007 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06b12204021570d529829543&expiration=[EXPIRATION]&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 10 Sep 2021 12:54:05 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06b12204021570d529829543&expiration=[EXPIRATION]&gdpr=1
Date
Fri, 10 Sep 2021 12:54:05 GMT
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Content-Length
0
Vary
Origin
index
dmp.brand-display.com/cm/api/ Frame 39A7 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.40.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
233.40.241.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:09 GMT
via
1.1 google
last-modified
Fri, 10 Sep 2021 12:54:09 GMT
server
nginx/1.20.1
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc
clear
content-length
43
expires
Fri, 10 Sep 2021 12:54:10 GMT
setuid
sync.quantumdex.io/ Frame 39A7 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YTtVbOjN-jM4EEKfh0Zp3QAABJUAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
68c8cd896ab3176e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
Pug
simage2.pubmatic.com/AdServer/ Frame 4EDA
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:W6couTJp1MoG2D5&gdpr=0&gdpr_consent=
42 B
365 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:W6couTJp1MoG2D5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:W6couTJp1MoG2D5&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=CC146F8A-A2DF-4195-B4B5-D84003A697D4; KRTBCOOKIE_1101=23040-7006287554795206796; PUBMDCID=3; KRTBCOOKIE_391=22924-7339593317579984733&KRTB&23263-7339593317579984733; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; KRTBCOOKIE_409=22966-lVmvfVRNQgYj0aC6bZu6XdXG; KRTBCOOKIE_57=22776-79558216986088634; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_80=22987-CAESEO51ZGjfYrPEJbupjfhZHSg&KRTB&16514-CAESEO51ZGjfYrPEJbupjfhZHSg&KRTB&23025-CAESEO51ZGjfYrPEJbupjfhZHSg; KRTBCOOKIE_22=14911-7665991417695659745; KRTBCOOKIE_153=19420-4iDCA-EkxwD5IcFU4iDcWLclxlD5JskFsSDqh6M2&KRTB&22979-4iDCA-EkxwD5IcFU4iDcWLclxlD5JskFsSDqh6M2; KRTBCOOKIE_27=16735-uid:981f613b-5569-4400-b0a4-0801701c12bf&KRTB&16736-uid:981f613b-5569-4400-b0a4-0801701c12bf&KRTB&23019-uid:981f613b-5569-4400-b0a4-0801701c12bf&KRTB&23114-uid:981f613b-5569-4400-b0a4-0801701c12bf; KRTBCOOKIE_336=5844-5682155580754221045; SPugT=1631278442; KRTBCOOKIE_466=16530-d9baeb63-b8bf-4e5e-80a1-f874d429193b; KRTBCOOKIE_1074=22956-e_11738dd5-e334-48db-acfc-6d0d273aa84d; KRTBCOOKIE_377=6810-41ea13fe-0ad5-4532-a924-7a4ded1cc58a&KRTB&22918-41ea13fe-0ad5-4532-a924-7a4ded1cc58a&KRTB&23031-41ea13fe-0ad5-4532-a924-7a4ded1cc58a; KRTBCOOKIE_218=22978-YTtVagAAAmZurQA6&KRTB&23194-YTtVagAAAmZurQA6&KRTB&23209-YTtVagAAAmZurQA6&KRTB&23244-YTtVagAAAmZurQA6; PugT=1631278440; pp=156498; PMDTSHR=cat:; chkChromeAb67Sec=2; DPSync3=1633824000%3A232%7C1632441600%3A219_221_226_227_201_197%7C1631318400%3A174; SyncRTB3=1632441600%3A189_204_222_99_5_233_231_104_230_166_57_165_3_56_220_13_88_71_54_22_55_234_81_7_176_21_8_161%7C1631836800%3A15_2_223%7C1632096000%3A63%7C1632528000%3A35%7C1636416000%3A69%7C1633824000%3A203
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 10 Sep 2021 12:54:02 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_107=1471-uid:W6couTJp1MoG2D5; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 09-Dec-2021 12:54:02 GMT; path=/ PugT=1631278442; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 10-Oct-2021 12:54:02 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 09-Dec-2021 12:54:02 GMT; path=/
x-lat
amspug010:0:427
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Fri, 10 Sep 2021 12:54:04 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:W6couTJp1MoG2D5&gdpr=0&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/v2.0.30-675-ga433434#rel-ec2-master i-0ba344ce46fae568e@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Set-Cookie
wfivefivec=W6couTJp1MoG2D5; Domain=.w55c.net; Expires=Mon, 10-Oct-2022 12:54:05 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Sun, 10-Oct-2021 12:54:05 GMT; Path=/; SameSite=None; Secure
Strict-Transport-Security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
usersync
match.bnmla.com/ Frame CF85 		0
114 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.101 Chestertown, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
match.bnmla.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Fri, 10 Sep 2021 12:54:05 GMT
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame EAE1
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:86E2B97FD4BE4D80BA4F5649A31717F8
1 B
164 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:86E2B97FD4BE4D80BA4F5649A31717F8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:86E2B97FD4BE4D80BA4F5649A31717F8
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=CC146F8A-A2DF-4195-B4B5-D84003A697D4; KRTBCOOKIE_1101=23040-7006287554795206796; PUBMDCID=3; KRTBCOOKIE_391=22924-7339593317579984733&KRTB&23263-7339593317579984733; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; KRTBCOOKIE_409=22966-lVmvfVRNQgYj0aC6bZu6XdXG; KRTBCOOKIE_57=22776-79558216986088634; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_80=22987-CAESEO51ZGjfYrPEJbupjfhZHSg&KRTB&16514-CAESEO51ZGjfYrPEJbupjfhZHSg&KRTB&23025-CAESEO51ZGjfYrPEJbupjfhZHSg; KRTBCOOKIE_22=14911-7665991417695659745; KRTBCOOKIE_153=19420-4iDCA-EkxwD5IcFU4iDcWLclxlD5JskFsSDqh6M2&KRTB&22979-4iDCA-EkxwD5IcFU4iDcWLclxlD5JskFsSDqh6M2; KRTBCOOKIE_27=16735-uid:981f613b-5569-4400-b0a4-0801701c12bf&KRTB&16736-uid:981f613b-5569-4400-b0a4-0801701c12bf&KRTB&23019-uid:981f613b-5569-4400-b0a4-0801701c12bf&KRTB&23114-uid:981f613b-5569-4400-b0a4-0801701c12bf; KRTBCOOKIE_336=5844-5682155580754221045; SPugT=1631278442; KRTBCOOKIE_466=16530-d9baeb63-b8bf-4e5e-80a1-f874d429193b; KRTBCOOKIE_1074=22956-e_11738dd5-e334-48db-acfc-6d0d273aa84d; KRTBCOOKIE_377=6810-41ea13fe-0ad5-4532-a924-7a4ded1cc58a&KRTB&22918-41ea13fe-0ad5-4532-a924-7a4ded1cc58a&KRTB&23031-41ea13fe-0ad5-4532-a924-7a4ded1cc58a; KRTBCOOKIE_218=22978-YTtVagAAAmZurQA6&KRTB&23194-YTtVagAAAmZurQA6&KRTB&23209-YTtVagAAAmZurQA6&KRTB&23244-YTtVagAAAmZurQA6; PugT=1631278440; pp=156498; PMDTSHR=cat:; chkChromeAb67Sec=2; DPSync3=1633824000%3A232%7C1632441600%3A219_221_226_227_201_197%7C1631318400%3A174; SyncRTB3=1632441600%3A189_204_222_99_5_233_231_104_230_166_57_165_3_56_220_13_88_71_54_22_55_234_81_7_176_21_8_161%7C1631836800%3A15_2_223%7C1632096000%3A63%7C1632528000%3A35%7C1636416000%3A69%7C1633824000%3A203
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 10 Sep 2021 12:54:03 GMT
content-type
text/html; charset=utf-8
content-length
1
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 09-Dec-2021 12:54:03 GMT; path=/
x-lat
amspug012:0:380
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
nginx
date
Fri, 10 Sep 2021 12:54:05 GMT
content-type
text/html
content-length
154
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:86E2B97FD4BE4D80BA4F5649A31717F8
expires
Thu, 09 Sep 2021 12:54:05 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Pug
simage2.pubmatic.com/AdServer/ Frame 9BF9
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=0O7K_XN1RgZyFzgtinfBulvHdks
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=0O7K_XN1RgZyFzgtinfBulvHdks
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=0O7K_XN1RgZyFzgtinfBulvHdks
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=CC146F8A-A2DF-4195-B4B5-D84003A697D4; KRTBCOOKIE_1101=23040-7006287554795206796; PUBMDCID=3; KRTBCOOKIE_391=22924-7339593317579984733&KRTB&23263-7339593317579984733; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; KRTBCOOKIE_409=22966-lVmvfVRNQgYj0aC6bZu6XdXG; KRTBCOOKIE_57=22776-79558216986088634; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_80=22987-CAESEO51ZGjfYrPEJbupjfhZHSg&KRTB&16514-CAESEO51ZGjfYrPEJbupjfhZHSg&KRTB&23025-CAESEO51ZGjfYrPEJbupjfhZHSg; KRTBCOOKIE_22=14911-7665991417695659745; KRTBCOOKIE_153=19420-4iDCA-EkxwD5IcFU4iDcWLclxlD5JskFsSDqh6M2&KRTB&22979-4iDCA-EkxwD5IcFU4iDcWLclxlD5JskFsSDqh6M2; KRTBCOOKIE_27=16735-uid:981f613b-5569-4400-b0a4-0801701c12bf&KRTB&16736-uid:981f613b-5569-4400-b0a4-0801701c12bf&KRTB&23019-uid:981f613b-5569-4400-b0a4-0801701c12bf&KRTB&23114-uid:981f613b-5569-4400-b0a4-0801701c12bf; KRTBCOOKIE_336=5844-5682155580754221045; SPugT=1631278442; KRTBCOOKIE_466=16530-d9baeb63-b8bf-4e5e-80a1-f874d429193b; KRTBCOOKIE_1074=22956-e_11738dd5-e334-48db-acfc-6d0d273aa84d; KRTBCOOKIE_377=6810-41ea13fe-0ad5-4532-a924-7a4ded1cc58a&KRTB&22918-41ea13fe-0ad5-4532-a924-7a4ded1cc58a&KRTB&23031-41ea13fe-0ad5-4532-a924-7a4ded1cc58a; KRTBCOOKIE_218=22978-YTtVagAAAmZurQA6&KRTB&23194-YTtVagAAAmZurQA6&KRTB&23209-YTtVagAAAmZurQA6&KRTB&23244-YTtVagAAAmZurQA6; pp=156498; PMDTSHR=cat:; chkChromeAb67Sec=2; DPSync3=1633824000%3A232%7C1632441600%3A219_221_226_227_201_197%7C1631318400%3A174; SyncRTB3=1632441600%3A189_204_222_99_5_233_231_104_230_166_57_165_3_56_220_13_88_71_54_22_55_234_81_7_176_21_8_161%7C1631836800%3A15_2_223%7C1632096000%3A63%7C1632528000%3A35%7C1636416000%3A69%7C1633824000%3A203; KRTBCOOKIE_107=1471-uid:W6couTJp1MoG2D5; PugT=1631278442
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 10 Sep 2021 12:54:04 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_860=16335-0O7K_XN1RgZyFzgtinfBulvHdks; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 09-Dec-2021 12:54:04 GMT; path=/ PugT=1631278444; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 10-Oct-2021 12:54:04 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 09-Dec-2021 12:54:04 GMT; path=/
x-lat
amspug009:0:387
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Fri, 10 Sep 2021 12:54:05 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=0O7K_XN1RgZyFzgtinfBulvHdks
Set-Cookie
sa-user-id=s%3A0-d0eecafd-7375-4606-7217-382d8a77c1ba.ODrt5MvxNL7olPQjX6C0rgKLM1L6Bwd55%2FZWLVAGOYg; Max-Age=31536000; Secure; SameSite=None sa-user-id-v2=s%3A0-d0eecafd-7375-4606-7217-382d8a77c1ba%24ip%2491.199.118.75.Ch2MhiMlOXFDjIFYTKDgMMIA02Pfb2DZ%2F0VdhkVa1YE; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length
159
Connection
keep-alive
setuid
sync.quantumdex.io/ Frame 5703 		43 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=CC146F8A-A2DF-4195-B4B5-D84003A697D4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/setuid?bidder=pubmatic&uid=CC146F8A-A2DF-4195-B4B5-D84003A697D4
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
uid=b5238009-f0ef-4e4a-9707-79f4d9c9a4af
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 10 Sep 2021 12:54:05 GMT
content-type
image/gif
content-length
43
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
68c8cd898ad5176e-FRA
Artemis
aud.pubmatic.com/AdServer/ Frame E27F
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=CC146F8A-A2DF-4195-B4B5-D84003A697D4&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=CC146F8A-A2DF-4195-B4B5-D84003A697D4&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CC146F8A-A2DF-4195-B4B5-D84003A697D4&addseg=19,36,42
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CC146F8A-A2DF-4195-B4B5-D84003A697D4&addseg=19,36,42
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.87 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:05 GMT
content-length
43
content-type
text/plain; charset=utf-8

Redirect headers

date
Fri, 10 Sep 2021 12:54:05 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CC146F8A-A2DF-4195-B4B5-D84003A697D4&addseg=19,36,42
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
info
uipglob.semasio.net/pubmatic/1/ Frame E27F 		42 B
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=CC146F8A-A2DF-4195-B4B5-D84003A697D4&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
uip-response-status
FallbackResponse
date
Fri, 10 Sep 2021 12:54:03 GMT
frontend-id
10
content-length
42
routing-server-id
-1
content-type
image/gif
mw
mwzeom.zeotap.com/ Frame E27F 		95 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=CC146F8A-A2DF-4195-B4B5-D84003A697D4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:05 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
68c8cd89ae46535d-FRA
access-control-allow-headers
*
content-length
95
/
loadm.exelator.com/load/ Frame E27F 		0
755 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=71&buid=CC146F8A-A2DF-4195-B4B5-D84003A697D4&gdpr=0&gdpr_consent=&j=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:05 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
Pug
simage2.pubmatic.com/AdServer/ Frame E27F
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=2e2bd096-1236-11ec-a321-f1a78009e55e&gdpr=0&gdpr_consent=
1 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=2e2bd096-1236-11ec-a321-f1a78009e55e&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:04 GMT
cache-control
no-store, no-cache, private
x-lat
amspug008:0:431
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=2e2bd096-1236-11ec-a321-f1a78009e55e&gdpr=0&gdpr_consent=
Date
Fri, 10 Sep 2021 12:54:05 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
2e2bd097-1236-11ec-a321-f1a78009e55e
48953915
mc.yandex.com/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=2&wv-hit=668703111&page-url=https%3A%2F%2Fask.fm%2Fcactussupply519&rn=374821047&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1631278445%3Aw%3A1600x1200%3Av%3A631%3Az%3A0%3Ai%3A202109010125405%3Au%3A1631278440708263106%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1631278445
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:05 GMT
last-modified
Fri, 10-Sep-2021 12:54:05 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 10-Sep-2021 12:54:05 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 6BD9 		965 B
845 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&schain=1.0,1!vidoomy.com,54345,1,1631278444731,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_44854a27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
6cf6ab2c1c2e716672d1b3cca8888126ac52b19614d274e176f70dd0435ba20d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:05 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
593
expires
Fri, 10 Sep 2021 12:54:05 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 889A 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&schain=1.0,1!vidoomy.com,54345,1,1631278444731,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:05 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
storage.html
moe.video/ Frame B885 		18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moe.video/storage.html?v=08
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.52 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f29.moevideo.net
Software
nginx /
Resource Hash
55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Host
moe.video
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://moevideo.biz/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/

Response headers

Server
nginx
Date
Fri, 10 Sep 2021 12:54:05 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 30 Aug 2021 11:44:05 GMT
ETag
W/"612cc485-4783"
X-My-Name
s46
X-My-Reqtime
0.095
X-B-Name
f29
Content-Encoding
gzip
truncated
/ Frame DB5C 		313 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6add357eb64adef558f956767816927de0b8be69dd7a8f50953a0f79ee20daee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
showad.js
ads.pubmatic.com/AdServer/js/ Frame CE22 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&schain=1.0,1!vidoomy.com,54345,1,1631278444731,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=CC146F8A-A2DF-4195-B4B5-D84003A697D4; KRTBCOOKIE_1101=23040-7006287554795206796; PUBMDCID=3; KRTBCOOKIE_391=22924-7339593317579984733&KRTB&23263-7339593317579984733; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; KRTBCOOKIE_409=22966-lVmvfVRNQgYj0aC6bZu6XdXG; KRTBCOOKIE_57=22776-79558216986088634; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_80=22987-CAESEO51ZGjfYrPEJbupjfhZHSg&KRTB&16514-CAESEO51ZGjfYrPEJbupjfhZHSg&KRTB&23025-CAESEO51ZGjfYrPEJbupjfhZHSg; KRTBCOOKIE_22=14911-7665991417695659745; KRTBCOOKIE_153=19420-4iDCA-EkxwD5IcFU4iDcWLclxlD5JskFsSDqh6M2&KRTB&22979-4iDCA-EkxwD5IcFU4iDcWLclxlD5JskFsSDqh6M2; KRTBCOOKIE_27=16735-uid:981f613b-5569-4400-b0a4-0801701c12bf&KRTB&16736-uid:981f613b-5569-4400-b0a4-0801701c12bf&KRTB&23019-uid:981f613b-5569-4400-b0a4-0801701c12bf&KRTB&23114-uid:981f613b-5569-4400-b0a4-0801701c12bf; KRTBCOOKIE_336=5844-5682155580754221045; SPugT=1631278442; KRTBCOOKIE_466=16530-d9baeb63-b8bf-4e5e-80a1-f874d429193b; KRTBCOOKIE_1074=22956-e_11738dd5-e334-48db-acfc-6d0d273aa84d; KRTBCOOKIE_377=6810-41ea13fe-0ad5-4532-a924-7a4ded1cc58a&KRTB&22918-41ea13fe-0ad5-4532-a924-7a4ded1cc58a&KRTB&23031-41ea13fe-0ad5-4532-a924-7a4ded1cc58a; KRTBCOOKIE_218=22978-YTtVagAAAmZurQA6&KRTB&23194-YTtVagAAAmZurQA6&KRTB&23209-YTtVagAAAmZurQA6&KRTB&23244-YTtVagAAAmZurQA6; pp=156498; PMDTSHR=cat:; KCCH=YES; chkChromeAb67Sec=2; DPSync3=1633824000%3A232%7C1632441600%3A219_221_226_227_201_197%7C1631318400%3A174; SyncRTB3=1632441600%3A189_204_222_99_5_233_231_104_230_166_57_165_3_56_220_13_88_71_54_22_55_234_81_7_176_21_8_161%7C1631836800%3A15_2_223%7C1632096000%3A63%7C1632528000%3A35%7C1636416000%3A69%7C1633824000%3A203; KRTBCOOKIE_107=1471-uid:W6couTJp1MoG2D5; PugT=1631278442
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=21375
expires
Fri, 10 Sep 2021 18:50:20 GMT
date
Fri, 10 Sep 2021 12:54:05 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 889A 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&schain=1.0,1!vidoomy.com,54345,1,1631278444731,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:05 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:07:52 GMT
server
Apache/2.2.15 (CentOS)
etag
"13006b6-974e-5c4c7cb53d8cb"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=21375
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13946
expires
Fri, 10 Sep 2021 18:50:20 GMT
auction_multi
am-0.moevideo.biz/ssp/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://am-0.moevideo.biz/ssp/auction_multi
Protocol
HTTP/1.1
Server
83.229.25.205 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://moevideo.biz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Fri, 10 Sep 2021 12:54:05 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET, POST, OPTIONS
auction_multi
am-0.moevideo.biz/ssp/ Frame DB5C 		2 B
476 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://am-0.moevideo.biz/ssp/auction_multi
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
83.229.25.205 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:05 GMT
X-Balancer-Name
fvm13
Last-Modified
Fri, 10 Sep 2021 12:54:05 GMT
Server
nginx
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://moevideo.biz
X-B-Name
fvm13
Cache-Control
no-cache, must-revalidate;post-check=0,pre-check=0;max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
Expires
Thu, 19 Feb 1998 13:24:18 GMT
analytics.js
www.google-analytics.com/ Frame DB5C 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=iwT643WdNLW1YlIMGmBJS6htTCuxc3QK9RbD8jx0B7A57pbL7CfUD%2BYcsHH4Y%2FOw&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fcactussupply519&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
428
date
Fri, 10 Sep 2021 12:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Fri, 10 Sep 2021 14:46:57 GMT
ads-async.js
ad.mail.ru/static/ Frame DB5C 		193 B
485 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/static/ads-async.js
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=iwT643WdNLW1YlIMGmBJS6htTCuxc3QK9RbD8jx0B7A57pbL7CfUD%2BYcsHH4Y%2FOw&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fcactussupply519&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
d0d2b70ff09df898f2652af487149d55391a4088ad738ad9f69286ef5e734811

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:05 GMT
Server
nginx
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=600
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
193
Expires
Fri, 10 Sep 2021 13:04:05 GMT
AdRiverFPS_MV.js
content.adriver.ru/banners/0007207/0007207973/0/ Frame DB5C 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.adriver.ru/banners/0007207/0007207973/0/AdRiverFPS_MV.js?id1=2aeac8bf8f14ce5af194
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=iwT643WdNLW1YlIMGmBJS6htTCuxc3QK9RbD8jx0B7A57pbL7CfUD%2BYcsHH4Y%2FOw&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fcactussupply519&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.96.36 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
c95123ccc9890a5ac5dba9d9060abc099e1fcb9f7e1043c675188ac12942616f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:05 GMT
last-modified
Fri, 09 Apr 2021 14:49:31 GMT
server
nginx
etag
"6070697b-26a8"
content-type
application/x-javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
9896
expires
Fri, 10 Sep 2021 13:54:05 GMT
storage.html
moe.video/ Frame 6DC1 		18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moe.video/storage.html?v=08
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.52 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f29.moevideo.net
Software
nginx /
Resource Hash
55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Host
moe.video
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://moevideo.biz/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/

Response headers

Server
nginx
Date
Fri, 10 Sep 2021 12:54:05 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 30 Aug 2021 11:42:53 GMT
ETag
W/"612cc43d-4783"
X-My-Name
s26
X-My-Reqtime
0.096
X-B-Name
f29
Content-Encoding
gzip
storage.html
moe.video/ Frame 2DB6 		18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moe.video/storage.html?v=08
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.52 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f29.moevideo.net
Software
nginx /
Resource Hash
55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Host
moe.video
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://moevideo.biz/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/

Response headers

Server
nginx
Date
Fri, 10 Sep 2021 12:54:05 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 30 Aug 2021 11:44:02 GMT
ETag
W/"612cc482-4783"
X-My-Name
s39
X-My-Reqtime
0.082
X-B-Name
f29
Content-Encoding
gzip
389706
ad.mail.ru/vast/ Frame DB5C 		0
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/389706?pr=3076733&sc=2453591051&dl=moevideo.biz
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:05 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
389706
ad.mail.ru/vast/ Frame DB5C 		0
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/389706?pr=1084796&sc=2453591051&dl=https%3A%2F%2Fask.fm%2Fcactussupply519
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:05 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
vast
stats.seedr.com/ Frame DB5C 		766 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.seedr.com/vast?gid=5a422ce95f366efa348b462b&sc=2453591051&pr=5787585
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.185.194.45 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
host45.seedr.ru
Software
nginx /
Resource Hash
46f44bc65b39c9abfdeac3908a0aeaf4118ac1b43256b7b29dbb996b7b449651

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:05 GMT
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/xml; charset=utf-8
Access-Control-Allow-Origin
https://moevideo.biz
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, *
174627
ad.mail.ru/vast/ Frame DB5C 		61 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/174627?rand=2893457&sc=2453591051&dl=https%3A%2F%2Fask.fm%2Fcactussupply519
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
db4857f9c629c7255011feed900ea424555f595daea63a20cb9d28f659024778

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:05 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 889A 		27 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&schain=1.0,1!vidoomy.com,54345,1,1631278444731,,&us_privacy=&cb=1631278445255&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fask.fm%252Fcactussupply519&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fask.fm%252Fcactussupply519&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-9-10%2012:54:5&ranreq=0.8119325749229007&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&schain=1.0,1!vidoomy.com,54345,1,1631278444731,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:05 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://ask.fm
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
6E98B6.js
r.mradx.net/img/58/ Frame DB5C 		185 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r.mradx.net/img/58/6E98B6.js
Requested by
Host: ad.mail.ru
URL: https://ad.mail.ru/static/ads-async.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a00:1148:db00::28 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
7568bf67bec31079e13d3eea3a735e7cf5179c15d6deb65822ce6c9bd23df350

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 29 Jun 2021 07:24:19 GMT
Server
nginx
ETag
W/"60dacaa3-2e478"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Connection
keep-alive
Timing-Allow-Origin
*
Expires
Thu, 31 Dec 2037 23:55:55 GMT
i
vid-io-cle.springserve.com/vd/ Frame 6BD9 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=58faee00&ps_id=487310&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_44854a27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.12.29.116 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-12-29-116.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 12:54:05 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
track
aktrack.pubmatic.com/ Frame 6BD9 		0
0
json.cgi
ad.adriver.ru/cgi-bin/ Frame DB5C 		385 B
1023 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.adriver.ru/cgi-bin/json.cgi?sid=1&ad=719473&bt=55&pid=3198680&bid=7189165&bn=7189165&custom=300=0;301=0;302=0;303=unavail;304=0;305=2aeac8bf8f14ce5af194;306=;307=;308=0;309=0
Requested by
Host: content.adriver.ru
URL: https://content.adriver.ru/banners/0007207/0007207973/0/AdRiverFPS_MV.js?id1=2aeac8bf8f14ce5af194
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.108.48 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
74688e92426ddb650bba0472605a3a138e7c4f21dcc33852ec8757523781aca7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/embed/vpaid?token=iwT643WdNLW1YlIMGmBJS6htTCuxc3QK9RbD8jx0B7A57pbL7CfUD%2BYcsHH4Y%2FOw&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fcactussupply519&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:05 GMT
Transfer-Encoding
chunked
P3P
policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Access-Control-Allow-Origin
https://moevideo.biz
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Expires
Thu, 01 Jan 1970 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 8CD3 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:05 GMT
X-Proxy-Origin
91.199.118.75; 91.199.118.75; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
374cee3d-bf25-4e4c-b287-b35d88521e70
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame E916 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:05 GMT
X-Proxy-Origin
91.199.118.75; 91.199.118.75; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
ae95ba56-11ef-4d49-b059-10fe14119e19
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
storage.html
moe.video/ Frame 76A1 		18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moe.video/storage.html?v=08
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.52 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f29.moevideo.net
Software
nginx /
Resource Hash
55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Host
moe.video
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://moevideo.biz/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/

Response headers

Server
nginx
Date
Fri, 10 Sep 2021 12:54:06 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 30 Aug 2021 11:42:49 GMT
ETag
W/"612cc439-4783"
X-My-Name
s11
X-My-Reqtime
0.087
X-B-Name
f29
Content-Encoding
gzip
sync
moevideo-sync.rutarget.ru/ Frame DB5C 		0
0
match
dm.hybrid.ai/ Frame DB5C 		0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=117
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.16 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:06 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
105
x-xss-protection
1; mode=block
expires
-1
moevideo
px.adhigh.net/p/cm/ Frame DB5C
Redirect Chain
  • https://px.adhigh.net/p/cm/moevideo?u=2aeac8bf8f14ce5af194
  • https://px.adhigh.net/p/cm/moevideo?u=2aeac8bf8f14ce5af194&bounced=1
49 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.adhigh.net/p/cm/moevideo?u=2aeac8bf8f14ce5af194&bounced=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.232.148.144 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS
smtp5.sender.ltmse.com
Software
nginx /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:05 GMT
server
nginx
x-backend-id
f5-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-type
image/gif
content-length
49
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:05 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f5-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://px.adhigh.net/p/cm/moevideo?u=2aeac8bf8f14ce5af194&bounced=1
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
sync.bumlam.com/ Frame DB5C
Redirect Chain
  • https://sync.bumlam.com/?src=moe2&uid=2aeac8bf8f14ce5af194
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjuqu2JBlIFst3qqQtiFDJhZWFjOGJmOGYxNGNlNWFmMTk0
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjuqu2JBlIFst3qqQtiFDJhZWFjOGJmOGYxNGNlNWFmMTk0ogEQLrNGkhI2Eeym6QAlkMgkNw**
  • https://sync.bumlam.com/?src=moe2&s_data=CAIQABjuqu2JBmIUMmFlYWM4YmY4ZjE0Y2U1YWYxOTSiARAus0aSEjYR7KbpACWQyCQ3
  • https://sync.bumlam.com/?src=moe2&s_data=CAIQARjuqu2JBmIUMmFlYWM4YmY4ZjE0Y2U1YWYxOTSiARAus0aSEjYR7KbpACWQyCQ3
43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bumlam.com/?src=moe2&s_data=CAIQARjuqu2JBmIUMmFlYWM4YmY4ZjE0Y2U1YWYxOTSiARAus0aSEjYR7KbpACWQyCQ3
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
31.172.81.158 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:06 GMT
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date
Fri, 10 Sep 2021 12:54:06 GMT
Server
nginx
ETag
2eb34692-1236-11ec-a6e9-002590c82437
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
//sync.bumlam.com/?src=moe2&s_data=CAIQARjuqu2JBmIUMmFlYWM4YmY4ZjE0Y2U1YWYxOTSiARAus0aSEjYR7KbpACWQyCQ3
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
cs
cs-0.moevideo.biz/ssp/ Frame DB5C
Redirect Chain
  • https://mitdmp.whiteboxdigital.ru/pixel?source=moevideo&id=2aeac8bf8f14ce5af194&redirect=true&href=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D51%26b%3D%7Buid%7D
  • https://e6c96af6-8b79-40d9-85b5-1615924ea2c0.mitdmp.whiteboxdigital.ru/redirect?miid=e6c96af6-8b79-40d9-85b5-1615924ea2c0&href=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D51%26b%3De6c96af6-8b7...
  • https://cs-0.moevideo.biz/ssp/cs?d=51&b=e6c96af6-8b79-40d9-85b5-1615924ea2c0
36 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-0.moevideo.biz/ssp/cs?d=51&b=e6c96af6-8b79-40d9-85b5-1615924ea2c0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
83.229.25.15 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
9b33810d308f761a076f7d2ddd720839b719bee12e8082e42b3d2042b5041090

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 10 Sep 2021 12:54:06 GMT
Server
nginx
Connection
keep-alive
Content-Length
36
Content-Type
image/gif

Redirect headers

Date
Fri, 10 Sep 2021 12:54:06 GMT
Server
nginx/1.21.0
Location
https://cs-0.moevideo.biz/ssp/cs?d=51&b=e6c96af6-8b79-40d9-85b5-1615924ea2c0
Access-Control-Max-Age
3628800
Access-Control-Allow-Methods
GET, DELETE, OPTIONS, POST, PUT
Access-Control-Allow-Origin
Access-Control-Expose-Headers
Content-Length,Content-Range
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
Content-Length
0
rle.cgi
ad.adriver.ru/cgi-bin/ Frame DB5C 		42 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=719570&bt=21&bn=719570
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.108.48 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:05 GMT
Transfer-Encoding
chunked
P3P
policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection
keep-alive
Content-Type
image/gif
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cs
cs-0.moevideo.biz/ssp/ Frame DB5C
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/redirect/moevideo?redirect_url=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D81%26b%3D%24%7BUUID%7D
  • https://cs-0.moevideo.biz/ssp/cs?d=81&b=2bf19cf1-ed14-4464-721c-ad05ae1b550f
36 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-0.moevideo.biz/ssp/cs?d=81&b=2bf19cf1-ed14-4464-721c-ad05ae1b550f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
83.229.25.15 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
9b33810d308f761a076f7d2ddd720839b719bee12e8082e42b3d2042b5041090

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 10 Sep 2021 12:54:06 GMT
Server
nginx
Connection
keep-alive
Content-Length
36
Content-Type
image/gif

Redirect headers

location
https://cs-0.moevideo.biz/ssp/cs?d=81&b=2bf19cf1-ed14-4464-721c-ad05ae1b550f
date
Fri, 10 Sep 2021 12:54:05 GMT
server
nginx
content-length
115
serverid
TODO
content-type
text/html; charset=utf-8
cs
cs-0.moevideo.biz/ssp/ Frame DB5C
Redirect Chain
  • https://sync.upravel.com/moevideo/sync
  • https://sync.upravel.com/moevideo/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9tb2V2aWRlby5iaXovIl19fQ
  • https://15a5f0c8-e1ea-4d45-a7b5-2eb5a7990d1c.sync.upravel.com/moevideo/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9tb2V2aWRlby5iaXovIiwiaHR0cHM6Ly9tb2V2aWRlby5iaXovIl19fQ
  • https://cs-0.moevideo.biz/ssp/cs?d=91&b=15a5f0c8-e1ea-4d45-a7b5-2eb5a7990d1c
36 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-0.moevideo.biz/ssp/cs?d=91&b=15a5f0c8-e1ea-4d45-a7b5-2eb5a7990d1c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
83.229.25.15 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
9b33810d308f761a076f7d2ddd720839b719bee12e8082e42b3d2042b5041090

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 10 Sep 2021 12:54:06 GMT
Server
nginx
Connection
keep-alive
Content-Length
36
Content-Type
image/gif

Redirect headers

date
Fri, 10 Sep 2021 12:54:06 GMT
server
nginx
location
https://cs-0.moevideo.biz/ssp/cs?d=91&b=15a5f0c8-e1ea-4d45-a7b5-2eb5a7990d1c
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
false
content-type
image/png
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
0
CZ1Y_6f2TO-ePAIc6THfZw
an.yandex.ru/setud/mts_banner/ Frame DB5C
Redirect Chain
  • https://sm.rtb.mts.ru/p?ssp=moevideo&id=2aeac8bf8f14ce5af194
  • https://sm.rtb.mts.ru/match/second?ssp=moevideo&exu=2aeac8bf8f14ce5af194
  • https://tech.rtb.mts.ru/?dsp_uid=099d58ff-a7f6-4cef-9e3c-021ce931df67&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FCZ1Y_6f2TO-ePAIc6THfZw%3Fsign%3D44827410
  • https://an.yandex.ru/setud/mts_banner/CZ1Y_6f2TO-ePAIc6THfZw?sign=44827410
43 B
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/setud/mts_banner/CZ1Y_6f2TO-ePAIc6THfZw?sign=44827410
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:06 GMT
content-encoding
gzip
last-modified
Fri, 10 Sep 2021 12:54:06 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=windows-1251
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 10 Sep 2021 12:54:06 GMT

Redirect headers

Date
Fri, 10 Sep 2021 12:54:06 GMT
Server
nginx/1.13.12
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=utf-8
Location
https://an.yandex.ru/setud/mts_banner/CZ1Y_6f2TO-ePAIc6THfZw?sign=44827410
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
moevideo
sync.dmp.otm-r.com/match/ Frame DB5C 		0
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.dmp.otm-r.com/match/moevideo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.152.105 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.105.152.201.195.clients.your-server.de
Software
nginx/1.17.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 10 Sep 2021 12:54:06 GMT
server
nginx/1.17.6
myvideo-sync
rtb.com.ru/ Frame DB5C 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.com.ru/myvideo-sync?uid=2aeac8bf8f14ce5af194
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
83.222.114.188 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:06 GMT
Cache-Control
max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
Server
nginx/1.18.0
Connection
keep-alive
P3p
CP="rtb.com.ru does not have a P3P policy"
cs
cs-0.moevideo.biz/ssp/ Frame DB5C
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=42837&callback_url=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D161%26b%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=42837&callback_url=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D161%26b%3D%24%7BUSER_ID%7D&crf=1
  • https://cs-0.moevideo.biz/ssp/cs?d=161&b=7664a743-0bda-51fd-a287-975ec3bcc230
36 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-0.moevideo.biz/ssp/cs?d=161&b=7664a743-0bda-51fd-a287-975ec3bcc230
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
83.229.25.15 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
9b33810d308f761a076f7d2ddd720839b719bee12e8082e42b3d2042b5041090

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 10 Sep 2021 12:54:06 GMT
Server
nginx
Connection
keep-alive
Content-Length
36
Content-Type
image/gif

Redirect headers

location
https://cs-0.moevideo.biz/ssp/cs?d=161&b=7664a743-0bda-51fd-a287-975ec3bcc230
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
collect
dx.frontend.weborama.com/ Frame DB5C
Redirect Chain
  • https://dx.frontend.weborama.com/collect?touchpoint=0&url=https%3A//moevideo.biz/embed/vpaid%3Ftoken%3DiwT643WdNLW1YlIMGmBJS6htTCuxc3QK9RbD8jx0B7A57pbL7CfUD%252BYcsHH4Y%252FOw%26ref%3Dviads-ask.fm%...
  • https://dx.frontend.weborama.com/collect?touchpoint=0&url=https%3A%2F%2Fmoevideo.biz%2Fembed%2Fvpaid%3Ftoken%3DiwT643WdNLW1YlIMGmBJS6htTCuxc3QK9RbD8jx0B7A57pbL7CfUD%252BYcsHH4Y%252FOw%26ref%3Dviads...
  • https://rd.frontend.weborama.fr/rd?key=wamsync&url=https%3A%2F%2Fdx.frontend.weborama.com%2Fcollect%3Fdsp_id%3D0%26eid%3D%7BWEBO_ID%7D
  • https://dx.frontend.weborama.com/collect?dsp_id=0&eid=8N7vJ53ysfXw
0
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dx.frontend.weborama.com/collect?dsp_id=0&eid=8N7vJ53ysfXw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.80.102 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
102.80.201.35.bc.googleusercontent.com
Software
nginx/1.12.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:06 GMT
via
1.1 google
last-modified
Fri, 10 Sep 2021 12:54:06 GMT
server
nginx/1.12.0
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
clear
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:06 GMT
via
1.1 google
last-modified
Fri, 10 Sep 2021 12:54:06 GMT
server
nginx/1.12.0
location
https://dx.frontend.weborama.com/collect?dsp_id=0&eid=8N7vJ53ysfXw
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
clear
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 12:54:05 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame 2C78 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 12:54:06 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
nr-vpaid.min.js
cdn01.nativeroll.tv/js/ Frame 5D2B 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn01.nativeroll.tv/js/nr-vpaid.min.js
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
61732724ef457a86cb694449dcd434f954d42a2b50d873a96745f1a7ebac7aca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
fr5-up-gc33
date
Fri, 10 Sep 2021 12:54:06 GMT
content-encoding
gzip
last-modified
Tue, 07 Sep 2021 15:15:08 GMT
server
nginx
etag
W/"613781fc-33da"
vary
Accept-Encoding
x-cached-since
2021-09-10T11:22:25+00:00
content-type
application/javascript; charset=utf-8
cache-control
max-age=7200
cache
HIT
expires
Tue, 07 Sep 2021 17:19:33 GMT
vkAuth.html
ad.mail.ru/dist/ Frame 1544 		523 B
802 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/dist/vkAuth.html
Requested by
Host: r.mradx.net
URL: https://r.mradx.net/img/58/6E98B6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
ed75109404e5ed7750f964bfe12245ad0d67cd4fb6d2d4138ee094d322477c82

Request headers

Host
ad.mail.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://moevideo.biz/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/

Response headers

Server
nginx
Date
Fri, 10 Sep 2021 12:54:06 GMT
Content-Type
text/html;charset=UTF-8
Content-Length
523
Connection
keep-alive
Expires
Fri, 10 Sep 2021 13:04:06 GMT
Cache-Control
max-age=600
Access-Control-Allow-Origin
*
Timing-Allow-Origin
*
/
ad.mail.ru/adq/ Frame DB5C 		83 B
450 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/adq/?callback=mailru_ad1631278446167&q=199847&vk=0&_=82891367
Requested by
Host: r.mradx.net
URL: https://r.mradx.net/img/58/6E98B6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
45e26bc5da21ffd6603e788a61f81e9af4bc6325ccb3fbbca6ba93bbce5d8668

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/embed/vpaid?token=iwT643WdNLW1YlIMGmBJS6htTCuxc3QK9RbD8jx0B7A57pbL7CfUD%2BYcsHH4Y%2FOw&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fcactussupply519&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:06 GMT
Content-Encoding
gzip
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Transfer-Encoding
chunked
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
private, no-cache, no-store
Connection
keep-alive
Timing-Allow-Origin
*
nr-player.min.js
cdn01.nativeroll.tv/js/ Frame 7CCD 		529 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn01.nativeroll.tv/js/nr-player.min.js
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-vpaid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1e51fd15944329fa0576ec339cc9071c33ce181e029f486625273f41cc4db361

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
fr5-up-gc33
date
Fri, 10 Sep 2021 12:54:06 GMT
content-encoding
gzip
last-modified
Tue, 07 Sep 2021 15:15:08 GMT
server
nginx
etag
W/"613781fc-84255"
vary
Accept-Encoding
x-cached-since
2021-09-10T11:19:45+00:00
content-type
application/javascript; charset=utf-8
cache-control
max-age=7200
cache
HIT
expires
Tue, 07 Sep 2021 17:18:13 GMT
analytics.js
www.google-analytics.com/ Frame 7CCD 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
429
date
Fri, 10 Sep 2021 12:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Fri, 10 Sep 2021 14:46:57 GMT
nr-box.html
cdn01.nativeroll.tv/js/ Frame 3F68 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn01.nativeroll.tv/js/nr-box.html?origin=https%3A%2F%2Fmoevideo.biz
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
3005566d549831baab1aa7e940190d69a0ad0b67db5a1fde8059275394b1f151

Request headers

:method
GET
:authority
cdn01.nativeroll.tv
:scheme
https
:path
/js/nr-box.html?origin=https%3A%2F%2Fmoevideo.biz
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://moevideo.biz/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/

Response headers

server
nginx
date
Fri, 10 Sep 2021 12:54:06 GMT
content-type
text/html; charset=utf-8
last-modified
Wed, 01 Sep 2021 06:34:44 GMT
vary
Accept-Encoding
etag
W/"612f1f04-1b73"
cache
HIT
x-cached-since
2021-09-07T10:10:24+00:00
x-id
fr5-up-gc33
content-encoding
gzip
hosts.json
cdn02.nativeroll.tv/player/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn02.nativeroll.tv/player/hosts.json
Protocol
H2
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
cache-control
Origin
https://moevideo.biz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 12:54:06 GMT
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Content-Encoding,Content-Range,Content-Length
access-control-expose-headers
Content-Encoding,Content-Range,Content-Length
access-control-max-age
1728000
access-control-allow-origin
https://moevideo.biz
x-id
fr5-up-gc14
hosts.json
cdn02.nativeroll.tv/player/ Frame 7CCD 		301 B
619 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn02.nativeroll.tv/player/hosts.json
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
b92087c8f2dbb941e624d2403cf39e049a9d75d62859df03ddda63bfdbda182c

Request headers

cache-control
no-cache
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
fr5-up-gc33
date
Fri, 10 Sep 2021 12:54:06 GMT
content-encoding
gzip
last-modified
Thu, 25 Feb 2021 15:02:35 GMT
server
nginx
etag
W/"6037bc0b-12d"
x-cached-since
2021-09-08T10:38:48+00:00
content-type
application/json
access-control-allow-origin
https://moevideo.biz
access-control-expose-headers
Content-Encoding,Content-Range,Content-Length
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Content-Encoding,Content-Range,Content-Length
cache
HIT
806562477
www.tns-counter.ru/V13b****nativeroll_tv/ru/UTF-8/tmsec=nativeroll_total/ Frame 7CCD
Redirect Chain
  • https://www.tns-counter.ru/V13a****nativeroll_tv/ru/UTF-8/tmsec=nativeroll_total/806562477
  • https://www.tns-counter.ru/V13b****nativeroll_tv/ru/UTF-8/tmsec=nativeroll_total/806562477
43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tns-counter.ru/V13b****nativeroll_tv/ru/UTF-8/tmsec=nativeroll_total/806562477
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=iwT643WdNLW1YlIMGmBJS6htTCuxc3QK9RbD8jx0B7A57pbL7CfUD%2BYcsHH4Y%2FOw&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fcactussupply519&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software
ms-counter-3.2.9/1.20.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:06 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
ms-counter-3.2.9/1.20.1
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:06 GMT
server
ms-counter-3.2.9/1.20.1
strict-transport-security
max-age=2678400
content-type
image/gif
location
https://www.tns-counter.ru/V13b****nativeroll_tv/ru/UTF-8/tmsec=nativeroll_total/806562477
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
openapi.js
vk.com/js/api/ Frame 1544 		100 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/js/api/openapi.js?169
Requested by
Host: ad.mail.ru
URL: https://ad.mail.ru/dist/vkAuth.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
Software
kittenx /
Resource Hash
4a59afde8e0c966992b4cf31107f3e706e78572223f8f28162c218673bf7a71b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.mail.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:06 GMT
content-encoding
br
x-frontend
front512005
last-modified
Tue, 15 Jun 2021 09:11:55 GMT
server
kittenx
etag
"60c86edb-5802"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
content-length
22530
expires
Tue, 14 Sep 2021 12:54:06 GMT
ad
v.lkqd.net/ Frame F5CC 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=5294072&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
c896be5d2c0d966335fe713e1c71bde42735d11e973928fd8d1d227d79e37432

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:06 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1347
/
login.vk.com/ Frame 1544 		27 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.vk.com/?act=openapi&oauth=1&aid=7871968&location=ad.mail.ru&new=1
Requested by
Host: vk.com
URL: https://vk.com/js/api/openapi.js?169
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.129.135 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv135-129-240-87.vk.com
Software
kittenx / KPHP/7.4.108537
Resource Hash
52732007dd790f73859fc299aef99cd5aaff8c209e045f02ce3b0285a0567095
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.mail.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:06 GMT
content-encoding
gzip
server
kittenx
x-powered-by
KPHP/7.4.108537
strict-transport-security
max-age=15768000
access-control-allow-methods
GET
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://ad.mail.ru
cache-control
no-store
access-control-allow-credentials
true
content-type
text/html; charset=windows-1251
content-length
41
vpaid.js
ad.lkqd.net/vpaid/ Frame BAEE 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:06 GMT
content-encoding
gzip
last-modified
Mon, 10 May 2021 16:09:54 GMT
etag
"18431b5d583ab7507824ab63424fc76a"
x-hw
1631278446.cds142.fr8.hn,1631278446.cds107.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62012
5a422ce95f366efa348b462b
statsb.nativeroll.tv/nr/aserver/group/ Frame 7CCD 		67 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://statsb.nativeroll.tv/nr/aserver/group/5a422ce95f366efa348b462b?event=visit&gid=5a422ce95f366efa348b462b&v=1.18.18&url=https%3A%2F%2Fask.fm%2F&title=&ref=https%3A%2F%2Fask.fm%2F&block_enabled=0&width=432&height=243&offset_px=0&offset_pct=0&lenght_px=243&cookie_enabled=1&t=2021-09-10T12%3A54%3A06&mode=vpaid&data_saver=false&sc=2453591051&nr_f=MTYzMTI3ODQ0NjM1Ng%3D%3D&ancestor_origins=https%3A%2F%2Fmoevideo.biz%2Chttps%3A%2F%2Fask.fm&hwConcurrency=4&deviceMemory=8&platform=Linux%20x86_64&touchPoints=0&plays360=true&plays_inline=true&power_saver=false&li=&cid=03808987-61ba-4e77-9051-522fe8ad7f4b
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.43.83 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
host83.seedr.ru
Software
nginx /
Resource Hash
cac4cff1067d546eee4b0907276ecbb1e57c02d2ac6002ddc1718c9ed422a621

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:06 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://moevideo.biz
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, *
Content-Length
67
usync.html
ad.lkqd.net/cookie-sync/ Frame 635C 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 10 Sep 2021 12:54:06 GMT
content-encoding
gzip
content-length
1868
content-type
text/html
last-modified
Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges
bytes
etag
"81f08e6987a7c8675462207e3514d72e"
cache-control
public, max-age=1209600
x-hw
1631278446.cds142.fr8.hn,1631278446.cds226.fr8.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=5294072&m=&rtv=1&thost=ask.fm
Protocol
H2
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 12:54:06 GMT
content-length
0
access-control-allow-origin
https://ask.fm
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
ad
v.lkqd.net/ Frame BAEE 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=5294072&m=&rtv=1&thost=ask.fm
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
3dc6a7704e3c0a1630b299e7c73d9ed7cc97123dd62c76243810a7d234864c2d

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 10 Sep 2021 12:54:06 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1776
cs
cs.lkqd.net/ Frame 635C 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:06 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 635C 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:06 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 635C 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:06 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 635C 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:06 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 635C
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7665991417695659745
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7665991417695659745
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:06 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7665991417695659745
pragma
no-cache
date
Fri, 10 Sep 2021 12:54:06 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
t
t.lkqd.net/ Frame 45CA 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 12:54:06 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 12:54:06 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 12:54:06 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame 45CA 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 12:54:06 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
5a422ce95f366efa348b462b.jsonp
statsb.nativeroll.tv/nr/aserver/group/ Frame 5D2B 		0
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://statsb.nativeroll.tv/nr/aserver/group/5a422ce95f366efa348b462b.jsonp?event=impression&v=1.18.18&gid=5a422ce95f366efa348b462b&url=https%3A%2F%2Fmoevideo.biz%2Fembed%2Fvpaid%3Ftoken%3DiwT643WdNLW1YlIMGmBJS6htTCuxc3QK9RbD8jx0B7A57pbL7CfUD%252BYcsHH4Y%252FOw%26ref%3Dviads-ask.fm%26title%3D%26duration%3D0%26test%3D0%26proxyVars%255Breferer%255D%3Dhttps%253A%252F%252Fask.fm%252Fcactussupply519%26impressionAfterPaid%3D1%26muteVisibleCheck%3D1%26vl%3D1%26es%3D1%26mvver%3D1707&title=&cookie_enabled=1&block_enabled=0&ref=https%3A%2F%2Fask.fm%2F&width=432&offset_px=0&offset_pct=0&lenght_px=243&nr_f=MTYzMTI3ODQ0NjczOA%3D%3D&plays360=true&plays_inline=true&rsn=255
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-vpaid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.43.83 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
host83.seedr.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:06 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Headers
Content-Type, *
935975
ad.mail.ru/vast/ Frame DB5C 		60 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/935975?rand=6116687&sc=2453591051&dl=moevideo.biz
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:07 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
935975
ad.mail.ru/vast/ Frame DB5C 		60 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/935975?rand=7625170&sc=2453591051&dl=https%3A%2F%2Fask.fm%2Fcactussupply519
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:07 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
197143
ad.mail.ru/vast/ Frame DB5C 		61 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/197143?pr=2377418&sc=2453591051&dl=https%3A%2F%2Fask.fm%2Fcactussupply519
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
db4857f9c629c7255011feed900ea424555f595daea63a20cb9d28f659024778

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:07 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
362146
ad.mail.ru/vast/ Frame DB5C 		0
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/362146?rand=5787184&sc=2453591051&dl=https%3A%2F%2Fask.fm%2Fcactussupply519
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:07 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
362146
ad.mail.ru/vast/ Frame DB5C 		0
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/362146?rand=6400336&sc=2453591051&dl=moevideo.biz
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:07 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
942495
ad.mail.ru/vast/ Frame DB5C 		60 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/942495?rand=799240&sc=2453591051&dl=https%3A%2F%2Fask.fm%2Fcactussupply519
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:07 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
SPug
simage4.pubmatic.com/AdServer/ Frame E27F 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156498&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:06 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
48953915
mc.yandex.com/webvisor/ 		43 B
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=3&wv-hit=668703111&page-url=https%3A%2F%2Fask.fm%2Fcactussupply519&rn=931722431&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1631278447%3Aw%3A1600x1200%3Av%3A631%3Az%3A0%3Ai%3A202109010125407%3Au%3A1631278440708263106%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1631278447
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:07 GMT
last-modified
Fri, 10-Sep-2021 12:54:07 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 10-Sep-2021 12:54:07 GMT
942495
ad.mail.ru/vast/ Frame DB5C 		60 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/942495?rand=8298464&sc=2453591051&dl=moevideo.biz
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:07 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
726513
ad.mail.ru/vast/ Frame DB5C 		60 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/726513
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:07 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
get
pub-eu.p.otm-r.com/ Frame DB5C 		65 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pub-eu.p.otm-r.com/get?placement_id=58b41eb87a379fc852fa4496&when=pre&stream=instream&domain=https%3A%2F%2Fask.fm%2Fcactussupply519
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.65.68 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.68.65.201.138.clients.your-server.de
Software
nginx/1.17.4 /
Resource Hash
a9179676206755fbdcaf25d2c0958cf0ef14c8a787f38c966b9dbd8013b919f0

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:07 GMT
server
nginx/1.17.4
vary
Origin
content-type
text/xml
access-control-allow-origin
https://moevideo.biz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
65
expires
0
ad
v.lkqd.net/ Frame F5CC 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=84667659&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
8e8714dca189afb03bad5e501043094e5133b987bc22126b5ab5ed1d76db3a9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:07 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1348
truncated
/ 		626 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a77319d6ab3cf3a1c4a4a5ba4e6c5b3ccf689c5269ddb896b93b2393b93d319c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
vpaid.js
ad.lkqd.net/vpaid/ Frame C9CD 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:07 GMT
content-encoding
gzip
last-modified
Mon, 10 May 2021 16:09:54 GMT
etag
"18431b5d583ab7507824ab63424fc76a"
x-hw
1631278447.cds142.fr8.hn,1631278447.cds107.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62012
pixel.gif
px.moatads.com/ Frame 6C43 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&ra=1&pxm=&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=BETWAY_GLOBAL_FT_DISPLAY1&ol=1058780619&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%3AxkrG%3D01%60%3CY%24d!K%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-R2Yyp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&sc=1&os=1-gw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=970&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fask.fm%2F&id=0&ii=9&f=1&j=https%3A%2F%2Fask.fm&lp=https%3A%2F%2Fask.fm&t=1631278442420&de=452662085407&cu=1631278442420&m=5353&ar=503c7d4-clean&iw=85d6c64&cb=0&ym=0&ll=2&lm=3&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A373%3A373%3A1129%3A125&aa=1&ad=5094&cn=1028&gn=1&gk=5094&gl=1028&ik=5094&ic=5094&ez=1&co=1028&cp=1068&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5083&cd=1068&ah=5083&am=1068&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=152991%3A17602%3A5602468%3A3529838&bo=ask.fm&bd=ask.fm&gw=betwayglobalftdisplay906661272790&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMMStrategy=-&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=194337&na=1624037420&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:07 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 10 Sep 2021 12:54:07 GMT
usync.html
ad.lkqd.net/cookie-sync/ Frame E33C 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 10 Sep 2021 12:54:07 GMT
content-encoding
gzip
content-length
1868
content-type
text/html
last-modified
Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges
bytes
etag
"81f08e6987a7c8675462207e3514d72e"
cache-control
public, max-age=1209600
x-hw
1631278447.cds142.fr8.hn,1631278447.cds226.fr8.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame C9CD 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=84667659&m=&rtv=1&thost=ask.fm
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e05a9c906ef14102784da5bdd5bb9d7d22471c7bf4ba1a052cbd92a3d6c1156c

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 10 Sep 2021 12:54:08 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
2113
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=84667659&m=&rtv=1&thost=ask.fm
Protocol
H2
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 12:54:07 GMT
content-length
0
access-control-allow-origin
https://ask.fm
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
truncated
/ 		901 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6243d76b5b5b75e0fdec055242a5c57611b00947964c66c498e90dedb47fbdba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
cs
cs.lkqd.net/ Frame E33C 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:07 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame E33C 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:07 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame E33C 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:07 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame E33C 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:07 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame E33C
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7665991417695659745
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7665991417695659745
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:07 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7665991417695659745
pragma
no-cache
date
Fri, 10 Sep 2021 12:54:07 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pixel.gif
px.moatads.com/ Frame 6C43 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&ra=1&pxm=&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=BETWAY_GLOBAL_FT_DISPLAY1&ol=1058780619&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%3AxkrG%3D01%60%3CY%24d!K%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-R2Yyp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&sc=1&os=1-gw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=6&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=970&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fask.fm%2F&id=0&ii=9&f=1&j=https%3A%2F%2Fask.fm&lp=https%3A%2F%2Fask.fm&t=1631278442420&de=452662085407&cu=1631278442420&m=5555&ar=503c7d4-clean&iw=85d6c64&cb=0&ym=0&ll=2&lm=3&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A373%3A373%3A1129%3A125&aa=1&ad=5295&cn=5094&gn=1&gk=5295&gl=5094&ik=5295&ic=5295&ez=1&co=1028&cp=1068&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5338&cd=5083&ah=5338&am=5083&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=152991%3A17602%3A5602468%3A3529838&bo=ask.fm&bd=ask.fm&gw=betwayglobalftdisplay906661272790&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMMStrategy=-&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=194337&na=768905146&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:07 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 10 Sep 2021 12:54:07 GMT
t
t.lkqd.net/ Frame E777 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 12:54:08 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 12:54:08 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 12:54:08 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame E777 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 12:54:08 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame D13B 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=11644849&domain=ask.fm&loc=ask.fm&_fw_gdpr=1&_fw_gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.142.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-142-210.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
aa051735a4be53eec3f734962cf3773b0e65adb8238b76f32df8e377ad090258

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:08 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1304
x-sticky-va
1
x-sticky-vk
1631278448092073-520
Expires
Fri, 10 Sep 2021 12:54:08 GMT
/
ads.viralize.tv/t-bid-opportunity/ Frame D13B 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ec12362c063514b82413aa72e16a51&item=YWRuXzUwNzX7eozXjesw1Q%3D%3D.4.wp4sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:08 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
ads.viralize.tv/t-bid-done/ Frame D13B 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-done/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&item=YWRuXzUwNzX7eozXjesw1Q%3D%3D&sc=wp4sc1&l=vpaid&as=stickyADStv&ct=application%2Fjavascript&sid=01ec12362c063514b82413aa72e16a51
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:08 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 222E 		330 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_player.min.2f311be9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
5837176a5be205c861565cdec44ff713ed7874620fd4b2967a59a0d184477a48

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:08 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Jul 2021 02:54:23 GMT
ETag
"1625108063"
X-HW
1631278448.dop236.fr8.t,1631278448.cds145.fr8.shn,1631278448.cds145.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
113854
/
ads.viralize.tv/track/ Frame D13B 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec12362c063514b82413aa72e16a51%3A0%3AYWRuXzQ2MjEalpzxTDwl2A%3D%3D~wp3sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzQ2MjEalpzxTDwl2A%3D%3D~wp3sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_done%22%2C%22session_id%22%3A%2201ec12362c063514b82413aa72e16a51%3A0%3AYWRuXzUwNzX7eozXjesw1Q%3D%3D~wp4sc1%3A0%22%2C%22bid_done_id%22%3A%220%22%2C%22label%22%3A%22bid_selected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:08 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 222E 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1631278448371
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:08 GMT
Last-Modified
Thu, 01 Jul 2021 02:54:23 GMT
ETag
"1625108063"
X-HW
1631278448.dop202.fr8.t,1631278448.cds243.fr8.shn,1631278448.cds243.fr8.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
/
c1.adform.net/serving/cookie/match/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=1&gdpr_consent=null
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=1&gdpr_consent=null
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:08 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1

Redirect headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:08 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=1&gdpr_consent=null
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1631278448300054-550
Expires
Fri, 10 Sep 2021 12:54:08 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame 222E 		301 B
846 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=11644849&loc=https%3A%2F%2Fask.fm%2Fcactussupply519
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.142.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-142-210.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:08 GMT
Server
nginx
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1631278448450033-558
Expires
Fri, 10 Sep 2021 12:54:08 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 222E 		67 B
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=11644849&loc=https%3A%2F%2Fask.fm%2Fcactussupply519&domain=ask.fm&reqType=AdsSetup&_fw_gdpr=1&protocolVersion=2.0&_fw_gdpr_consent=&schain=1.0%2C1!viralize.com%2C4704%2C1%2C%2C%2C&auction=1&vav=8a72ded9c45a1f20e13a0cddbc14f952&vaviv=4654160d5641ca9e4a3e261bb2867afb&mustangVersion=1.11.9.4&focus=true&percentViewable=100&componentId=vpaid-adapter&playerSize=432x243&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.142.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-142-210.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:08 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1631278448310082-530
Expires
Fri, 10 Sep 2021 12:54:08 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZDVkYTNkZGRiZWFjMTBjY2FjZmI0Y2YyZjk1NzRiMQ==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZDVkYTNkZGRiZWFjMTBjY2FjZmI0Y2YyZjk1NzRiMQ==&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:08 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZDVkYTNkZGRiZWFjMTBjY2FjZmI0Y2YyZjk1NzRiMQ==&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1631278448477032-562
Expires
Fri, 10 Sep 2021 12:54:08 GMT
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=d5da3dddbeac10ccacfb4cf2f9574b1&ex=freewheel.tv&gdpr=0&gdpr_consent=
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=d5da3dddbeac10ccacfb4cf2f9574b1&ex=freewheel.tv&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:08 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
CXJ5N17AEHF16F7M6W4K
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:08 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=d5da3dddbeac10ccacfb4cf2f9574b1&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1631278448461063-513
Expires
Fri, 10 Sep 2021 12:54:08 GMT
ac
www8.smartadserver.com/ Frame D13B 		129 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www8.smartadserver.com/ac?siteid=115779&pgid=1188690&fmtid=43957&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1631278442&vpw=432&vph=243&pgDomain=ask.fm&gdpr_consent=&gdpr=1&schain=1.0,1!viralize.com,4704,1,,,
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:08 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://ask.fm
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8
transfer-encoding
chunked
/
ads.viralize.tv/t-bid-opportunity/ Frame D13B 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ec12362c063514b82413aa72e16a51&item=YWRuXzQ0NDPPfn3bnluiFw%3D%3D.5.wp5sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:08 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
ad
v.lkqd.net/ Frame F5CC 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=9545098&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
516b4bcf4244158d2b9202b7a651449f63b872ce077edd78f4ddfa75cb9e0480

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:08 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1350
shim.gif
creatives.sascdn.com/ Frame D13B 		43 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creatives.sascdn.com/shim.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e052 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:09 GMT
Last-Modified
Fri, 17 Aug 2018 12:23:00 GMT
Server
AkamaiNetStorage
ETag
"221d8352905f2c38b3cb2bd191d630b0:1534508580"
Content-Type
image/gif
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Sat, 10 Sep 2022 12:54:09 GMT
/
ads.viralize.tv/d-vast/ Frame D13B 		71 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.viralize.tv/d-vast/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fask.fm&cbb=1278441735&sid=01ec12362c063514b82413aa72e16a51&ahd=1&enable_branding=0&player_session=%7B%22page_id%22%3A%22017bcfc5a773ab8e49739c8907c70f0%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22width%22%3A432%2C%22height%22%3A243%7D%7D&dd=ask.fm&sc=1&gdpr=1&cmp=unavailable&wfp=6&rcx=460.a05dc8e3.1.12
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
3419057d4d0ea2416ad392eb797ded2ac1033896fc70df1dadd4eaad31862bf1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:08 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding, Origin
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://ask.fm
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
vpaid.js
ad.lkqd.net/vpaid/ Frame 2176 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:08 GMT
content-encoding
gzip
last-modified
Mon, 10 May 2021 16:09:54 GMT
etag
"18431b5d583ab7507824ab63424fc76a"
x-hw
1631278448.cds142.fr8.hn,1631278448.cds107.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62012
ptv
secure.adnxs.com/ Frame D13B 		27 B
848 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/ptv?member=9986&id=20877777&vplaybackmethod=2&referrer=ask.fm&gdpr=1&gdpr_consent=&cb=1631278442
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:08 GMT
X-Proxy-Origin
91.199.118.75; 91.199.118.75; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
44f845b4-245a-430f-9825-97b8d5aa82f8
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
27
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
ads.viralize.tv/t-bid-opportunity/ Frame D13B 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ec12362c063514b82413aa72e16a51&item=YWRuXzU5MDmUKUs46ACohw%3D%3D.7.wp7sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:08 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
pixel
cm.g.doubleclick.net/ Frame D13B
Redirect Chain
  • https://viralize-d.openx.net/v/1.0/av?auid=541171626&url=ask.fm&cb=1631278442&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,
  • https://viralize-d.openx.net/v/1.0/av?cc=1&auid=541171626&url=ask.fm&cb=1631278442&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzQ1NjZjOWItMTkyYi02YTkwLTQwMTktMzA0YWJkYmZhYjlk
0
0
/
ads.viralize.tv/t-bid-opportunity/ Frame D13B 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ec12362c063514b82413aa72e16a51&item=YWRuXzQ2ODVqVsva9dTlyQ%3D%3D.8.wp8sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:08 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
usync.html
ad.lkqd.net/cookie-sync/ Frame E10A 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 10 Sep 2021 12:54:08 GMT
content-encoding
gzip
content-length
1868
content-type
text/html
last-modified
Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges
bytes
etag
"81f08e6987a7c8675462207e3514d72e"
cache-control
public, max-age=1209600
x-hw
1631278448.cds142.fr8.hn,1631278448.cds226.fr8.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 2176 		20 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=9545098&m=&rtv=1&thost=ask.fm
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
7553f5b5cc17641ff872bf561755e809968ed8906babeb31ef44824f742a8b9b

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 10 Sep 2021 12:54:09 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
3816
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=9545098&m=&rtv=1&thost=ask.fm
Protocol
H2
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 12:54:08 GMT
content-length
0
access-control-allow-origin
https://ask.fm
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
/
ads.viralize.tv/track/ Frame D13B 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec12362c063514b82413aa72e16a51%3A0%3AYWRuXzQ0NDPPfn3bnluiFw%3D%3D~wp5sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzQ0NDPPfn3bnluiFw%3D%3D~wp5sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec12362c063514b82413aa72e16a51%3A0%3AYWRuXzU5MDmUKUs46ACohw%3D%3D~wp7sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzU5MDmUKUs46ACohw%3D%3D~wp7sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:08 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
cs
cs.lkqd.net/ Frame E10A 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:08 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame E10A 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:08 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame E10A 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:08 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame E10A 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:08 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame E10A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7665991417695659745
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7665991417695659745
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:08 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7665991417695659745
pragma
no-cache
date
Fri, 10 Sep 2021 12:54:08 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
av
viralize-d.openx.net/v/1.0/ Frame D13B
Redirect Chain
  • https://viralize-d.openx.net/v/1.0/av?auid=541171626&url=ask.fm&cb=1631278442&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,
  • https://viralize-d.openx.net/v/1.0/av?cc=1&auid=541171626&url=ask.fm&cb=1631278442&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,
48 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://viralize-d.openx.net/v/1.0/av?cc=1&auid=541171626&url=ask.fm&cb=1631278442&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.215.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:09 GMT
content-encoding
gzip
server
OXGW/16.215.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ask.fm
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Fri, 10 Sep 2021 12:54:09 GMT
via
1.1 google
server
OXGW/16.215.0
location
https://viralize-d.openx.net/v/1.0/av?cc=1&auid=541171626&url=ask.fm&cb=1631278442&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ask.fm
access-control-allow-credentials
true
alt-svc
clear
content-length
0
av
viralize-d.openx.net/v/1.0/ Frame D13B
Redirect Chain
  • https://viralize-d.openx.net/v/1.0/av?auid=541171626&url=ask.fm&cb=1631278442&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,
  • https://viralize-d.openx.net/v/1.0/av?cc=1&auid=541171626&url=ask.fm&cb=1631278442&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,
48 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://viralize-d.openx.net/v/1.0/av?cc=1&auid=541171626&url=ask.fm&cb=1631278442&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.215.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:09 GMT
content-encoding
gzip
server
OXGW/16.215.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ask.fm
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Fri, 10 Sep 2021 12:54:09 GMT
via
1.1 google
server
OXGW/16.215.0
location
https://viralize-d.openx.net/v/1.0/av?cc=1&auid=541171626&url=ask.fm&cb=1631278442&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ask.fm
access-control-allow-credentials
true
alt-svc
clear
content-length
0
/
adx.adform.net/adx/ Frame D13B 		65 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=822826&t=2&url=https%3A%2F%2Fask.fm&gdpr=1&gdpr_consent=&w=432&h=243&t=1&random=1631278442
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:09 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
ads.viralize.tv/t-bid-opportunity/ Frame D13B 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ec12362c063514b82413aa72e16a51&item=YWRuXzUyMTmiV7-uFzcfSQ%3D%3D.9.wp9sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:09 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
t
t.lkqd.net/ Frame 2F58 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 12:54:09 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 12:54:09 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
vg8w_5FE244+r7CJB_4mkZ3_YehF4CBX
ads.adaptv.advertising.com/a/h/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/vg8w_5FE244+r7CJB_4mkZ3_YehF4CBX?cb=300920122&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fcactussupply519&eov=eov
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.100.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-100-70.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
2cddb299c06219e1bfe0702c0d94c078b7aa61bc97c92a04bf89c1fa155e9aab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
910
expires
0
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame D13B 		965 B
848 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156962&siteId=662274&adId=2645911&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1631278442
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2b3e1d5cba4096f7f78108316a483c9e5430f15064aa3a2b5694f38d2086362b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:09 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
596
expires
Fri, 10 Sep 2021 12:54:09 GMT
/
ads.viralize.tv/t-bid-opportunity/ Frame D13B 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ec12362c063514b82413aa72e16a51&item=YWRuXzQ3Mji-VbjhakAvxA%3D%3D.10.wp10sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:09 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
ads.viralize.tv/track/ Frame D13B 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec12362c063514b82413aa72e16a51%3A0%3AYWRuXzQ2ODVqVsva9dTlyQ%3D%3D~wp8sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzQ2ODVqVsva9dTlyQ%3D%3D~wp8sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec12362c063514b82413aa72e16a51%3A0%3AYWRuXzUyMTmiV7-uFzcfSQ%3D%3D~wp9sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzUyMTmiV7-uFzcfSQ%3D%3D~wp9sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:09 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 12:54:09 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame 2F58 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 12:54:09 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
truncated
/ Frame 2176 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
vpaid_44854a27.js
vpaid.springserve.com/production/ Frame EB63 		487 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_44854a27.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:b000:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
11e41d859e2bb2f97068bbbffff15522b7852828e938a464164ffbad62cfa389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Aug 2021 15:01:09 GMT
content-encoding
br
last-modified
Wed, 25 Aug 2021 15:00:31 GMT
server
AmazonS3
age
1374781
etag
W/"d48d9d8b9aa42be3c59a03030903498a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
M2Xca416Egm1OPAXdFW3BufmFU02B26ng8yzdAI3lMxqGw-cyUMiIg==
/
ads.viralize.tv/t-bid-done/ Frame D13B 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-done/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&item=YWRuXzQ3Mji-VbjhakAvxA%3D%3D&sc=wp10sc1&l=vpaid&as=PubMatic&ct=application%2Fjavascript&sid=01ec12362c063514b82413aa72e16a51
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:09 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame D4E4 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662274&adId=2645911&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1631278442
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_player.min.2f311be9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:09 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
openrtb
ads.adaptv.advertising.com/rtb/ Frame EB63 		0
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_44854a27.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.100.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-100-70.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ask.fm
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ Frame EB63 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_44854a27.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e7f130df0cb6821e807fb8ae97edf4972151abb6243318e9a246757269281028
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:09 GMT
X-Proxy-Origin
91.199.118.75; 91.199.118.75; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
e11df73a-908c-43a5-8849-c622d447a1d3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame EB63 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_44854a27.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
df756ad891a20ccedd6cb854a1cce4d94a32006a5ed8381f4f5dfa1bfd697fe4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:09 GMT
X-Proxy-Origin
91.199.118.75; 91.199.118.75; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
664753d2-4a74-4f17-b80b-7b4e06b47f6f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame EB63 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_44854a27.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
6d66ebb4c93a117d8bc17d3b5ba546f5327ababb380162ea67af3078e2362540
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:09 GMT
X-Proxy-Origin
91.199.118.75; 91.199.118.75; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
19fcff8d-8285-4de9-9e98-aa1f35d1539a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
ads.viralize.tv/track/ Frame D13B 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_done%22%2C%22session_id%22%3A%2201ec12362c063514b82413aa72e16a51%3A0%3AYWRuXzQ3Mji-VbjhakAvxA%3D%3D~wp10sc1%3A0%22%2C%22bid_done_id%22%3A%220%22%2C%22label%22%3A%22bid_selected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:09 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
48953915
mc.yandex.com/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=4&wv-hit=668703111&page-url=https%3A%2F%2Fask.fm%2Fcactussupply519&rn=547949059&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1631278449%3Aw%3A1600x1200%3Av%3A631%3Az%3A0%3Ai%3A202109010125409%3Au%3A1631278440708263106%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1631278449
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:09 GMT
last-modified
Fri, 10-Sep-2021 12:54:09 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 10-Sep-2021 12:54:09 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 8D41 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662274&adId=2645911&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1631278442
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ask.fm/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=CC146F8A-A2DF-4195-B4B5-D84003A697D4; KRTBCOOKIE_1101=23040-7006287554795206796; PUBMDCID=3; KRTBCOOKIE_391=22924-7339593317579984733&KRTB&23263-7339593317579984733; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; KRTBCOOKIE_409=22966-lVmvfVRNQgYj0aC6bZu6XdXG; KRTBCOOKIE_57=22776-79558216986088634; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_80=22987-CAESEO51ZGjfYrPEJbupjfhZHSg&KRTB&16514-CAESEO51ZGjfYrPEJbupjfhZHSg&KRTB&23025-CAESEO51ZGjfYrPEJbupjfhZHSg; KRTBCOOKIE_22=14911-7665991417695659745; KRTBCOOKIE_153=19420-4iDCA-EkxwD5IcFU4iDcWLclxlD5JskFsSDqh6M2&KRTB&22979-4iDCA-EkxwD5IcFU4iDcWLclxlD5JskFsSDqh6M2; KRTBCOOKIE_27=16735-uid:981f613b-5569-4400-b0a4-0801701c12bf&KRTB&16736-uid:981f613b-5569-4400-b0a4-0801701c12bf&KRTB&23019-uid:981f613b-5569-4400-b0a4-0801701c12bf&KRTB&23114-uid:981f613b-5569-4400-b0a4-0801701c12bf; KRTBCOOKIE_336=5844-5682155580754221045; KRTBCOOKIE_466=16530-d9baeb63-b8bf-4e5e-80a1-f874d429193b; KRTBCOOKIE_1074=22956-e_11738dd5-e334-48db-acfc-6d0d273aa84d; KRTBCOOKIE_377=6810-41ea13fe-0ad5-4532-a924-7a4ded1cc58a&KRTB&22918-41ea13fe-0ad5-4532-a924-7a4ded1cc58a&KRTB&23031-41ea13fe-0ad5-4532-a924-7a4ded1cc58a; KRTBCOOKIE_218=22978-YTtVagAAAmZurQA6&KRTB&23194-YTtVagAAAmZurQA6&KRTB&23209-YTtVagAAAmZurQA6&KRTB&23244-YTtVagAAAmZurQA6; pp=156498; PMDTSHR=cat:; chkChromeAb67Sec=2; DPSync3=1633824000%3A232%7C1632441600%3A219_221_226_227_201_197%7C1631318400%3A174; SyncRTB3=1632441600%3A189_204_222_99_5_233_231_104_230_166_57_165_3_56_220_13_88_71_54_22_55_234_81_7_176_21_8_161%7C1631836800%3A15_2_223%7C1632096000%3A63%7C1632528000%3A35%7C1636416000%3A69%7C1633824000%3A203; KRTBCOOKIE_107=1471-uid:W6couTJp1MoG2D5; KRTBCOOKIE_279=22890-2e2bd096-1236-11ec-a321-f1a78009e55e&KRTB&23011-2e2bd096-1236-11ec-a321-f1a78009e55e; PugT=1631278444; KRTBCOOKIE_860=16335-0O7K_XN1RgZyFzgtinfBulvHdks; SPugT=1631278446
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=21371
expires
Fri, 10 Sep 2021 18:50:20 GMT
date
Fri, 10 Sep 2021 12:54:09 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame D4E4 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662274&adId=2645911&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1631278442
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:09 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:07:52 GMT
server
Apache/2.2.15 (CentOS)
etag
"13006b6-974e-5c4c7cb53d8cb"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=21371
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13946
expires
Fri, 10 Sep 2021 18:50:20 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 8D41 		182 B
416 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=70964791&p=156962&s=662274&a=2645911&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
2e67989c5380ba38f012f9f1675db3127979fecc75ab124fe7ac9ea11cdebfc7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:09 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
182
content-type
text/html; charset=UTF-8
t
t.lkqd.net/ Frame 2F58 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 12:54:09 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 12:54:09 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
p
a.audrte.com/ Frame 8D41
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=CC146F8A-A2DF-4195-B4B5-D84003A697D4
  • https://a.audrte.com/p
0
0
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame EB63 		67 B
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&playerSize=400x225&loc=https%3A%2F%2Fask.fm%2Fcactussupply519&_fw_gdpr=&_fw_gdpr_consent=&cb=1631278449011&width=400&height=225&dnt=&ip=146.20.132.113&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&schain=1.0,1!vidoomy.com,54345,1,1631278449011,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_44854a27.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.142.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-142-210.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:09 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1631278449489040-549
Expires
Fri, 10 Sep 2021 12:54:09 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame D4E4 		27 B
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156962&siteId=662274&adId=2645911&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+7+9+1+0+1+1+1+6&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1631278442&us_privacy=&cb=1631278449201&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fask.fm%252Fcactussupply519&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fask.fm%252Fcactussupply519&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-9-10%2012:54:9&ranreq=0.23468586675660674&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662274&adId=2645911&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1631278442
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:09 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://ask.fm
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
content-type
application/xml; charset=utf-8
track
aktrack.pubmatic.com/ Frame D4E4 		0
0
track
aktrack.pubmatic.com/ Frame D13B 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156962&s=662274&a=2645911&ts=1631278449&wa=0&e=96&ier=901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:09 GMT
content-length
0
content-type
text/html
/
pl.viadata.store/export/102415/ Frame FA40 		5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pl.viadata.store/export/102415/?secured=1&language=en&page_url=https%3A%2F%2Fask.fm%2Fcactussupply519&pub_sid=102415&pub_sub=0&format=json&tgt=0&VIA_SUBID=&VIA_ABT=&pce=1&npx=1&VIA_DNT=0&page_domain=ask.fm&trackdomain=logs.viadata.store&VIA_DADPOS=1&avtoken=441511&VIA_WIDTH=432&VIA_HEIGHT=243&imp=false&rc=2&cb=1631278449761
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.119.12 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
5da3d8e938d51ef849cb42e373bc457290295e50f4aa99e5aa052a5217a80d3e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:09 GMT
content-encoding
br
server
nginx/1.19.5
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
access-control-allow-credentials
true
access-control-allow-headers
sentry-trace
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame EB63 		965 B
845 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&schain=1.0,1!vidoomy.com,54345,1,1631278449011,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_44854a27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
d78e7008d6b900d8ff1c355abd68632ce04be4555cdbc8c25a8db0fe8b31aea0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:09 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
593
expires
Fri, 10 Sep 2021 12:54:09 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 76EE 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&schain=1.0,1!vidoomy.com,54345,1,1631278449011,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:09 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
bid
clientside-video-bidder.rutarget.ru/ Frame FA40 		27 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://clientside-video-bidder.rutarget.ru/bid?url=https%3A%2F%2Fask.fm%2Fcactussupply519&request_id=1278449812&placement_id=109&mimes=video%2Fmp4&placement=1&protocols=2&protocols=3&protocols=5&protocols=6&mimes=application/javascript&vd_api_0=VPAID_2_0
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.64.106.150 , Russian Federation, ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU),
Reverse DNS
s-fr5.rutarget.ru
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:09 GMT
Server
nginx
Access-Control-Allow-Methods
OPTIONS
Content-Type
text/xml
Access-Control-Allow-Origin
https://ask.fm
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Ssp-Name
Content-Length
27
cs
rtb-msk-2.viadata.store/vast/ Frame FA40 		71 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb-msk-2.viadata.store/vast/cs?zone=102415&w=432&h=243&site=https%3A%2F%2Fask.fm%2Fcactussupply519&vp=2&cbb=1278449813
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.236 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
ea8c11136a7433434705f93ac9b944267b1e5b18cb713fe9817c7ca09c730cf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
age
0
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/xml; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-store
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
access-control-allow-headers
Content-Type, Accept
rle.cgi
ad.adriver.ru/cgi-bin/ Frame FA40 		5 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=222536&bn=1&bt=61&pz=0&w=400&h=220&vp=5&target=top&vmindn=5&vmaxdn=180&vminbtr=30&vmaxbtr=3000&tuid=1&rnd=1278449815&tail256=https%3A%2F%2Fask.fm%2F
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.108.48 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
38477db16d8d2916c639a93c9c8687cdb4688b8b7f22e1f5ab9409e1c5cd592d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:09 GMT
Transfer-Encoding
chunked
P3P
policyref="https://adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Access-Control-Allow-Origin
https://ask.fm
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/xml
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
ads.viralize.tv/vast/ Frame FA40 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.viralize.tv/vast/?zid=AADPh4dFgdgbKwgH&u=ask.fm&cbb=1278449815
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
f8b8ff4df6547225dca1d2d21c7ae4e4f96f0163825fa6029b183e068bb1ece6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:09 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding, Origin
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
expires
0
vast
moevideo.biz/ Frame FA40 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/vast?ref=viads-ask.fm&impressionAfterPaid=1&es=1&vl=1&mvis=1&referrer=https%3A%2F%2Fask.fm%2Fcactussupply519&cbb=1278449816
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.38 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f7.moevideo.net
Software
nginx / PHP/5.5.38
Resource Hash
768c16c38e24ee434972f0a5d9d0ab96858930b836970b5c54b4f0e15089673c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:09 GMT
Content-Encoding
gzip
X-Mv-Embed-Version
1373
X-Powered-By
PHP/5.5.38
Transfer-Encoding
chunked
Connection
keep-alive
X-My-Reqtime
0.085
Pragma
no-cache
Last-Modified
Fri, 10 Sep 2021 12:54:09 GMT
Server
nginx
X-My-Name
s39
Access-Control-Allow-Methods
GET, POST
Content-Type
application/xml
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
X-Mv-TryCache
0
X-My-App-Time
0.001
Access-Control-Allow-Headers
Content-Type, Accept
Expires
Thu, 19 Feb 1998 13:24:18 GMT
viads-vast
adx.com.ru/ Frame FA40 		0
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.com.ru/viads-vast?vpaid=true&rolltype=outstream&referer=https%3A%2F%2Fask.fm%2Fcactussupply519&uid=47a31a07-2c26-495d-9ada-39ecbe8d680e&cbb=1278449816
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.34.131.134 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.134.131.34.188.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 12:54:09 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
server
nginx/1.18.0
p3p
CP="adx.com.ru does not have a P3P policy"
ad_request
ads.aralego.com/ Frame FA40 		0
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?host=ask.fm&ver=UCX_WEB-20200113&adid=ad-8A29B9A43D442E8EFEE379B36E7ED89&atype=2&u=https%3A%2F%2Fask.fm%2Fcactussupply519&gdpr=0&euconsent-v2=&w=432&h=243&je=1&cbb=1278449816
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:10 GMT
X-Width
432
X-Height
243
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
https://ask.fm
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Access-Control-Allow-Credentials
true
X-SspId
d4d67ffa-fa50-3ee8-8e2f-cb9af83737cd
Connection
close
X-Adtype
vast
dsp
logs.viadata.store/event/ Frame FA40 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logs.viadata.store/event/dsp?sid=102415&event=rtb&event2=request&cb=1631278449817&tids=2107,2110,2106,2552,4760,2111,2555,2109,7323,7378
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:09 GMT
x-content-type-options
nosniff
last-modified
Fri, 10 Sep 2021 12:54:09 GMT
server
nginx
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 16D7 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&schain=1.0,1!vidoomy.com,54345,1,1631278449011,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=CC146F8A-A2DF-4195-B4B5-D84003A697D4; KRTBCOOKIE_1101=23040-7006287554795206796; PUBMDCID=3; KRTBCOOKIE_391=22924-7339593317579984733&KRTB&23263-7339593317579984733; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; KRTBCOOKIE_409=22966-lVmvfVRNQgYj0aC6bZu6XdXG; KRTBCOOKIE_57=22776-79558216986088634; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_80=22987-CAESEO51ZGjfYrPEJbupjfhZHSg&KRTB&16514-CAESEO51ZGjfYrPEJbupjfhZHSg&KRTB&23025-CAESEO51ZGjfYrPEJbupjfhZHSg; KRTBCOOKIE_22=14911-7665991417695659745; KRTBCOOKIE_153=19420-4iDCA-EkxwD5IcFU4iDcWLclxlD5JskFsSDqh6M2&KRTB&22979-4iDCA-EkxwD5IcFU4iDcWLclxlD5JskFsSDqh6M2; KRTBCOOKIE_27=16735-uid:981f613b-5569-4400-b0a4-0801701c12bf&KRTB&16736-uid:981f613b-5569-4400-b0a4-0801701c12bf&KRTB&23019-uid:981f613b-5569-4400-b0a4-0801701c12bf&KRTB&23114-uid:981f613b-5569-4400-b0a4-0801701c12bf; KRTBCOOKIE_336=5844-5682155580754221045; KRTBCOOKIE_466=16530-d9baeb63-b8bf-4e5e-80a1-f874d429193b; KRTBCOOKIE_1074=22956-e_11738dd5-e334-48db-acfc-6d0d273aa84d; KRTBCOOKIE_377=6810-41ea13fe-0ad5-4532-a924-7a4ded1cc58a&KRTB&22918-41ea13fe-0ad5-4532-a924-7a4ded1cc58a&KRTB&23031-41ea13fe-0ad5-4532-a924-7a4ded1cc58a; KRTBCOOKIE_218=22978-YTtVagAAAmZurQA6&KRTB&23194-YTtVagAAAmZurQA6&KRTB&23209-YTtVagAAAmZurQA6&KRTB&23244-YTtVagAAAmZurQA6; pp=156498; PMDTSHR=cat:; SyncRTB3=1632441600%3A189_204_222_99_5_233_231_104_230_166_57_165_3_56_220_13_88_71_54_22_55_234_81_7_176_21_8_161%7C1631836800%3A15_2_223%7C1632096000%3A63%7C1632528000%3A35%7C1636416000%3A69%7C1633824000%3A203; KRTBCOOKIE_107=1471-uid:W6couTJp1MoG2D5; KRTBCOOKIE_279=22890-2e2bd096-1236-11ec-a321-f1a78009e55e&KRTB&23011-2e2bd096-1236-11ec-a321-f1a78009e55e; PugT=1631278444; KRTBCOOKIE_860=16335-0O7K_XN1RgZyFzgtinfBulvHdks; SPugT=1631278446; chkChromeAb67Sec=3; DPSync3=1631318400%3A174%7C1633824000%3A232%7C1632441600%3A226_227_235_219_221_201_197; pubsyncexp=1631300049270
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=21371
expires
Fri, 10 Sep 2021 18:50:20 GMT
date
Fri, 10 Sep 2021 12:54:09 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 76EE 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&schain=1.0,1!vidoomy.com,54345,1,1631278449011,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:09 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:07:52 GMT
server
Apache/2.2.15 (CentOS)
etag
"13006b6-974e-5c4c7cb53d8cb"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=21371
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13946
expires
Fri, 10 Sep 2021 18:50:20 GMT
viralize_vpaid.min.9026482f.js
static.viralize.tv/ Frame 1E79 		61 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.viralize.tv/viralize_vpaid.min.9026482f.js?e=ops
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:9ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a10d306265feb9fd46afe61797ff3eb234550e49d93624d80212d4761296ce1b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:10 GMT
content-encoding
br
cf-cache-status
HIT
age
86093
x-guploader-uploadid
ADPycds_kHIqwdOjqEwZ4rIFoG7EeJVo3htiCnEgUUJUqhz2aYxFa0TOR1ob0hufW2fJdC9O2EWZNgLP9T7TLM-b
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 09 Sep 2021 12:54:55 GMT
server
cloudflare
etag
W/"9026482feeb11a8d20ff2d42d0817333"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=rErZ1Q==, md5=kCZIL+6xGo0g/y1C0IFzMw==
x-goog-generation
1631192095681511
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=2592000
x-goog-stored-content-length
62513
cf-ray
68c8cdaa3c005b9e-FRA
expires
Sun, 10 Oct 2021 12:54:10 GMT
vpaid.min.js
moevideo.biz/embed/player/1707/vpaid/ Frame E698 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/player/1707/vpaid/vpaid.min.js
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.38 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f7.moevideo.net
Software
nginx /
Resource Hash
3c50e9629fa1a0f26d8a6a017db615c5fc46af69bf4f2e28f6f5e6b05336289e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:10 GMT
Last-Modified
Mon, 30 Aug 2021 11:41:37 GMT
Server
nginx
X-My-Name
s13
ETag
"612cc3f1-1c64"
Content-Type
application/javascript
Content-Length
7268
Connection
keep-alive
Accept-Ranges
bytes
X-My-Reqtime
0.088
context.js
an.yandex.ru/system/ 		291 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/system/context.js
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
72accd331f232e69d6be6c9756655c5b829a72bf67ffc7ca6b345f4478cb3d4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
strict-transport-security
max-age=31536000
content-encoding
br
etag
1154769760
x-yandex-req-id
1631278450306583-760799030299559391800345-production-app-host-man-pcode-9
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Fri, 10 Sep 2021 13:54:10 GMT
/
ads.viralize.tv/player/ Frame 1E79 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.viralize.tv/player/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fask.fm&cbb=1278449815&sid=01ec123630d2104234562293c831e5d1&experiment=ops.v&ahd=1&enable_branding=0&player_session=%7B%22page_id%22%3A%22017bcfc5a773ab8e49739c8907c70f0%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22width%22%3A432%2C%22height%22%3A243%7D%7D&pub_platform=&dd=ask.fm&sc=1&gdpr=1&cs=&cmp=unavailable
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.9026482f.js?e=ops
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
63582b8fe0af6580586ed638be0835a41027e5c5ffa17c2fd4bb02cb61e686d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:10 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
raven.min.js
cdn.ravenjs.com/3.17.0/ Frame D93E 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ravenjs.com/3.17.0/raven.min.js
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.9026482f.js?e=ops
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:10 GMT
content-encoding
gzip
last-modified
Thu, 13 Jul 2017 16:58:06 GMT
server
Fastly
age
45477
etag
"51d6eff0ea5151f41fa0e2f3310fc7c7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
9634
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.1/ Frame D93E 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.1/jquery.min.js
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.9026482f.js?e=ops
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 11:02:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
438679
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34056
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 05 Sep 2022 11:02:51 GMT
polyfill.min.js
polyfill.io/v3/ Frame D93E 		101 B
161 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es5,es6,es7&flags=gated
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.9026482f.js?e=ops
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:800::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
069a660398be8db8f9b6d8dad3f052d9a061b697b5354c24784c62d3df0a82f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
4965807
detected-user-agent
Chrome Mobile/89.0.4389
server-timing
HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=1
content-length
89
referrer-policy
origin-when-cross-origin
last-modified
Wed, 14 Jul 2021 15:46:48 GMT
date
Fri, 10 Sep 2021 12:54:10 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/89.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame D93E 		346 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.9026482f.js?e=ops
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe08c3a5fd2d4a0c5a4f33864bbb3bddc095f87d1aba54a588163f3370b33ff4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121963
x-xss-protection
0
expires
Fri, 10 Sep 2021 12:54:10 GMT
viralize_player.min.2f311be9.js
static.viralize.tv/ Frame D93E 		732 KB
214 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.viralize.tv/viralize_player.min.2f311be9.js?e=ops
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.9026482f.js?e=ops
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:9ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5619551e2524d1359a848586c661da0966af70c18495b796b7ca40574aa0266

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:10 GMT
content-encoding
br
cf-cache-status
HIT
age
803
x-guploader-uploadid
ADPycdsj6twd8G8aCU5ui1I6dIJikzsyetZZhs7E_QASsjOAtKbuRIlvyuy-sWEmPdpt3gnUGcR1CRu1k8tKnRQATPA
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 10 Sep 2021 08:27:29 GMT
server
cloudflare
etag
W/"2f311be9e78c3c47a2ec282977e5c195"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=AgaRLg==, md5=LzEb6eeMPEei7Cgpd+XBlQ==
x-goog-generation
1631262449864973
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=2592000
x-goog-stored-content-length
750059
cf-ray
68c8cdaa8c8c5b9e-FRA
expires
Sun, 10 Oct 2021 12:54:10 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 76EE 		27 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&schain=1.0,1!vidoomy.com,54345,1,1631278449011,,&us_privacy=&cb=1631278449830&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fask.fm%252Fcactussupply519&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fask.fm%252Fcactussupply519&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-9-10%2012:54:10&ranreq=0.5656240769619563&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&schain=1.0,1!vidoomy.com,54345,1,1631278449011,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:10 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://ask.fm
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
polyfill.min.js
polyfill.io/v3/ Frame D93E 		101 B
131 B 		Other
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es5,es6,es7&flags=gated
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:800::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
069a660398be8db8f9b6d8dad3f052d9a061b697b5354c24784c62d3df0a82f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
4965807
detected-user-agent
Chrome Mobile/89.0.4389
server-timing
HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=1
content-length
89
referrer-policy
origin-when-cross-origin
last-modified
Wed, 14 Jul 2021 15:46:48 GMT
date
Fri, 10 Sep 2021 12:54:10 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/89.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
vpaid
moevideo.biz/embed/ Frame FAA0 		31 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/vpaid?token=VtzIPD30DPpYmx0oQ4g3Wv%2BRbOFg0nwnGgMOfVIHuE4pcAdhVW6OB8T8zr6ynwwg&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fcactussupply519&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/vpaid/vpaid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.38 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f7.moevideo.net
Software
nginx / PHP/5.5.38
Resource Hash
02548c0d5d0e44fdbda04022816bc25a782bfc9eac622f9a80268ce07283aeb4

Request headers

Host
moevideo.biz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ask.fm/
Accept-Encoding
gzip, deflate, br
Cookie
mvuid=2aeac8bf8f14ce5af194; mvsid=453ade90-9011-4880-943e-928572e7e4e8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

Server
nginx
Date
Fri, 10 Sep 2021 12:54:10 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.5.38
X-My-Adv-Time
0.00286817550659
Expires
Thu, 19 Feb 1998 13:24:18 GMT
Last-Modified
Fri, 10 Sep 2021 12:54:10 GMT
Cache-Control
max-age=0
Pragma
no-cache
X-Mv-TryCache
0
X-My-App-Time
0.025
X-Mv-Embed-Version
1373
X-My-Name
s21
X-My-Reqtime
0.113
Content-Encoding
gzip
jstracer
an.yandex.ru/ 		2 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/jstracer
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
2
x-xss-protection
1; mode=block
i
vid-io-cle.springserve.com/vd/ Frame EB63 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=40d604f8&ps_id=487310&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_44854a27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.12.29.116 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-12-29-116.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 12:54:10 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
track
aktrack.pubmatic.com/ Frame EB63 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1631278449&wa=0&e=96&ier=901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:10 GMT
content-length
0
content-type
text/html
styles.css
moevideo.biz/embed/player/1707/skins/gray/ Frame FAA0 		54 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/player/1707/skins/gray/styles.css
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=VtzIPD30DPpYmx0oQ4g3Wv%2BRbOFg0nwnGgMOfVIHuE4pcAdhVW6OB8T8zr6ynwwg&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fcactussupply519&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.38 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f7.moevideo.net
Software
nginx /
Resource Hash
8981b7634262efb2ccddde3aaf691c544eb2e2a9f95fe7f7976d6574a14999e4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/embed/vpaid?token=VtzIPD30DPpYmx0oQ4g3Wv%2BRbOFg0nwnGgMOfVIHuE4pcAdhVW6OB8T8zr6ynwwg&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fcactussupply519&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:14 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Aug 2021 11:40:34 GMT
Server
nginx
X-My-Name
s12
ETag
W/"612cc3b2-d99f"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
X-My-Reqtime
3.450
mvplayer.min.js
moevideo.biz/embed/player/1707/ Frame FAA0 		580 KB
580 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/player/1707/mvplayer.min.js
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=VtzIPD30DPpYmx0oQ4g3Wv%2BRbOFg0nwnGgMOfVIHuE4pcAdhVW6OB8T8zr6ynwwg&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fcactussupply519&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.38 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f7.moevideo.net
Software
nginx /
Resource Hash
bd204debaaee1468075efbf39237f0e7e60da7ae5c1130a0eace92b59f578585

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/embed/vpaid?token=VtzIPD30DPpYmx0oQ4g3Wv%2BRbOFg0nwnGgMOfVIHuE4pcAdhVW6OB8T8zr6ynwwg&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fcactussupply519&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:10 GMT
Last-Modified
Mon, 30 Aug 2021 11:41:48 GMT
Server
nginx
X-My-Name
s11
ETag
"612cc3fc-90ecf"
Content-Type
application/javascript
Content-Length
593615
Connection
keep-alive
Accept-Ranges
bytes
X-My-Reqtime
0.087
o2shim
acds.prod.vidible.tv/ Frame 3E2A 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1250061&orgId=22762&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=https%3A%2F%2Fask.fm%2Fcactussupply519&vrid=2042dea4-179a-4226-a360-f4708e3c8eb0&pblob=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.94.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-94-69.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ebdc6a7c4fd5eaa143fe24ef24bc78c019601191a3a8673835a79752145cd7cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:10 GMT
content-encoding
gzip
access-control-max-age
3600
access-control-allow-methods
POST, GET, HEAD, PUT, PATCH, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-headers
content-length
6638
t
t.lkqd.net/ Frame 2F58 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 12:54:11 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 12:54:11 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
0.js
cdn-ssl.vidible.tv/prod/ad-client/js/10.2.73/ Frame 3E2A 		318 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.73/0.js
Requested by
Host: acds.prod.vidible.tv
URL: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1250061&orgId=22762&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=https%3A%2F%2Fask.fm%2Fcactussupply519&vrid=2042dea4-179a-4226-a360-f4708e3c8eb0&pblob=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
0ea3698701b0651074b610a5c4562603bc7329ebf68c67766d712eedea4b1078
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion
1
date
Tue, 07 Sep 2021 23:31:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
220976
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-length
104721
x-amz-id-2
0rPMuepaETaJclYeouH0A935WPQhnMv9eAOKocnb9qh0+wqt7XwlSbLbBXGsKZidmvHyvlfIHgY=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 07 Sep 2021 22:30:18 GMT
server
ATS
etag
"d8555c931200311cc1ff970173a2bfee-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
x-amz-request-id
B7YPKZKT85E16206
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=1209600
x-amz-version-id
null
accept-ranges
bytes
content-type
application/javascript
impression.gif
trk.vidible.tv/trk/ Frame 3E2A 		43 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.vidible.tv/trk/impression.gif?pid=59947c0544a64b1a49e52a48&bcid=59ae8b057cdce042713951a0&s=true&pv=10.2.73&ifr=true&cb=0.9113865738894034&pt=o2unit&sid=cc3c02c6-af71-48ea-b019-5b013198ca82&r=https%3A%2F%2Fask.fm%2Fcactussupply519
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.130.33 -, , ASN (),
Reverse DNS
Software
nginx/1.21.0 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:10 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.21.0
content-type
image/gif
content-length
43
expires
Fri, 10 Sep 2021 12:54:10 GMT
advast
ice.360yield.com/ Frame D93E 		27 B
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/advast?p=22297302&w=16&h=9&minduration=1&maxduration=60&player_width=432&player_height=243&referrer=https%3A%2F%2Fask.fm&gdpr=&vast_version=3&vpaid_version=2&video_format_type=instream&schain=1.0,1!viralize.com,4704,1,,,
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.206.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-206-125.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 12:54:10 GMT
access-control-allow-credentials
true
content-type
application/xml; charset=UTF-8
content-length
27
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
ads.viralize.tv/t-bid-opportunity/ Frame D93E 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ec123630d2104234562293c831e5d1&item=YWRuXzUyMDIP-NsyYWGvDw%3D%3D.1.wp1sc1
Requested by
Host: ask.fm
URL: https://ask.fm/cactussupply519
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:10 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
s.richaudience.com/vid/MP_Ua8BIWjxkR/1631278450/ Frame D93E 		160 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/vid/MP_Ua8BIWjxkR/1631278450/?hasConsent=1&consentString=&mref=https%3A%2F%2Fask.fm&fp=130
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.0.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.13.0.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
21aa80733a2e64012e3f4f18beb996d922b2cbe4eb24fe383c556ee13baf1fd2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:11 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://ask.fm
access-control-max-age
86400
access-control-allow-credentials
true
/
ads.viralize.tv/t-bid-opportunity/ Frame D93E 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ec123630d2104234562293c831e5d1&item=YWRuXzU0MDa7VgRR7a8xUg%3D%3D.2.wp2sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:11 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
307371
search.spotxchange.com/vast/2.0/ Frame D93E 		67 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/307371?VPAID=JS&content_page_url=https%3A%2F%2Fask.fm&cb=1631278450&player_width=432&player_height=243&gdpr=1&gdpr_consent=&custom[format]=instream&schain=1.0,1!viralize.com,4704,1,,,
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-spotx-Exception-RESULT
exception
Content-Encoding
gzip
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-spotx-Exception-Message
SpotMarket execution was halted.
X-spotx-Exception-global_blacklist-ID
SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require
0.000397
X-SpotX-Timing-SpotMarket-Secondary
0.000000
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000021
X-SpotX-Timing-Page
0.010939
Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:11 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://ask.fm
X-SpotX-Timing-Page-Exception
0.000017
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-URI
0.000010
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
X-SpotX-Timing-SpotMarket-Primary
0.007029
X-SpotX-Timing-Transform
0.000256
X-SpotX-Timing-SpotMarket
0.007029
X-fe
088
X-SpotX-Timing-Page-Misc
0.002642
Content-Length
77
X-SpotX-Timing-Page-Context
0.000340
Last-Modified
Fri, 10 Sep 2021 12:54:11 GMT
Server
nginx
X-spotx-Exception-global_blacklist-RESULT
failure
X-spotx-Exception-global_blacklist-Message
The referer 'ask.fm' is blacklisted.
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-Mux
0.000227
/
ads.viralize.tv/t-bid-opportunity/ Frame D93E 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ec123630d2104234562293c831e5d1&item=YWRuXzU5NDLK9iSAJ_5rXQ%3D%3D.3.wp3sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:11 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
ads.viralize.tv/track/ Frame D93E 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec123630d2104234562293c831e5d1%3A0%3AYWRuXzUyMDIP-NsyYWGvDw%3D%3D~wp1sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzUyMDIP-NsyYWGvDw%3D%3D~wp1sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec123630d2104234562293c831e5d1%3A0%3AYWRuXzU0MDa7VgRR7a8xUg%3D%3D~wp2sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzU0MDa7VgRR7a8xUg%3D%3D~wp2sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:11 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame D93E 		67 B
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=12944593&domain=ask.fm&loc=ask.fm&_fw_gdpr=1&_fw_gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.142.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-142-210.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:11 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1631278450984054-538
Expires
Fri, 10 Sep 2021 12:54:11 GMT
/
ads.viralize.tv/t-bid-opportunity/ Frame D93E 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ec123630d2104234562293c831e5d1&item=YWRuXzU5ODikGcMC0z_Qgw%3D%3D.4.wp4sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:11 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
ads.viralize.tv/track/ Frame D93E 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec123630d2104234562293c831e5d1%3A0%3AYWRuXzU5NDLK9iSAJ_5rXQ%3D%3D~wp3sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzU5NDLK9iSAJ_5rXQ%3D%3D~wp3sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:11 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
moatapi.js
z.moatads.com/aolvidibleapi29384728347/ 		133 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/aolvidibleapi29384728347/moatapi.js
Requested by
Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.73/0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-57.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
90542f9de6cab010087ab4bcab0e3b0a2ec1e449e445434dc1bb5c852033f046

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:11 GMT
content-encoding
gzip
last-modified
Tue, 25 Feb 2020 18:37:38 GMT
server
AmazonS3
x-amz-request-id
8A7FDC6BFE10E44F
etag
"d678022569896f7b7293494e3a69c8c7"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=41598
accept-ranges
bytes
content-length
44266
x-amz-id-2
x/tGkmabB85FDfZF7hsArwvtgztZfDohB4nip+KU8Sj4udSyoUjkG62FhIjWMJ8wGyQ3RLLOZUM=
vg8w_5FE244+r7CJB_4mkZ3_YehF4CBX
ads-eu.v.ssp.yahoo.com/a/h/ Frame 3E2A
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/vg8w_5FE244+r7CJB_4mkZ3_YehF4CBX?cb=300920122&gdpr=0&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fcactussupply519&eov=eov&a.cluster=0&a.pvt=0&a.d.pageUrl=https%...
  • https://ads-eu.v.ssp.yahoo.com/a/h/vg8w_5FE244+r7CJB_4mkZ3_YehF4CBX?cb=300920122&gdpr=0&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fcactussupply519&eov=eov&a.cluster=0&a.pvt=0&a.d.pageUrl=https%3A%2...
249 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads-eu.v.ssp.yahoo.com/a/h/vg8w_5FE244+r7CJB_4mkZ3_YehF4CBX?cb=300920122&gdpr=0&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fcactussupply519&eov=eov&a.cluster=0&a.pvt=0&a.d.pageUrl=https%3A%2F%2Fask.fm%2Fcactussupply519&a.hasAppInfo=2&a.sdk=o2unit&a.sdkType=js&depth=0&height=225&moatViewableOpportunity=0&p.vw.active=1&p.vw.psize=2&p.vw.viewable=0&p.vw.viewableOpportunity=0&width=400&a.y_rid=9eee7290-bcbc-4c94-9f40-953e13de3227&a.is_yahoo=3&redirect_y=dHM9MTYzMTI3ODQ1MTI0MC4yOTkwNzI6YXBpZD1VUDJkY2I2MWFmLTEyMzYtMTFlYy1hMjUzLTAyYmZkZjRkZGM5ODpyZXF1ZXN0X2lkPTllZWU3MjkwLWJjYmMtNGM5NC05ZjQwLTk1M2UxM2RlMzIyNw==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.203.132 -, , ASN (),
Reverse DNS
Software
ATS/7.1.2.138 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:11 GMT
content-encoding
gzip
server
ATS/7.1.2.138
Age
0
content-type
text/xml
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0

Redirect headers

strict-transport-security
max-age=31536000
server
adaptv/1.0
access-control-allow-origin
https://ask.fm
content-type
text/plain
location
https://ads-eu.v.ssp.yahoo.com/a/h/vg8w_5FE244+r7CJB_4mkZ3_YehF4CBX?cb=300920122&gdpr=0&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fcactussupply519&eov=eov&a.cluster=0&a.pvt=0&a.d.pageUrl=https%3A%2F%2Fask.fm%2Fcactussupply519&a.hasAppInfo=2&a.sdk=o2unit&a.sdkType=js&depth=0&height=225&moatViewableOpportunity=0&p.vw.active=1&p.vw.psize=2&p.vw.viewable=0&p.vw.viewableOpportunity=0&width=400&a.y_rid=9eee7290-bcbc-4c94-9f40-953e13de3227&a.is_yahoo=3&redirect_y=dHM9MTYzMTI3ODQ1MTI0MC4yOTkwNzI6YXBpZD1VUDJkY2I2MWFmLTEyMzYtMTFlYy1hMjUzLTAyYmZkZjRkZGM5ODpyZXF1ZXN0X2lkPTllZWU3MjkwLWJjYmMtNGM5NC05ZjQwLTk1M2UxM2RlMzIyNw==
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
0
display.gif
trk.vidible.tv/trk/ Frame 3E2A 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.vidible.tv/trk/display.gif?bcid=59ae8b057cdce042713951a0&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.73&r=https%3A%2F%2Fask.fm%2Fcactussupply519&s=true&sid=cc3c02c6-af71-48ea-b019-5b013198ca82&vvuid=4742505b-cf78-4df9-8f5b-3083d778c0cf&orgId=22762&plcid=1250061&vrid=2042dea4-179a-4226-a360-f4708e3c8eb0&ab=0&dt=369&h=225&spaceid=793604934&w=400&cb=0.021690245937451058
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.130.33 -, , ASN (),
Reverse DNS
Software
nginx/1.21.0 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:11 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.21.0
content-type
image/gif
content-length
43
expires
Fri, 10 Sep 2021 12:54:11 GMT
ad-request.gif
trk.vidible.tv/trk/ Frame 3E2A 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.vidible.tv/trk/ad-request.gif?bcid=59ae8b057cdce042713951a0&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.73&r=https%3A%2F%2Fask.fm%2Fcactussupply519&s=true&sid=cc3c02c6-af71-48ea-b019-5b013198ca82&vvuid=4742505b-cf78-4df9-8f5b-3083d778c0cf&orgId=22762&plcid=1250061&vrid=2042dea4-179a-4226-a360-f4708e3c8eb0&at=preroll&ps=html5-vpaid&spaceid=793604934&p.vw.active=1&p.vw.sound=0&vwa=0&vwm=-1&cb=0.9307172441737892
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.130.33 -, , ASN (),
Reverse DNS
Software
nginx/1.21.0 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:11 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.21.0
content-type
image/gif
content-length
43
expires
Fri, 10 Sep 2021 12:54:11 GMT
ad-engine-request.gif
trk.vidible.tv/trk/ Frame 3E2A 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.vidible.tv/trk/ad-engine-request.gif?bcid=59ae8b057cdce042713951a0&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.73&r=https%3A%2F%2Fask.fm%2Fcactussupply519&s=true&sid=cc3c02c6-af71-48ea-b019-5b013198ca82&vvuid=4742505b-cf78-4df9-8f5b-3083d778c0cf&orgId=22762&plcid=1250061&vrid=2042dea4-179a-4226-a360-f4708e3c8eb0&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=400&p.vw.active=1&p.vw.sound=0&vwa=0&vwm=-1&h=225&cb=0.8359338334734503
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.130.33 -, , ASN (),
Reverse DNS
Software
nginx/1.21.0 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:11 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.21.0
content-type
image/gif
content-length
43
expires
Fri, 10 Sep 2021 12:54:11 GMT
48953915
mc.yandex.com/webvisor/ 		43 B
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=5&wv-hit=668703111&page-url=https%3A%2F%2Fask.fm%2Fcactussupply519&rn=753560443&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1631278451%3Aw%3A1600x1200%3Av%3A631%3Az%3A0%3Ai%3A202109010125411%3Au%3A1631278440708263106%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1631278451
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:11 GMT
last-modified
Fri, 10-Sep-2021 12:54:11 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 10-Sep-2021 12:54:11 GMT
ac
www8.smartadserver.com/ Frame D93E 		129 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www8.smartadserver.com/ac?siteid=115779&pgid=1188694&fmtid=43957&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1631278450&vpw=432&vph=243&pgDomain=ask.fm&gdpr_consent=&gdpr=1&schain=1.0,1!viralize.com,4704,1,,,
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:10 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://ask.fm
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8
transfer-encoding
chunked
/
ads.viralize.tv/t-bid-opportunity/ Frame D93E 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ec123630d2104234562293c831e5d1&item=YWRuXzQ0Mzkws_GtCGvh0A%3D%3D.5.wp5sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:11 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
ads.viralize.tv/track/ Frame D93E 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec123630d2104234562293c831e5d1%3A0%3AYWRuXzU5ODikGcMC0z_Qgw%3D%3D~wp4sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzU5ODikGcMC0z_Qgw%3D%3D~wp4sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:11 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
shim.gif
creatives.sascdn.com/ Frame D93E 		43 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creatives.sascdn.com/shim.gif
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_player.min.2f311be9.js?e=ops
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e052 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:11 GMT
Last-Modified
Fri, 17 Aug 2018 12:23:00 GMT
Server
AkamaiNetStorage
ETag
"221d8352905f2c38b3cb2bd191d630b0:1534508580"
Content-Type
image/gif
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Sat, 10 Sep 2022 12:54:11 GMT
/
ads.viralize.tv/d-vast/ Frame D93E 		71 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.viralize.tv/d-vast/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fask.fm&cbb=1278449815&sid=01ec123630d2104234562293c831e5d1&experiment=ops.v&ahd=1&enable_branding=0&player_session=%7B%22page_id%22%3A%22017bcfc5a773ab8e49739c8907c70f0%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22width%22%3A432%2C%22height%22%3A243%7D%7D&dd=ask.fm&sc=1&gdpr=1&cmp=unavailable&wfp=6&rcx=460.a05dc8e3.1.12
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
3419057d4d0ea2416ad392eb797ded2ac1033896fc70df1dadd4eaad31862bf1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:11 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding, Origin
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://ask.fm
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&ac=1&bq=7&i=AOL_VIDIBLE_API1&t=1631278451420&de=302990168190&d=210%3A-%3A-%3A-&bo=ask.fm&bd=ask.fm&f=0&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:11 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 10 Sep 2021 12:54:11 GMT
ptv
secure.adnxs.com/ Frame D93E 		27 B
848 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/ptv?member=9986&id=19417522&vplaybackmethod=2&referrer=ask.fm&gdpr=1&gdpr_consent=&cb=1631278450
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:11 GMT
X-Proxy-Origin
91.199.118.75; 91.199.118.75; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
5e55aad0-96b6-4442-8f48-e30d03b2a4c9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
27
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
ads.viralize.tv/t-bid-opportunity/ Frame D93E 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ec123630d2104234562293c831e5d1&item=YWRuXzUwMTMP-UfM06EaIg%3D%3D.7.wp7sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:11 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
ads.viralize.tv/track/ Frame D93E 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec123630d2104234562293c831e5d1%3A0%3AYWRuXzQ0Mzkws_GtCGvh0A%3D%3D~wp5sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzQ0Mzkws_GtCGvh0A%3D%3D~wp5sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:11 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
av
viralize-d.openx.net/v/1.0/ Frame D93E 		48 B
251 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://viralize-d.openx.net/v/1.0/av?auid=541171624&url=ask.fm&cb=1631278450&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.215.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:11 GMT
content-encoding
gzip
server
OXGW/16.215.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ask.fm
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
ads.viralize.tv/t-bid-opportunity/ Frame D93E 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ec123630d2104234562293c831e5d1&item=YWRuXzQ2ODZy3dgpPTshkQ%3D%3D.8.wp8sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:11 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
adx.adform.net/adx/ Frame D93E 		65 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=759669&t=2&url=https%3A%2F%2Fask.fm&gdpr=1&gdpr_consent=&w=432&h=243&t=1&random=1631278450
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:11 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
ads.viralize.tv/t-bid-opportunity/ Frame D93E 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ec123630d2104234562293c831e5d1&item=YWRuXzQzOTBg2Ns-vl2lxQ%3D%3D.9.wp9sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:11 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
ads.viralize.tv/track/ Frame D93E 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec123630d2104234562293c831e5d1%3A0%3AYWRuXzUwMTMP-UfM06EaIg%3D%3D~wp7sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzUwMTMP-UfM06EaIg%3D%3D~wp7sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec123630d2104234562293c831e5d1%3A0%3AYWRuXzQ2ODZy3dgpPTshkQ%3D%3D~wp8sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzQ2ODZy3dgpPTshkQ%3D%3D~wp8sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:11 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame D93E 		965 B
848 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156962&siteId=718975&adId=2944651&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1631278450
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e4370fd4649973fb1f998692a2c3e5f3f3953d8e46c9d890071b5c461c33a1f9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:11 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
596
expires
Fri, 10 Sep 2021 12:54:11 GMT
/
ads.viralize.tv/t-bid-opportunity/ Frame D93E 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ec123630d2104234562293c831e5d1&item=YWRuXzUyNzZVlX2NwO5KBw%3D%3D.10.wp10sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:11 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
ads.viralize.tv/t-bid-done/ Frame D93E 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-done/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&item=YWRuXzUyNzZVlX2NwO5KBw%3D%3D&sc=wp10sc1&l=vpaid&as=PubMatic&ct=application%2Fjavascript&sid=01ec123630d2104234562293c831e5d1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:11 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 8DEC 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=718975&adId=2944651&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1631278450
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_player.min.2f311be9.js?e=ops
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:11 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
/
ads.viralize.tv/track/ Frame D93E 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec123630d2104234562293c831e5d1%3A0%3AYWRuXzQzOTBg2Ns-vl2lxQ%3D%3D~wp9sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzQzOTBg2Ns-vl2lxQ%3D%3D~wp9sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_done%22%2C%22session_id%22%3A%2201ec123630d2104234562293c831e5d1%3A0%3AYWRuXzUyNzZVlX2NwO5KBw%3D%3D~wp10sc1%3A0%22%2C%22bid_done_id%22%3A%220%22%2C%22label%22%3A%22bid_selected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:11 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
showad.js
ads.pubmatic.com/AdServer/js/ Frame 1FD0 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=718975&adId=2944651&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1631278450
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ask.fm/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=CC146F8A-A2DF-4195-B4B5-D84003A697D4; KRTBCOOKIE_1101=23040-7006287554795206796; PUBMDCID=3; KRTBCOOKIE_391=22924-7339593317579984733&KRTB&23263-7339593317579984733; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; KRTBCOOKIE_409=22966-lVmvfVRNQgYj0aC6bZu6XdXG; KRTBCOOKIE_57=22776-79558216986088634; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_80=22987-CAESEO51ZGjfYrPEJbupjfhZHSg&KRTB&16514-CAESEO51ZGjfYrPEJbupjfhZHSg&KRTB&23025-CAESEO51ZGjfYrPEJbupjfhZHSg; KRTBCOOKIE_22=14911-7665991417695659745; KRTBCOOKIE_153=19420-4iDCA-EkxwD5IcFU4iDcWLclxlD5JskFsSDqh6M2&KRTB&22979-4iDCA-EkxwD5IcFU4iDcWLclxlD5JskFsSDqh6M2; KRTBCOOKIE_27=16735-uid:981f613b-5569-4400-b0a4-0801701c12bf&KRTB&16736-uid:981f613b-5569-4400-b0a4-0801701c12bf&KRTB&23019-uid:981f613b-5569-4400-b0a4-0801701c12bf&KRTB&23114-uid:981f613b-5569-4400-b0a4-0801701c12bf; KRTBCOOKIE_336=5844-5682155580754221045; KRTBCOOKIE_466=16530-d9baeb63-b8bf-4e5e-80a1-f874d429193b; KRTBCOOKIE_1074=22956-e_11738dd5-e334-48db-acfc-6d0d273aa84d; KRTBCOOKIE_377=6810-41ea13fe-0ad5-4532-a924-7a4ded1cc58a&KRTB&22918-41ea13fe-0ad5-4532-a924-7a4ded1cc58a&KRTB&23031-41ea13fe-0ad5-4532-a924-7a4ded1cc58a; KRTBCOOKIE_218=22978-YTtVagAAAmZurQA6&KRTB&23194-YTtVagAAAmZurQA6&KRTB&23209-YTtVagAAAmZurQA6&KRTB&23244-YTtVagAAAmZurQA6; pp=156498; PMDTSHR=cat:; SyncRTB3=1632441600%3A189_204_222_99_5_233_231_104_230_166_57_165_3_56_220_13_88_71_54_22_55_234_81_7_176_21_8_161%7C1631836800%3A15_2_223%7C1632096000%3A63%7C1632528000%3A35%7C1636416000%3A69%7C1633824000%3A203; KRTBCOOKIE_107=1471-uid:W6couTJp1MoG2D5; KRTBCOOKIE_279=22890-2e2bd096-1236-11ec-a321-f1a78009e55e&KRTB&23011-2e2bd096-1236-11ec-a321-f1a78009e55e; PugT=1631278444; KRTBCOOKIE_860=16335-0O7K_XN1RgZyFzgtinfBulvHdks; SPugT=1631278446; chkChromeAb67Sec=3; DPSync3=1631318400%3A174%7C1633824000%3A232%7C1632441600%3A226_227_235_219_221_201_197; pubsyncexp=1631300049270
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=21369
expires
Fri, 10 Sep 2021 18:50:20 GMT
date
Fri, 10 Sep 2021 12:54:11 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 8DEC 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=718975&adId=2944651&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1631278450
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:11 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:07:52 GMT
server
Apache/2.2.15 (CentOS)
etag
"13006b6-974e-5c4c7cb53d8cb"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=21369
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13946
expires
Fri, 10 Sep 2021 18:50:20 GMT
ad-engine-response.gif
trk.vidible.tv/trk/ Frame 3E2A 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.vidible.tv/trk/ad-engine-response.gif?bcid=59ae8b057cdce042713951a0&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.73&r=https%3A%2F%2Fask.fm%2Fcactussupply519&s=true&sid=cc3c02c6-af71-48ea-b019-5b013198ca82&vvuid=4742505b-cf78-4df9-8f5b-3083d778c0cf&orgId=22762&plcid=1250061&vrid=2042dea4-179a-4226-a360-f4708e3c8eb0&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=400&aert=641&ar=no&fo=0&ft=0&h=225&cb=0.4535539521034422
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.130.33 -, , ASN (),
Reverse DNS
Software
nginx/1.21.0 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:11 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.21.0
content-type
image/gif
content-length
43
expires
Fri, 10 Sep 2021 12:54:11 GMT
t
t.lkqd.net/ Frame 2F58 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 12:54:12 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 12:54:11 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 8DEC 		27 B
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156962&siteId=718975&adId=2944651&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+7+9+1+0+1+1+1+6&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1631278450&us_privacy=&cb=1631278451658&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fask.fm%252Fcactussupply519&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fask.fm%252Fcactussupply519&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-9-10%2012:54:12&ranreq=0.3611064172715348&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=718975&adId=2944651&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1631278450
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:12 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://ask.fm
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
content-type
application/xml; charset=utf-8
track
aktrack.pubmatic.com/ Frame 8DEC 		0
0
track
aktrack.pubmatic.com/ Frame D93E 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156962&s=718975&a=2944651&ts=1631278451&wa=0&e=96&ier=901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:12 GMT
content-length
0
content-type
text/html
1
serving.stat-rock.com/v1/log/js/ 		35 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1631278444519.747&type=VIEWED_25&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&typeA=PRE&contentTypeA=VIDEO&u=https%3A%2F%2Fask.fm%2Fcactussupply519&t=8007&v=96&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.9844629331248185
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
ap8.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 12:54:12 GMT
srvf
78.140.185.32
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
dc_oe=ChMIibbh4bn08gIVaUH2CB1KBQ5WEAAYACCA9OpAQhMIx-jL4bn08gIVA48nAh2RvwU4;met=1;ecn1=1;etm1=0;eid1=960584;
ade.googlesyndication.com/ddm/activity/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIibbh4bn08gIVaUH2CB1KBQ5WEAAYACCA9OpAQhMIx-jL4bn08gIVA48nAh2RvwU4;met=1;ecn1=1;etm1=0;eid1=960584;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
v.lkqd.net/ Frame F5CC 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=99893471&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
8460b4f10c0219a59879bf83173bfd29af1a3df5405a91dc88f653495022fe77

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:12 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1346
vpaid.js
ad.lkqd.net/vpaid/ Frame 3AE4 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:12 GMT
content-encoding
gzip
last-modified
Mon, 10 May 2021 16:09:54 GMT
etag
"18431b5d583ab7507824ab63424fc76a"
x-hw
1631278452.cds142.fr8.hn,1631278452.cds107.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62012
usync.html
ad.lkqd.net/cookie-sync/ Frame DDFD 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 10 Sep 2021 12:54:12 GMT
content-encoding
gzip
content-length
1868
content-type
text/html
last-modified
Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges
bytes
etag
"81f08e6987a7c8675462207e3514d72e"
cache-control
public, max-age=1209600
x-hw
1631278452.cds142.fr8.hn,1631278452.cds226.fr8.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=99893471&m=&rtv=1&thost=ask.fm
Protocol
H2
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 12:54:12 GMT
content-length
0
access-control-allow-origin
https://ask.fm
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
ad
v.lkqd.net/ Frame 3AE4 		14 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=99893471&m=&rtv=1&thost=ask.fm
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
0e98a1490cb4a4f148652f94a6b15aaf7d7cde4477de13269b307acea894495d

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 10 Sep 2021 12:54:12 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
3770
cs
cs.lkqd.net/ Frame DDFD 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:12 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame DDFD 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:12 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame DDFD 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:12 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame DDFD 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:12 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame DDFD
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7665991417695659745
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7665991417695659745
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:12 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7665991417695659745
pragma
no-cache
date
Fri, 10 Sep 2021 12:54:12 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 12:54:12 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame 6855 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 12:54:12 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
pixel.gif
px.moatads.com/ Frame 6C43 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&ra=1&pxm=&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fc.bannerflow.net%2Fscripts%2Fiframe%3Fdid%3D5dc013805badb900016a47c1%26deeplink%3Don%26a%3D610a76f4256010b5f790cc58%26redirecturl%3Dhttp%253A%252F%252Fservedby.flashtalking.com%252Fclick%252F1%252F152991%253B5602468%253B3529838%253B211%253B0%253Furl%253Dhttps%253A%252F%252Fbetway.de%252Fbwp%252Fsports-welcome-mr-instinkt-soccer-de%252Fde-de%252F%253Fs%253Dbw213892%2526a%253DDDR3259481681987463%2526utm_medium%253Ddisplay%2526utm_source%253DSportradar%2526utm_campaign%253DFeed%2526utm_content%253DAlwaysOn&i=BETWAY_GLOBAL_FT_DISPLAY1&ol=1058780619&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%3AxkrG%3D01%60%3CY%24d!K%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-R2Yyp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&sc=1&os=1-gw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=7&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=970&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fask.fm%2F&id=0&ii=9&f=1&j=https%3A%2F%2Fask.fm%2F&lp=https%3A%2F%2Fask.fm&t=1631278442420&de=452662085407&cu=1631278442420&m=10378&ar=503c7d4-clean&iw=85d6c64&cb=0&ym=0&ll=2&lm=3&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&gm=1&io=1&fa=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A373%3A373%3A1129%3A125&aa=1&ad=10119&cn=5295&gn=1&gk=10119&gl=5295&ik=10119&ic=10119&ez=1&co=1028&cp=1068&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10162&cd=5338&ah=10162&am=5338&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=152991%3A17602%3A5602468%3A3529838&bo=ask.fm&bd=ask.fm&gw=betwayglobalftdisplay906661272790&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMMStrategy=-&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=194337&na=115759102&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:12 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 10 Sep 2021 12:54:12 GMT
truncated
/ Frame 3AE4 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
vpaid_44854a27.js
vpaid.springserve.com/production/ Frame D40C 		487 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_44854a27.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:b000:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
11e41d859e2bb2f97068bbbffff15522b7852828e938a464164ffbad62cfa389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Aug 2021 15:01:09 GMT
content-encoding
br
last-modified
Wed, 25 Aug 2021 15:00:31 GMT
server
AmazonS3
age
1374784
etag
W/"d48d9d8b9aa42be3c59a03030903498a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
0aUYmnFPIey69IzEB_63JdiPotUTWTsCrljkzeVvcTcZY9exINzCoA==
t
t.lkqd.net/ Frame 6855 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 12:54:13 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 12:54:13 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
48953915
mc.yandex.com/webvisor/ 		43 B
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=6&wv-hit=668703111&page-url=https%3A%2F%2Fask.fm%2Fcactussupply519&rn=523956550&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1631278453%3Aw%3A1600x1200%3Av%3A631%3Az%3A0%3Ai%3A202109010125413%3Au%3A1631278440708263106%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1631278453
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:13 GMT
last-modified
Fri, 10-Sep-2021 12:54:13 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 10-Sep-2021 12:54:13 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 2B15 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_44854a27.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=79558216986088634; anj=dTM7k!M4.FEVNsVF']wIg2E?bqI22o!]tbPl@/j]O5#y!=0vT718@c'g_LlK.y9:@/m7dSkB<_]>hL^=lf)p[fS<Ke6*e(^[ojS<(j#iP(Md+>)fy-DMQbOt; icu=ChgI_t1aEAoYASABKAEw7KrtiQY4AUABSAEKGAjV03UQChgDIAMoAzDxqu2JBjgDQANIAxDxqu2JBhgD
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Fri, 03 Sep 2021 04:45:39 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 10 Sep 2021 12:54:13 GMT
Age
29300
X-Served-By
cache-lga21923-LGA, cache-fra19146-FRA
X-Cache
HIT, HIT
X-Cache-Hits
1, 266517
X-Timer
S1631278453.302853,VS0,VE0
Vary
Accept-Encoding
openrtb
ads.adaptv.advertising.com/rtb/ Frame D40C 		0
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_44854a27.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.100.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-100-70.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ask.fm
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ Frame D40C 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_44854a27.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
565bd5f2e2d7b6d0a1b09aa15b5dfa0068964dea3ed52df5c26bcfd3bd80e813
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:13 GMT
X-Proxy-Origin
91.199.118.75; 91.199.118.75; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
2ea873e4-cf91-436f-a7ca-33ce51144a65
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame D40C 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_44854a27.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0496219c4d90decc6f0606227b85bf80c76a742706b68ba5e8b95900d90e2883
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:13 GMT
X-Proxy-Origin
91.199.118.75; 91.199.118.75; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
ea1c6ed3-f2a9-4cf2-a132-478a23fb2729
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame D40C 		165 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_44854a27.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
f54c990487997ac95dbe90a5f99f2898ca94045be6648a40f970d5aeb61246cc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:13 GMT
X-Proxy-Origin
91.199.118.75; 91.199.118.75; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
b6cebe36-b8fa-44ca-9e4e-1fe7cc305636
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
165
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 2B15 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:13 GMT
X-Proxy-Origin
91.199.118.75; 91.199.118.75; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
2daac169-2c53-48e4-af67-bcfdd1779dd1
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame D40C 		67 B
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&playerSize=400x225&loc=https%3A%2F%2Fask.fm%2Fcactussupply519&_fw_gdpr=&_fw_gdpr_consent=&cb=1631278452737&width=400&height=225&dnt=&ip=146.20.132.115&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&schain=1.0,1!vidoomy.com,54345,1,1631278452737,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_44854a27.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.142.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-142-210.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:13 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1631278453358086-599
Expires
Fri, 10 Sep 2021 12:54:13 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame D40C 		965 B
845 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&schain=1.0,1!vidoomy.com,54345,1,1631278452737,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_44854a27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
71b1d7746d906f8d74defa720321a3c2974aae74ab8b08960981fd3ce9512f20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:13 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
593
expires
Fri, 10 Sep 2021 12:54:13 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 8FB7 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&schain=1.0,1!vidoomy.com,54345,1,1631278452737,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:13 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
showad.js
ads.pubmatic.com/AdServer/js/ Frame FBB5 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&schain=1.0,1!vidoomy.com,54345,1,1631278452737,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=CC146F8A-A2DF-4195-B4B5-D84003A697D4; KRTBCOOKIE_1101=23040-7006287554795206796; PUBMDCID=3; KRTBCOOKIE_391=22924-7339593317579984733&KRTB&23263-7339593317579984733; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; KRTBCOOKIE_409=22966-lVmvfVRNQgYj0aC6bZu6XdXG; KRTBCOOKIE_57=22776-79558216986088634; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_80=22987-CAESEO51ZGjfYrPEJbupjfhZHSg&KRTB&16514-CAESEO51ZGjfYrPEJbupjfhZHSg&KRTB&23025-CAESEO51ZGjfYrPEJbupjfhZHSg; KRTBCOOKIE_22=14911-7665991417695659745; KRTBCOOKIE_153=19420-4iDCA-EkxwD5IcFU4iDcWLclxlD5JskFsSDqh6M2&KRTB&22979-4iDCA-EkxwD5IcFU4iDcWLclxlD5JskFsSDqh6M2; KRTBCOOKIE_27=16735-uid:981f613b-5569-4400-b0a4-0801701c12bf&KRTB&16736-uid:981f613b-5569-4400-b0a4-0801701c12bf&KRTB&23019-uid:981f613b-5569-4400-b0a4-0801701c12bf&KRTB&23114-uid:981f613b-5569-4400-b0a4-0801701c12bf; KRTBCOOKIE_336=5844-5682155580754221045; KRTBCOOKIE_466=16530-d9baeb63-b8bf-4e5e-80a1-f874d429193b; KRTBCOOKIE_1074=22956-e_11738dd5-e334-48db-acfc-6d0d273aa84d; KRTBCOOKIE_377=6810-41ea13fe-0ad5-4532-a924-7a4ded1cc58a&KRTB&22918-41ea13fe-0ad5-4532-a924-7a4ded1cc58a&KRTB&23031-41ea13fe-0ad5-4532-a924-7a4ded1cc58a; KRTBCOOKIE_218=22978-YTtVagAAAmZurQA6&KRTB&23194-YTtVagAAAmZurQA6&KRTB&23209-YTtVagAAAmZurQA6&KRTB&23244-YTtVagAAAmZurQA6; pp=156498; PMDTSHR=cat:; SyncRTB3=1632441600%3A189_204_222_99_5_233_231_104_230_166_57_165_3_56_220_13_88_71_54_22_55_234_81_7_176_21_8_161%7C1631836800%3A15_2_223%7C1632096000%3A63%7C1632528000%3A35%7C1636416000%3A69%7C1633824000%3A203; KRTBCOOKIE_107=1471-uid:W6couTJp1MoG2D5; KRTBCOOKIE_279=22890-2e2bd096-1236-11ec-a321-f1a78009e55e&KRTB&23011-2e2bd096-1236-11ec-a321-f1a78009e55e; PugT=1631278444; KRTBCOOKIE_860=16335-0O7K_XN1RgZyFzgtinfBulvHdks; SPugT=1631278446; chkChromeAb67Sec=3; DPSync3=1631318400%3A174%7C1633824000%3A232%7C1632441600%3A226_227_235_219_221_201_197; pubsyncexp=1631300049270
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=21366
expires
Fri, 10 Sep 2021 18:50:20 GMT
date
Fri, 10 Sep 2021 12:54:14 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 8FB7 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&schain=1.0,1!vidoomy.com,54345,1,1631278452737,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:13 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:07:52 GMT
server
Apache/2.2.15 (CentOS)
etag
"13006b6-974e-5c4c7cb53d8cb"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=21367
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13946
expires
Fri, 10 Sep 2021 18:50:20 GMT
storage.html
moe.video/ Frame 4967 		18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moe.video/storage.html?v=08
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.52 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f29.moevideo.net
Software
nginx /
Resource Hash
55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Host
moe.video
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://moevideo.biz/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/

Response headers

Server
nginx
Date
Fri, 10 Sep 2021 12:54:14 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 30 Aug 2021 11:44:02 GMT
ETag
W/"612cc482-4783"
X-My-Name
s37
X-My-Reqtime
0.100
X-B-Name
f29
Content-Encoding
gzip
truncated
/ Frame FAA0 		313 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6add357eb64adef558f956767816927de0b8be69dd7a8f50953a0f79ee20daee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 8FB7 		27 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&schain=1.0,1!vidoomy.com,54345,1,1631278452737,,&kltstamp=2021-9-10%2012%3A54%3A13&ranreq=0.7176596401705908&timezone=0&us_privacy=&cb=1631278453808&SAVersion=2&inIframe=1&pageURL=&screenResolution=-1x-1&kdntuid=1&vwndh=0&vwndw=0&vwndurl=&vwndref=&vc=2&js=1&sec=1
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&schain=1.0,1!vidoomy.com,54345,1,1631278452737,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:14 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://ask.fm
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
async_usersync
ib.adnxs.com/ Frame 2B15 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:14 GMT
X-Proxy-Origin
91.199.118.75; 91.199.118.75; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
89543d7c-40a2-4e73-8199-af34a0b55c96
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction_multi
am-0.moevideo.biz/ssp/ Frame FAA0 		2 B
476 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://am-0.moevideo.biz/ssp/auction_multi
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
83.229.25.205 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:14 GMT
X-Balancer-Name
fvm13
Last-Modified
Fri, 10 Sep 2021 12:54:14 GMT
Server
nginx
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://moevideo.biz
X-B-Name
fvm13
Cache-Control
no-cache, must-revalidate;post-check=0,pre-check=0;max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
Expires
Thu, 19 Feb 1998 13:24:18 GMT
analytics.js
www.google-analytics.com/ Frame FAA0 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=VtzIPD30DPpYmx0oQ4g3Wv%2BRbOFg0nwnGgMOfVIHuE4pcAdhVW6OB8T8zr6ynwwg&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fcactussupply519&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
437
date
Fri, 10 Sep 2021 12:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Fri, 10 Sep 2021 14:46:57 GMT
ads-async.js
ad.mail.ru/static/ Frame FAA0 		193 B
485 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/static/ads-async.js
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=VtzIPD30DPpYmx0oQ4g3Wv%2BRbOFg0nwnGgMOfVIHuE4pcAdhVW6OB8T8zr6ynwwg&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fcactussupply519&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
d0d2b70ff09df898f2652af487149d55391a4088ad738ad9f69286ef5e734811

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:14 GMT
Server
nginx
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=600
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
193
Expires
Fri, 10 Sep 2021 13:04:14 GMT
AdRiverFPS_MV.js
content.adriver.ru/banners/0007207/0007207973/0/ Frame FAA0 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.adriver.ru/banners/0007207/0007207973/0/AdRiverFPS_MV.js?id1=2aeac8bf8f14ce5af194
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=VtzIPD30DPpYmx0oQ4g3Wv%2BRbOFg0nwnGgMOfVIHuE4pcAdhVW6OB8T8zr6ynwwg&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fcactussupply519&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.96.36 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
c95123ccc9890a5ac5dba9d9060abc099e1fcb9f7e1043c675188ac12942616f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:14 GMT
last-modified
Fri, 09 Apr 2021 14:49:31 GMT
server
nginx
etag
"6070697b-26a8"
content-type
application/x-javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
9896
expires
Fri, 10 Sep 2021 13:54:14 GMT
auction_multi
am-0.moevideo.biz/ssp/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://am-0.moevideo.biz/ssp/auction_multi
Protocol
HTTP/1.1
Server
83.229.25.205 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://moevideo.biz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Fri, 10 Sep 2021 12:54:14 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET, POST, OPTIONS
i
vid-io-cle.springserve.com/vd/ Frame D40C 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=2b07abfe&ps_id=487310&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_44854a27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.12.29.116 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-12-29-116.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 12:54:14 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
track
aktrack.pubmatic.com/ Frame D40C 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1631278453&wa=0&e=96&ier=901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:14 GMT
content-length
0
content-type
text/html
6E98B6.js
r.mradx.net/img/58/ Frame FAA0 		185 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r.mradx.net/img/58/6E98B6.js
Requested by
Host: ad.mail.ru
URL: https://ad.mail.ru/static/ads-async.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a00:1148:db00::28 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
7568bf67bec31079e13d3eea3a735e7cf5179c15d6deb65822ce6c9bd23df350

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:14 GMT
Content-Encoding
gzip
Last-Modified
Tue, 29 Jun 2021 07:24:19 GMT
Server
nginx
ETag
W/"60dacaa3-2e478"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Connection
keep-alive
Timing-Allow-Origin
*
Expires
Thu, 31 Dec 2037 23:55:55 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 12:54:14 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame 6855 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 12:54:14 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
json.cgi
ad.adriver.ru/cgi-bin/ Frame FAA0 		385 B
1023 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.adriver.ru/cgi-bin/json.cgi?sid=1&ad=719473&bt=55&pid=3198680&bid=7189165&bn=7189165&custom=300=0;301=Ag3ZT-ajkiBDKDdd9t2LB9Q;302=Ag3ZT-ajkiBDKDdd9t2LB9Q;303=unavail;304=Ag3ZT-ajkiBDKDdd9t2LB9Q;305=2aeac8bf8f14ce5af194;306=;307=;308=0;309=0
Requested by
Host: content.adriver.ru
URL: https://content.adriver.ru/banners/0007207/0007207973/0/AdRiverFPS_MV.js?id1=2aeac8bf8f14ce5af194
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.108.48 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
dfd04b7872d9287e3400f1a62b8db0750dc5ea0f72688717d2f0e6a88194a5e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/embed/vpaid?token=VtzIPD30DPpYmx0oQ4g3Wv%2BRbOFg0nwnGgMOfVIHuE4pcAdhVW6OB8T8zr6ynwwg&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fcactussupply519&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 12:54:14 GMT
Transfer-Encoding
chunked
P3P
policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Access-Control-Allow-Origin
https://moevideo.biz
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Expires
Thu, 01 Jan 1970 00:00:00 GMT
storage.html
moe.video/ Frame DF17 		18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moe.video/storage.html?v=08
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.52 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f29.moevideo.net
Software
nginx /
Resource Hash

Request headers

Host
moe.video
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://moevideo.biz/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/

Response headers

Server
nginx
Date
Fri, 10 Sep 2021 12:54:15 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 30 Aug 2021 11:42:49 GMT
ETag
W/"612cc439-4783"
X-My-Name
s11
X-My-Reqtime
1.134
X-B-Name
f29
Content-Encoding
gzip
storage.html
moe.video/ Frame 4E18 		18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moe.video/storage.html?v=08
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.52 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f29.moevideo.net
Software
nginx /
Resource Hash
55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Host
moe.video
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://moevideo.biz/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/

Response headers

Server
nginx
Date
Fri, 10 Sep 2021 12:54:15 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 30 Aug 2021 11:42:53 GMT
ETag
W/"612cc43d-4783"
X-My-Name
s26
X-My-Reqtime
1.104
X-B-Name
f29
Content-Encoding
gzip
389706
ad.mail.ru/vast/ Frame FAA0 		0
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/389706?pr=7233137&sc=2453591051&dl=moevideo.biz
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:14 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
389706
ad.mail.ru/vast/ Frame FAA0 		0
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/389706?pr=4432528&sc=2453591051&dl=https%3A%2F%2Fask.fm%2Fcactussupply519
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:14 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
vast
stats.seedr.com/ Frame FAA0 		766 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.seedr.com/vast?gid=5a422ce95f366efa348b462b&sc=2453591051&pr=9502148
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.185.194.45 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
host45.seedr.ru
Software
nginx /
Resource Hash
6f7cdeefc6f0b83e3057ace9d1096ba993a928c20e86da0cd0bde0fb6d11bec2

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:14 GMT
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/xml; charset=utf-8
Access-Control-Allow-Origin
https://moevideo.biz
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, *
174627
ad.mail.ru/vast/ Frame FAA0 		61 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/174627?rand=3340372&sc=2453591051&dl=https%3A%2F%2Fask.fm%2Fcactussupply519
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
db4857f9c629c7255011feed900ea424555f595daea63a20cb9d28f659024778

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:15 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
vkAuth.html
ad.mail.ru/dist/ Frame 85D6 		523 B
802 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/dist/vkAuth.html
Requested by
Host: r.mradx.net
URL: https://r.mradx.net/img/58/6E98B6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
ed75109404e5ed7750f964bfe12245ad0d67cd4fb6d2d4138ee094d322477c82

Request headers

Host
ad.mail.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://moevideo.biz/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/

Response headers

Server
nginx
Date
Fri, 10 Sep 2021 12:54:15 GMT
Content-Type
text/html;charset=UTF-8
Content-Length
523
Connection
keep-alive
Expires
Fri, 10 Sep 2021 13:04:15 GMT
Cache-Control
max-age=600
Access-Control-Allow-Origin
*
Timing-Allow-Origin
*
/
ad.mail.ru/adq/ Frame FAA0 		83 B
450 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/adq/?callback=mailru_ad1631278455099&q=199847&vk=0&_=563029223
Requested by
Host: r.mradx.net
URL: https://r.mradx.net/img/58/6E98B6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
147024f9544ce5c541fdcd66fcf0d59ed116b4a35e69a392e4c1fdfa4ce52994

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/embed/vpaid?token=VtzIPD30DPpYmx0oQ4g3Wv%2BRbOFg0nwnGgMOfVIHuE4pcAdhVW6OB8T8zr6ynwwg&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fcactussupply519&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:15 GMT
Content-Encoding
gzip
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Transfer-Encoding
chunked
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
private, no-cache, no-store
Connection
keep-alive
Timing-Allow-Origin
*
nr-vpaid.min.js
cdn01.nativeroll.tv/js/ Frame EF7D 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn01.nativeroll.tv/js/nr-vpaid.min.js
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
61732724ef457a86cb694449dcd434f954d42a2b50d873a96745f1a7ebac7aca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
fr5-up-gc33
date
Fri, 10 Sep 2021 12:54:15 GMT
content-encoding
gzip
last-modified
Tue, 07 Sep 2021 15:15:08 GMT
server
nginx
etag
W/"613781fc-33da"
vary
Accept-Encoding
x-cached-since
2021-09-10T11:22:25+00:00
content-type
application/javascript; charset=utf-8
cache-control
max-age=7200
cache
HIT
expires
Tue, 07 Sep 2021 17:19:33 GMT
48953915
mc.yandex.com/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=7&wv-hit=668703111&page-url=https%3A%2F%2Fask.fm%2Fcactussupply519&rn=125194679&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1631278455%3Aw%3A1600x1200%3Av%3A631%3Az%3A0%3Ai%3A202109010125415%3Au%3A1631278440708263106%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1631278455
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:15 GMT
last-modified
Fri, 10-Sep-2021 12:54:15 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 10-Sep-2021 12:54:15 GMT
nr-player.min.js
cdn01.nativeroll.tv/js/ Frame 5A87 		529 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn01.nativeroll.tv/js/nr-player.min.js
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-vpaid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1e51fd15944329fa0576ec339cc9071c33ce181e029f486625273f41cc4db361

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
fr5-up-gc33
date
Fri, 10 Sep 2021 12:54:15 GMT
content-encoding
gzip
last-modified
Tue, 07 Sep 2021 15:15:08 GMT
server
nginx
etag
W/"613781fc-84255"
vary
Accept-Encoding
x-cached-since
2021-09-10T11:19:45+00:00
content-type
application/javascript; charset=utf-8
cache-control
max-age=7200
cache
HIT
expires
Tue, 07 Sep 2021 17:18:13 GMT
ad
v.lkqd.net/ Frame F5CC 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=1325368&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
3b8376eddf63b945d89f840821352ab5fabaf4d5a208669f4e83d89d10304ffd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:15 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1347
openapi.js
vk.com/js/api/ Frame 85D6 		100 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/js/api/openapi.js?169
Requested by
Host: ad.mail.ru
URL: https://ad.mail.ru/dist/vkAuth.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
Software
kittenx /
Resource Hash
4a59afde8e0c966992b4cf31107f3e706e78572223f8f28162c218673bf7a71b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.mail.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:15 GMT
content-encoding
br
x-frontend
front512005
last-modified
Tue, 15 Jun 2021 09:11:55 GMT
server
kittenx
etag
"60c86edb-5802"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
content-length
22530
expires
Tue, 14 Sep 2021 12:54:15 GMT
analytics.js
www.google-analytics.com/ Frame 5A87 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
438
date
Fri, 10 Sep 2021 12:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Fri, 10 Sep 2021 14:46:57 GMT
nr-box.html
cdn01.nativeroll.tv/js/ Frame 135F 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn01.nativeroll.tv/js/nr-box.html?origin=https%3A%2F%2Fmoevideo.biz
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
3005566d549831baab1aa7e940190d69a0ad0b67db5a1fde8059275394b1f151

Request headers

:method
GET
:authority
cdn01.nativeroll.tv
:scheme
https
:path
/js/nr-box.html?origin=https%3A%2F%2Fmoevideo.biz
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://moevideo.biz/
accept-encoding
gzip, deflate, br
cookie
cid=8a7127b2-8ee2-4e1b-8587-80ea2814f29d; wdata[social_class]=0; wdata[age]=0; wdata[gender]=0; wdata[expire]=1631285646
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/

Response headers

server
nginx
date
Fri, 10 Sep 2021 12:54:15 GMT
content-type
text/html; charset=utf-8
last-modified
Wed, 01 Sep 2021 06:34:44 GMT
vary
Accept-Encoding
etag
W/"612f1f04-1b73"
cache
HIT
x-cached-since
2021-09-07T10:10:24+00:00
x-id
fr5-up-gc33
content-encoding
gzip
hosts.json
cdn02.nativeroll.tv/player/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn02.nativeroll.tv/player/hosts.json
Protocol
H2
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
cache-control
Origin
https://moevideo.biz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 12:54:15 GMT
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Content-Encoding,Content-Range,Content-Length
access-control-expose-headers
Content-Encoding,Content-Range,Content-Length
access-control-max-age
1728000
access-control-allow-origin
https://moevideo.biz
x-id
fr5-up-gc14
hosts.json
cdn02.nativeroll.tv/player/ Frame 5A87 		301 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn02.nativeroll.tv/player/hosts.json
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
b92087c8f2dbb941e624d2403cf39e049a9d75d62859df03ddda63bfdbda182c

Request headers

cache-control
no-cache
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
fr5-up-gc33
date
Fri, 10 Sep 2021 12:54:15 GMT
content-encoding
gzip
last-modified
Thu, 25 Feb 2021 15:02:35 GMT
server
nginx
etag
W/"6037bc0b-12d"
x-cached-since
2021-09-08T10:38:48+00:00
content-type
application/json
access-control-allow-origin
https://moevideo.biz
access-control-expose-headers
Content-Encoding,Content-Range,Content-Length
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Content-Encoding,Content-Range,Content-Length
cache
HIT
502293478
www.tns-counter.ru/V13a****nativeroll_tv/ru/UTF-8/tmsec=nativeroll_total/ Frame 5A87 		43 B
414 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tns-counter.ru/V13a****nativeroll_tv/ru/UTF-8/tmsec=nativeroll_total/502293478
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=VtzIPD30DPpYmx0oQ4g3Wv%2BRbOFg0nwnGgMOfVIHuE4pcAdhVW6OB8T8zr6ynwwg&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fcactussupply519&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software
ms-counter-3.2.9/1.20.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=2678400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:15 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
ms-counter-3.2.9/1.20.1
strict-transport-security
max-age=2678400
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
vpaid.js
ad.lkqd.net/vpaid/ Frame A5A4 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:15 GMT
content-encoding
gzip
last-modified
Mon, 10 May 2021 16:09:54 GMT
etag
"18431b5d583ab7507824ab63424fc76a"
x-hw
1631278455.cds142.fr8.hn,1631278455.cds107.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62012
/
login.vk.com/ Frame 85D6 		27 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.vk.com/?act=openapi&oauth=1&aid=7871968&location=ad.mail.ru&new=1
Requested by
Host: vk.com
URL: https://vk.com/js/api/openapi.js?169
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.129.135 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv135-129-240-87.vk.com
Software
kittenx / KPHP/7.4.108537
Resource Hash
52732007dd790f73859fc299aef99cd5aaff8c209e045f02ce3b0285a0567095
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.mail.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:15 GMT
content-encoding
gzip
server
kittenx
x-powered-by
KPHP/7.4.108537
strict-transport-security
max-age=15768000
access-control-allow-methods
GET
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://ad.mail.ru
cache-control
no-store
access-control-allow-credentials
true
content-type
text/html; charset=windows-1251
content-length
41
usync.html
ad.lkqd.net/cookie-sync/ Frame FDF4 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 10 Sep 2021 12:54:15 GMT
content-encoding
gzip
content-length
1868
content-type
text/html
last-modified
Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges
bytes
etag
"81f08e6987a7c8675462207e3514d72e"
cache-control
public, max-age=1209600
x-hw
1631278455.cds142.fr8.hn,1631278455.cds226.fr8.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=1325368&m=&rtv=1&thost=ask.fm
Protocol
H2
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 12:54:15 GMT
content-length
0
access-control-allow-origin
https://ask.fm
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
ad
v.lkqd.net/ Frame A5A4 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fcactussupply519&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=1325368&m=&rtv=1&thost=ask.fm
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
370e0116de921e16f8852f8f1d0eae51b271f7a4de8a77764175c3e1b86b176c

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 10 Sep 2021 12:54:15 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1777
5a422ce95f366efa348b462b
statsb.nativeroll.tv/nr/aserver/group/ Frame 5A87 		67 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://statsb.nativeroll.tv/nr/aserver/group/5a422ce95f366efa348b462b?event=visit&gid=5a422ce95f366efa348b462b&v=1.18.18&url=https%3A%2F%2Fask.fm%2F&title=&ref=https%3A%2F%2Fask.fm%2F&block_enabled=0&width=432&height=243&offset_px=0&offset_pct=0&lenght_px=243&cookie_enabled=1&t=2021-09-10T12%3A54%3A15&mode=vpaid&data_saver=false&sc=2453591051&nr_f=MTYzMTI3ODQ1NTc4Mw%3D%3D&ancestor_origins=https%3A%2F%2Fmoevideo.biz%2Chttps%3A%2F%2Fask.fm&hwConcurrency=4&deviceMemory=8&platform=Linux%20x86_64&touchPoints=0&plays360=true&plays_inline=true&power_saver=false&li=&cid=32a93377-ba00-4c57-b3ae-0e4383b2ee68
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.43.83 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
host83.seedr.ru
Software
nginx /
Resource Hash
cac4cff1067d546eee4b0907276ecbb1e57c02d2ac6002ddc1718c9ed422a621

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:15 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://moevideo.biz
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, *
Content-Length
67
48953915
mc.yandex.com/watch/ 		43 B
73 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/48953915?page-url=https%3A%2F%2Fask.fm%2Fcactussupply519&charset=utf-8&browser-info=nb%3A1%3Acl%3A283%3Aar%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A1%3Adp%3A1%3Als%3A604330922601%3Ahid%3A668703111%3Az%3A0%3Ai%3A202109010125415%3Aet%3A1631278456%3Ac%3A1%3Arn%3A431740489%3Arqn%3A3%3Au%3A1631278440708263106%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1631278439185%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A0%3Ast%3A1631278456&force-urlencoded=1
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 12:54:15 GMT
last-modified
Fri, 10-Sep-2021 12:54:15 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 10-Sep-2021 12:54:15 GMT
cs
cs.lkqd.net/ Frame FDF4 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:15 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame FDF4 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:15 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame FDF4 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:15 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame FDF4 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:15 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame FDF4
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7665991417695659745
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7665991417695659745
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.118 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:54:15 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7665991417695659745
pragma
no-cache
date
Fri, 10 Sep 2021 12:54:15 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
t
t.lkqd.net/ Frame 25A9 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 12:54:16 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 12:54:15 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
5a422ce95f366efa348b462b.jsonp
statsb.nativeroll.tv/nr/aserver/group/ Frame EF7D 		0
454 B 		Script
General
Check archive.org
Download Go to
Full URL
https://statsb.nativeroll.tv/nr/aserver/group/5a422ce95f366efa348b462b.jsonp?event=impression&v=1.18.18&gid=5a422ce95f366efa348b462b&url=https%3A%2F%2Fmoevideo.biz%2Fembed%2Fvpaid%3Ftoken%3DVtzIPD30DPpYmx0oQ4g3Wv%252BRbOFg0nwnGgMOfVIHuE4pcAdhVW6OB8T8zr6ynwwg%26ref%3Dviads-ask.fm%26title%3D%26duration%3D0%26test%3D0%26proxyVars%255Breferer%255D%3Dhttps%253A%252F%252Fask.fm%252Fcactussupply519%26impressionAfterPaid%3D1%26muteVisibleCheck%3D1%26vl%3D1%26es%3D1%26mvver%3D1707&title=&cookie_enabled=1&block_enabled=0&ref=https%3A%2F%2Fask.fm%2F&width=432&offset_px=0&offset_pct=0&lenght_px=243&nr_f=MTYzMTI3ODQ1NTgzNg%3D%3D&plays360=true&plays_inline=true&rsn=255
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-vpaid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.43.83 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
host83.seedr.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:15 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Headers
Content-Type, *
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 12:54:15 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame 25A9 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.57 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 12:54:16 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
935975
ad.mail.ru/vast/ Frame FAA0 		60 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/935975?rand=425702&sc=2453591051&dl=moevideo.biz
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:16 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
935975
ad.mail.ru/vast/ Frame FAA0 		60 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/935975?rand=1672920&sc=2453591051&dl=https%3A%2F%2Fask.fm%2Fcactussupply519
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:16 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
197143
ad.mail.ru/vast/ Frame FAA0 		61 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/197143?pr=8603881&sc=2453591051&dl=https%3A%2F%2Fask.fm%2Fcactussupply519
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
db4857f9c629c7255011feed900ea424555f595daea63a20cb9d28f659024778

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:16 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
362146
ad.mail.ru/vast/ Frame FAA0 		0
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/362146?rand=5550858&sc=2453591051&dl=https%3A%2F%2Fask.fm%2Fcactussupply519
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:16 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
362146
ad.mail.ru/vast/ Frame FAA0 		0
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/362146?rand=8769955&sc=2453591051&dl=moevideo.biz
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:16 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
942495
ad.mail.ru/vast/ Frame FAA0 		60 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/942495?rand=2995944&sc=2453591051&dl=https%3A%2F%2Fask.fm%2Fcactussupply519
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 12:54:16 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
942495
ad.mail.ru/vast/ Frame FAA0 		0
0
726513
ad.mail.ru/vast/ Frame FAA0 		0
0
get
pub-eu.p.otm-r.com/ Frame FAA0 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
i.connectad.io
URL
https://i.connectad.io/api/v2
Domain
trc.taboola.com
URL
https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0
Domain
aktrack.pubmatic.com
URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1631278441&wa=0&e=96&ier=901
Domain
aktrack.pubmatic.com
URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1631278445&wa=0&e=96&ier=901
Domain
moevideo-sync.rutarget.ru
URL
https://moevideo-sync.rutarget.ru/sync
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzQ1NjZjOWItMTkyYi02YTkwLTQwMTktMzA0YWJkYmZhYjlk
Domain
a.audrte.com
URL
https://a.audrte.com/p
Domain
aktrack.pubmatic.com
URL
https://aktrack.pubmatic.com/track?operId=7&p=156962&s=662274&a=2645911&ts=1631278450&wa=0&e=95&vc=2
Domain
aktrack.pubmatic.com
URL
https://aktrack.pubmatic.com/track?operId=7&p=156962&s=718975&a=2944651&ts=1631278452&wa=0&e=95&vc=2
Domain
ad.mail.ru
URL
https://ad.mail.ru/vast/942495?rand=528702&sc=2453591051&dl=moevideo.biz
Domain
ad.mail.ru
URL
https://ad.mail.ru/vast/726513
Domain
pub-eu.p.otm-r.com
URL
https://pub-eu.p.otm-r.com/get?placement_id=58b41eb87a379fc852fa4496&when=pre&stream=instream&domain=https%3A%2F%2Fask.fm%2Fcactussupply519

Verdicts & Comments Add Verdict or Comment

179 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| onbeforexrselect boolean| originAgentCluster function| logError function| $ function| jQuery function| PerfectScrollbar object| Turbolinks function| Cursores object| Utils object| Events object| Browser object| Turbolinkz function| Actions object| Ajax object| Mutex function| Pages object| AjaxUI object| ScrollBar object| AnswerCard object| ProfileTabCounters object| ThreadCounters object| Pager object| Config object| Answers undefined| AskfmAd undefined| Atcomplete undefined| Autofocus object| Flash object| Uploads object| Avatar object| Background object| Form object| Button object| Captcha function| Recaptcha2onLoad object| Checkbox object| ConfirmDialog function| Log object| PositionFixedFocus object| FacebookSharing object| Lightbox object| Yandex object| TrackingGoals object| FormXHR object| Gdpr object| GoogleAnalytics undefined| HoverToActive object| LoginCheck object| MassAsk object| Media object| Notifications object| Offers undefined| Optad360 object| PhotoAnswer object| Photopoll object| PopupCallback object| Pymk object| Pyml object| Questions object| SecretAnswers undefined| ServiceWorkerRemoval object| Stream undefined| Tagcomplete object| Toggle object| Tracking object| UpdatePinger undefined| Viads object| Viewport function| admiral object| googletag function| ym function| 4dm1r11545242527 object| Ya object| yaCounter48953915 function| eHost string| va string| vb string| vc string| vd string| ve string| vf string| vg string| vh string| vi string| vj string| vk string| vl string| vm string| vn string| url function| loadVidPlayers function| __tcfapi_8928924878912 object| lkqdSettings object| vpaidLoader object| lkqd object| mobile_blocked_mfs function| lkqd_http_response function| startTimer function| fbAsyncInit object| dataLayer object| FB object| google_tag_manager object| AdSlotCollection object| regeneratorRuntime object| pbjs325474 object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| __uspClient object| __cmpClient object| __oa360ScriptsState boolean| __isGoogleAllowed function| avPlayer function| viadsClosePlayer function| pbjs325474Chunk object| _pbjsGlobals function| JSEncrypt object| ADAGIO object| sas object| apntag object| _ADAGIO function| Hls object| storageAni string| viPlayerStatus object| __VR object| s object| c object| h object| sl function| Tapad number| google_global_correlator function| loadCMP boolean| sas_noad object| pcodeJsonp434470dmJ4UMiN5 number| pr function| AdFox_getCodeScript object| adfoxAsyncParams object| adfoxAsyncParamsScroll object| adfoxAsyncParamsAdaptive object| yaSafeFrameCallbacksStorage boolean| isLoadingSafeframeStarted object| ya boolean| yandex_context_perf_logging object| layoutConfig object| $sf object| yaSafeFrameAsyncCallbacks object| yaCounter652294 function| AdPlayerPro object| DMVAST function| playerPro object| pcodeJsonp43426nQ2j4dKeE0 object| mv11703233

225 Cookies

Domain/Path Name / Value
ask.fm/ Name: locale
Value: de
ask.fm/ Name: uuid
Value: 6783b323-c38d-42eb-8edb-4cb5e3136798
ask.fm/ Name: country
Value: DE
ask.fm/ Name: traffic_source
Value: organic
.ask.fm/ Name: _ym_uid
Value: 1631278440708263106
.ask.fm/ Name: _ym_d
Value: 1631278440
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 50544402fake
.ask.fm/ Name: _ym_isad
Value: 2
.bidswitch.net/ Name: tuuid
Value: d9baeb63-b8bf-4e5e-80a1-f874d429193b
.bidswitch.net/ Name: c
Value: 1631278440
.bidswitch.net/ Name: tuuid_lu
Value: 1631278440
ads.stickyadstv.com/ Name: UID
Value: d5da3dddbeac10ccacfb4cf2f9574b1
ads.stickyadstv.com/ Name: sessionId
Value: 26d9bed872dd77f53203f3991ab8821
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1544915432fake
.yandex.com/ Name: yandexuid
Value: 1813081081631278440
.yandex.com/ Name: yuidss
Value: 1813081081631278440
mc.yandex.com/ Name: yabs-sid
Value: 695064671631278440
.yandex.com/ Name: i
Value: VR1wow4jPMtA3D5lVwGcwl2IpnHMbioGSsUPoCvNV1+kMvT7eT6r1aqVsm9YSu/4xBqKLbGcpVZa7J5PpiboqBN8M1A=
.yandex.com/ Name: ymex
Value: 1662814440.yrts.1631278440#1662814440.yrtsi.1631278440
.ask.fm/ Name: _ym_visorc
Value: w
.turn.com/ Name: uid
Value: 7665991417695659745
.doubleclick.net/ Name: IDE
Value: AHWqTUkYgLwO5A104bXkOmD-Zwoytjwg0cOtkZKHOspuIyVKjgQSx4sumrlAfGyy4Kk
.vidoomy.com/ Name: vidoomy-uids
Value: eyJ1aWRzIjp7IkJTIjp7InVpZCI6ImQ5YmFlYjYzLWI4YmYtNGU1ZS04MGExLWY4NzRkNDI5MTkzYiIsImV4cGlyZXMiOjE2MzM4NzA0NDB9LCJDRU4iOnsidWlkIjoibm8tY29uc2VudCIsImV4cGlyZXMiOjE2MzM4NzA0NDB9LCJVTiI6eyJ1aWQiOiJPUFRPVVQiLCJleHBpcmVzIjoxNjMzODcwNDQwfX19
ask.fm/ Name: tutm
Value: utm_medium%3Dconversion_desktop_default_51
ask.fm/ Name: _m_ask_fm_session
Value: RUJuWjdtSHhJd3dwZ1N1Ynowcm04QXRuNi9sZ3NhcmpIOER4RDRYQXlMUFE1RlJFVWw1YWRoVnBvS0pzR1VlQ0h2RzhTTHZGZ0ZxTHVNbzc0VGxqM0pUaUl3cUFmQ1p1MmgycWJ0VktEajF0QWNtZjdPeDZCampSdUcxcW9OTkNmQ2svU3FCYUI2QWtoeXVZektGckRYZXpxY0pYVGFuMXpra0tQMTNOU0svZGZPbktBeW9IY0xqTWpwNU1DUVdWKzJybm1zKzkwVVZRclZvUm1taXFYSjE0VTFEMmM4NE1CK2JjVnBGN01oUFF3VCtuUTNJdGtnaHRTQVM3enZGeG1mT3BRVkxjOEJ1QUtEeHhvWDg1VEhkVlczY0RvaXJJYkU0RVEyT1NEUFE9LS1EYUxIVXYxQmJYZXJzQTBDaElIUlpBPT0%3D--463ddab689caee7632c70b49b23a7944fb516893
.ask.fm/ Name: _awl
Value: 2.1631278440.0.4-b55821e3-bc39bdf67739f9002b775073f02b9153-6763652d6575726f70652d7765737431-613b5568-0
.viadata.store/ Name: viads_uid
Value: 47a31a07-2c26-495d-9ada-39ecbe8d680e
.ask.fm/ Name: _ga
Value: GA1.2.1644553059.1631278441
.ask.fm/ Name: _gid
Value: GA1.2.33768156.1631278441
.ask.fm/ Name: _gat_UA-12308109-15
Value: 1
ask.fm/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.smartadserver.com/ Name: pbw
Value: %24b%3d16890%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 259837=4571334
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1313506140%3B%24ql%3DUnknown%3B%24qpc%3D76726%3B%24qt%3D25_1767_24818t%3B%24dma%3D0&c=1&l=926403020&lo=960306011&lt=637668824413383235&o=1
.smartadserver.com/ Name: sasd
Value: %24qc%3D1313506140%3B%24ql%3DUnknown%3B%24qpc%3D76726%3B%24qt%3D25_1767_24818t%3B%24dma%3D0
.adnxs.com/ Name: uuid2
Value: 79558216986088634
.quantumdex.io/ Name: uid
Value: b5238009-f0ef-4e4a-9707-79f4d9c9a4af
prebid.a-mo.net/ Name: __amc
Value: 1_1631278441_1631278441
.a-mo.net/ Name: amuid2
Value: 8585b578-8fb9-43cd-ba83-4d1240d10b4f
.viadata.store/ Name: viads_sc
Value: %7B%220%22%3A1631278441%2C%2230%22%3A1631278441%2C%2227%22%3A1631278441%7D
ask.fm/ Name: cto_bidid
Value: Ryr1_F9sbmI4a2NZSjVIeXczRXZISkwlMkJERTlsMiUyRmdveG9BMzVnWk1HT1FyQjMlMkJrTCUyQjVaakdLMDVGT1B6TVhLMzdwUHZrMTE5aHNoRXUlMkJraFlIdFM4WERnZmclM0QlM0Q
ask.fm/ Name: cto_bundle
Value: 1-B1sl83V2lTRG44UFF4M25UYjhuZDRuRjRXWGFpdVozdHp5bllJWEV1bVdmWVlscDFBZWNacXBoQVZITUtIYlZrWEJuMkg1cmhMaUdZUm13ZWFLd0VOaU1Ob0JCcTFKdjclMkZZRFclMkJtMmxCU2pXYjQlM0Q
.spotxchange.com/ Name: audience
Value: 2c087bb3-1236-11ec-93d6-1bf9ad920106
adx.com.ru/ Name: yabbi-user
Value: 613b5569d41e06d1cc83d8a5
.pubmatic.com/ Name: KADUSERCOOKIE
Value: CC146F8A-A2DF-4195-B4B5-D84003A697D4
.adform.net/ Name: C
Value: 1
.rutarget.ru/ Name: userId
Value: CdyUgBSMNRRt
.adfarm1.adition.com/ Name: UserID1
Value: 7006287554795206796
.adform.net/ Name: uid
Value: 7339593317579984733
.erne.co/ Name: u
Value: lVmvfVRNQgYj0aC6bZu6XdXG
.de17a.com/ Name: guid2
Value: 1.5682155580754221045
.adriver.ru/ Name: cid
Value: Ag3ZT-ajkiBDKDdd9t2LB9Q
.quantserve.com/ Name: d
Value: EP8BCwGbJPijAA
.quantserve.com/ Name: mc
Value: 613b556a-00561-9c471-78de1
.simpli.fi/ Name: suid
Value: 86E2B97FD4BE4D80BA4F5649A31717F8
.mathtag.com/ Name: uuid
Value: 5dd5613b-5569-4400-ac7a-833d3c1373c2
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7006287554795206796
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-7339593317579984733&KRTB&23263-7339593317579984733
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-OPTOUT&KRTB&17107-OPTOUT
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-lVmvfVRNQgYj0aC6bZu6XdXG
.onaudience.com/ Name: cookie
Value: 457b85cab844e536
.onaudience.com/ Name: done_redirects161
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-79558216986088634
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-no-consent
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEO51ZGjfYrPEJbupjfhZHSg&KRTB&16514-CAESEO51ZGjfYrPEJbupjfhZHSg&KRTB&23025-CAESEO51ZGjfYrPEJbupjfhZHSg
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7665991417695659745
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 19420-4iDCA-EkxwD5IcFU4iDcWLclxlD5JskFsSDqh6M2&KRTB&22979-4iDCA-EkxwD5IcFU4iDcWLclxlD5JskFsSDqh6M2
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:981f613b-5569-4400-b0a4-0801701c12bf&KRTB&16736-uid:981f613b-5569-4400-b0a4-0801701c12bf&KRTB&23019-uid:981f613b-5569-4400-b0a4-0801701c12bf&KRTB&23114-uid:981f613b-5569-4400-b0a4-0801701c12bf
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-5682155580754221045
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1631278442
.sportradarserving.com/ Name: pvc2
Value: fBEwV5KhuBvern-KSrQJ5nQedudhzgT9tF-FO35PoYHkMJzVHUv_hQ36OYFW78UKAzZUYwjkxnPwy8AsBI4LFefet7TS7scuPwUr2OL37r5Kn3rZJiBsG23XUQjUb6XgVkzTDanFSZ4mkvfCsdqOigQWkhR6-_0yPTEGzfp0gYoseUvU6Te-PPtNMv01sYpE0DrJTGiUBYqwZ4fxFjDVL-fUrWuoTsJ1ysR4ANEjO0R_FxuQwmHPFGZixpIg_8SaqMckcrvhinAmxf3qNEw80TbfkXtFCB1AOqSIWFM3582qZ-oyolAMiTiXgZcV4_Ak_SDhyQZdnLDjoOXXSj-dqInz73l7UvH6EKBWYgvU3zFMhB5GxhJ_rK3wZtGjMjcmGHk4BzxWGsgT_zLgyzHFyo_rMZ9zxtMhAVA4ZONdMQK1B4yRI_s1iwPFGhut7xRz8y2ReyahgItIy1k1ifKmFz5J1XLob8QS1okijuJTRknTS8RSrI3CRBcJ715L-8-JQx0-qHtsah2YlHpMYFNrmitunnMqZLz2UfE02_ljFFIL9r4P9VzfhbD3Q3WK1WiLXPYB8WpsMdXWJGLTh65i22J9UtHY6EEnEnTuAJC8nX7EDVBVxWGKhTfOCdcoXIFJkGRtw5hqBgOZa-0eELG7MQqkTXmeoQyOdcKbu7_Pp610O1QxgL7gcWqj2cT7bRs1eTkGYBsEOchE7cLvUstEekJlexQvqPct9S2ER6gpI4W678XSW-oEGsJPOOQW_kBLHzr8-MWagJznt_0ZejAbrI4Q783oY6WtBw-J5g1H50g_FPrEH7nu9OI8NJC15TacWNZc7eMmP0WQV_wQQx4vocEd8lJ9OLy_myO2AUgXEnPFAiRSVs2s-F3y7ll1Dtw4K6L5OmMM0vM3lyiSmAxwBsGMzVy7x1oPewNMdY2CptBRuPyTby7WX_FYQUnANuKwWXiCc-P6ZVUb_m0yDm4Kox9amXi7ZzqiYljDuWzhtx37Cuc3DvCllffk6XyyIFpFZ7QmWPg4OGDAIUQY-TdqMoKkr2Ne_4MKr9CW5_AzAWcFgm3MT-w4tlsvV0HoSXg3Z34Iw2Hpb55runbzN1_qcMrgaLYJDkydQyVf_fUx7S7oLZlHZ6w4g7q6ZzBI93sj2UFEd3Bscwt1OAlYudReckFd5rB5_YTN,iRFxMMc6WnFCJdw8MWRx4Q,i50n-DHBtSCOzsvQxsKTkA,WPmWukykxPIP5dHUIZplhg,i50n-DHBtSCOzsvQxsKTkA,kvHnb6J8Cc4FRKr7knZHXg,i50n-DHBtSCOzsvQxsKTkA,U6jq-n_6rENBinJDVjKfvw,i50n-DHBtSCOzsvQxsKTkA,MNjmGSind2a1B1A5UtXktg,i50n-DHBtSCOzsvQxsKTkA,ojE4Xe9--p0e6jWuZ3FXug,i50n-DHBtSCOzsvQxsKTkA,GC2YtHodDZYicqOLK8mnyQ,i50n-DHBtSCOzsvQxsKTkA,pEAUKGC6nhT7wCnM4wpMfQ,i50n-DHBtSCOzsvQxsKTkA
.smartadserver.com/ Name: Trk0
Value: Value=1438277&Creation=10%2f09%2f2021+14%3a54%3a02
pool.admedo.com/ Name: tuuid
Value: 236f4cbe-0aaa-42c8-a3f5-8abcc8e2c2fe
pool.admedo.com/ Name: c
Value: 1631278442
pool.admedo.com/ Name: tuuid_lu
Value: 1631278442
.bidr.io/ Name: bito
Value: AAANuE7CdqsAAHjauSmkrA
.bidr.io/ Name: bitoIsSecure
Value: ok
.adsrvr.org/ Name: TDID
Value: 41ea13fe-0ad5-4532-a924-7a4ded1cc58a
ads.playground.xyz/ Name: connect.sid
Value: s%3Af8jTm7hGudAQ93PL6QZB3H6k0u58uMm6.BfC4K%2BLcvFmbh3QAMSocYStLNedDWszr1qCB8rpQo7g
.exelator.com/ Name: EE
Value: "661c39e90b0106cb1eccd656ed47cb80"
.adnxs.com/ Name: anj
Value: dTM7k!M4.FEVNsVF']wIg2E?bqI22o!]tbPl@/j]O5#y!=0vT718@c'g_LlK.y9:@/m7dSkB<_]>hL^=lf)p[fS<Ke6*e(^[ojS<(j#iP(Md+>)fy-DMQbOt
.gumgum.com/ Name: vst
Value: e_11738dd5-e334-48db-acfc-6d0d273aa84d
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-d9baeb63-b8bf-4e5e-80a1-f874d429193b
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YTtVagAAAmZurQA6
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHMzDDZ2DLV0iDJwNDALDnJMDU5OcXM1Cw1xcQ8OcnCYHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yMJySX5RZvoiF9fFRSlpDItKik8F733%252BGACIkise"
.pubmatic.com/ Name: KRTBCOOKIE_1074
Value: 22956-e_11738dd5-e334-48db-acfc-6d0d273aa84d
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-41ea13fe-0ad5-4532-a924-7a4ded1cc58a&KRTB&22918-41ea13fe-0ad5-4532-a924-7a4ded1cc58a&KRTB&23031-41ea13fe-0ad5-4532-a924-7a4ded1cc58a
.flashtalking.com/ Name: flashtalkingad1
Value: "GUID=5001547D33435F"
.feedad.com/ Name: fa_8461718b-151b-486e-8ea2-a9b349f07f98_u
Value: 365aa3fc-bdd0-4286-a8dd-fb9f6e3f9fee
.aralego.com/ Name: sspid
Value: d4d67ffa-fa50-3ee8-8e2f-cb9af83737cd
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 22978-YTtVagAAAmZurQA6&KRTB&23194-YTtVagAAAmZurQA6&KRTB&23209-YTtVagAAAmZurQA6&KRTB&23244-YTtVagAAAmZurQA6
.tribalfusion.com/ Name: ANON_ID
Value: aRns6EPME7fQmKvCiHhfT3HoYv3msX4oTNYbf2UdEtmW371WM4wxstWwZabn7hNBWW4jq7DBl3A7F3kZadxE9k
.pubmatic.com/ Name: pp
Value: 156498
.pubmatic.com/ Name: PMDTSHR
Value: cat:
.fwmrm.net/ Name: _uid
Value: "g098_7006287559060276834"
.tapad.com/ Name: TapAd_TS
Value: 1631278442452
.tapad.com/ Name: TapAd_DID
Value: 21e2c742-253f-44e5-bb00-c0014c2404bf
ads.stickyadstv.com/ Name: uid-bp-36033
Value: g098_7006287559060276834
ads.stickyadstv.com/ Name: MRM_UID
Value: g098_7006287559060276834
.flashtalking.com/ Name: _D9J
Value: 114099af935d428896d12c671581c7a5
ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESEJeZ0pWiNkxAow2z-XDBUAc
.360yield.com/ Name: tuuid
Value: ab6d5c35-fc34-4875-9e21-3304e2016d1d
.360yield.com/ Name: tuuid_lu
Value: 1631278443
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!6084
ads.stickyadstv.com/ Name: uid-bp-892
Value: 41ea13fe-0ad5-4532-a924-7a4ded1cc58a
.yandex.ru/ Name: yandexuid
Value: 8930881881631278443
ads.stickyadstv.com/ Name: uid-bp-717
Value: y-aSlYOchE2oP7KmKlUrr5.0kCjzyNlxaIPNz2F9lx~A
ads.stickyadstv.com/ Name: uid-bp-951
Value: 79558216986088634
ads.stickyadstv.com/ Name: uid-bp-529
Value: 5dd5613b-5569-4400-ac7a-833d3c1373c2
.w55c.net/ Name: wfivefivec
Value: W6couTJp1MoG2D5
.w55c.net/ Name: matchfreewheel
Value: 5
.yandex.ru/ Name: i
Value: YHk5I4JGGEFjLoFM+jIt1mUxM1WdWZ0PAaecnL22c2cFZkhsIoL3e5Vfb5+qpa6Oui0sPRSdKVkKT53N9I4PMX2e+KQ=
ads.stickyadstv.com/ Name: uid-bp-23329
Value: W6couTJp1MoG2D5
ads.stickyadstv.com/ Name: uid-bp-26913
Value: AAANuE7CdqsAAHjauSmkrA
ads.stickyadstv.com/ Name: uid-bp-45
Value: YTtVagAAAmZurQA6
playreplay.me/ Name: mvuid
Value: 2aeac8bf8f14ce5af194
playreplay.me/ Name: mvsid
Value: 453ade90-9011-4880-943e-928572e7e4e8
thesame.tv/ Name: mvuid
Value: 2aeac8bf8f14ce5af194
thesame.tv/ Name: mvsid
Value: 453ade90-9011-4880-943e-928572e7e4e8
moevideo.biz/ Name: mvuid
Value: 2aeac8bf8f14ce5af194
moevideo.biz/ Name: mvsid
Value: 453ade90-9011-4880-943e-928572e7e4e8
cs-0.moevideo.biz/ Name: mvuid
Value: 2aeac8bf8f14ce5af194
cs-0.moevideo.biz/ Name: mvsid
Value: 453ade90-9011-4880-943e-928572e7e4e8
playreplay.net/ Name: mvuid
Value: 2aeac8bf8f14ce5af194
playreplay.net/ Name: mvsid
Value: 453ade90-9011-4880-943e-928572e7e4e8
.advertising.com/ Name: APID
Value: UP2dcb61af-1236-11ec-a253-02bfdf4ddc98
.casalemedia.com/ Name: CMID
Value: YTtVbOjN.jM4EEKfh0Zp3QAA
.casalemedia.com/ Name: CMPS
Value: 5226
.lijit.com/ Name: ljt_reader
Value: 20ded1ad0a4ebf521902437d
.casalemedia.com/ Name: CMPRO
Value: 1173
.adsby.bidtheatre.com/ Name: __kuid
Value: 5fd069ab-2ce8-43cf-ba14-78fb7c6cedfe.400492444
.yahoo.com/ Name: A3
Value: d=AQABBGpVO2ECEGs6K27or5NcvOZwXGH4NdsFEgEBAQGmPGFFYQAAAAAA_eMAAA&S=AQAAAiFg7_tHxlxqAEp_14Po_mk
.sharethrough.com/ Name: stx_user_id
Value: 46c81401-87b4-446f-8acb-a6d19d6802e2
.yahoo.com/ Name: APID
Value: UP2dcb61af-1236-11ec-a253-02bfdf4ddc98
.yahoo.com/ Name: APIDTS
Value: 1631278444
.analytics.yahoo.com/ Name: IDSYNC
Value: "18z8~20bo:192x~20bo:194a~20bo"
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: id5
Value: 95d4a903-c3dc-47f8-a5b5-8a96670c0273#1631278442284#2
.id5-sync.com/ Name: 3pi
Value:
.id5-sync.com/ Name: callback
Value:
.pubmatic.com/ Name: SyncRTB3
Value: 1632441600%3A189_204_222_99_5_233_231_104_230_166_57_165_3_56_220_13_88_71_54_22_55_234_81_7_176_21_8_161%7C1631836800%3A15_2_223%7C1632096000%3A63%7C1632528000%3A35%7C1636416000%3A69%7C1633824000%3A203
.w55c.net/ Name: matchpubmatic
Value: 5
ms.quantumdex.io/ Name: qdsp_uid
Value: 6d0a5a0d-e7fa-4c28-809c-918f2e0fa7b2
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:W6couTJp1MoG2D5
.casalemedia.com/ Name: CMST
Value: YTtVbGE7VW0A
.fiftyt.com/ Name: fifid
Value: f9229f71-19fc-4717-57ac-c0e740e75251
.fiftyt.com/ Name: cs
Value: MTYzMTI3ODQ0NXxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fDczQDEDx3cqXqIYHT9KMA_DoM6-82K1HRMgTOC_q4Hr
ads.smartstream.tv/ Name: DID
Value: 3bfbe5e470cd903478c794471556b2b9
ads.smartstream.tv/ Name: idt
Value: 100
ads.smartstream.tv/ Name: permanent
Value: 1
.zeotap.com/ Name: zc
Value: 38a26ebb-bf6c-4862-6f5b-a1b75d857eb1
.adotmob.com/ Name: uid
Value: 06b12204021570d529829543
.adotmob.com/ Name: uuid
Value: 06b12204021570d529829543
.adotmob.com/ Name: partners
Value: IX%3A1631278445096
.fiftyt.com/ Name: fppm
Value: 20210910125405
.casalemedia.com/ Name: CMRUM3
Value: 2d613b556d2760CAESEN-Gs9HvgVhtihG7Ppq170c&27613b556c0b40&e6613b556c2760&40613b556d2760no-consent&f1613b556c05a0&b0613b556c05a00&0d613b556c05a0&bf613b556c05a0
cm.adsafety.net/ Name: UID
Value: CM12021091012f0f451a7d65b61b7b14
.adsafety.net/ Name: cm_uid
Value: CM12021091012f0f451a7d65b61b7b14
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwjSgcmLg5n6ORAFGAEgASgCMgsIrKH61ZmZ-jkQBTgBWgZhZG1hbnNgAg..
cm.adsafety.net/ Name: permanent
Value: 1
tags.adsafety.net/ Name: UID
Value: 3bfbe5e470cd903478c794471556b2b9
tags.adsafety.net/ Name: DID
Value: 3bfbe5e470cd903478c794471556b2b9
tags.adsafety.net/ Name: IDT
Value: 100
tags.adsafety.net/ Name: cookie_ver
Value: 2
tags.adsafety.net/ Name: block_reset
Value: 1
.adsafety.net/ Name: ct_uid
Value: 3bfbe5e470cd903478c794471556b2b9
.adsafety.net/ Name: ct_did
Value: 3bfbe5e470cd903478c794471556b2b9
.adsafety.net/ Name: ct_idt
Value: 100
cm.adsafety.net/ Name: cache0
Value: L2UzeGVJMkNTL0pzMlRFUXR5b1cvaS9LekRoZDFJNnVoYldvK2FSM3FGSVRXd1FJT0VLeE9rQzNISDM1TW5WeWVJV2FzWFVpcm9qbWZOdTdibmp3SFJTbWRUbFNURkJHWjdXVGxpZGViS21SVUJDdnlxTG5hMTYxL0dQd1hXSXhrdTVLS3JFdVB6ZWhZTFpIaDJaL0g1a3NxbUJsYXVKc0RQRTVUai9PMU1zL3pVNWtneTkwSUpWWGxWc0tPcDhxeVNTNklJS1BFbmZ1SHJqTFNmZWJZZDlkUzR3RThCZGhZcEdNdVFqQ0tubytsTndOY2VKcksxUEVPYzlKend5RVNqQjlZS0xyTk56ZmRBcldRS2hGWktDTVBUNkdsQXY1dXVnQXVZaHllUmxsQzF5VmFGMWRQRlBLd1IwOGlHNmU2ZTlHRVB0Nm5LWVI4TXVyck51WXVtc2VxREtxSVFWT2lmbXdCUS9hdk1PMytFTFhCZi9LdGxtZ3BZcFN1UDYzWmdGMHZtSnFyc25OU1VQZC9NYXlXRzBWdDdLb29MaXhyT1pRVk41RFMyV0trbzlOclRYejh4aFdPQ1lYV2psQ1hobFhGZW1OVVlOelVaa2d1Y2dyUHg1WHlyTGV1UGx5NWhhaGdMQzdTOXlxUzB1dzBIVDJRK0N2RHVlZm9sbmg0ek9ocVlRNHJlNFgrbHZJWCsxbW52cXRrVjVDK3FNeFJVSVVxRkVTUWM4MlNTNXZMV21XVXYwTXR3WU9OWWlJem9lU04ySlJobW1zNkVhWDVFWVRzbk1yVkIwc3VLandhRFdoTk9yNktZRENpYitEaXRGU3MwUkxnaDlHU1RUVzhncXZrZUpkK1JLMFNmK29pZkw0aS8vc3pBOEpWZG5yRXNURUN1OHRpTHRIZlBwVWtSa3hPR2lrZnUvdElFOUE%3D
.ipredictive.com/ Name: cu
Value: 2e2bd096-1236-11ec-a321-f1a78009e55e|1631278445380
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-d0eecafd-7375-4606-7217-382d8a77c1ba.ODrt5MvxNL7olPQjX6C0rgKLM1L6Bwd55%2FZWLVAGOYg
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0-d0eecafd-7375-4606-7217-382d8a77c1ba%24ip%2491.199.118.75.Ch2MhiMlOXFDjIFYTKDgMMIA02Pfb2DZ%2F0VdhkVa1YE
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-2e2bd096-1236-11ec-a321-f1a78009e55e&KRTB&23011-2e2bd096-1236-11ec-a321-f1a78009e55e
.pubmatic.com/ Name: PugT
Value: 1631278444
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-0O7K_XN1RgZyFzgtinfBulvHdks
.upravel.com/ Name: session_tptc
Value: 1631278446030
.mts.ru/ Name: dspid
Value: 099d58ff-a7f6-4cef-9e3c-021ce931df67
.adhigh.net/ Name: gi_u
Value: xMklZGbIUsr.AikABlF7z8W14w
.whiteboxdigital.ru/ Name: MiId
Value: e6c96af6-8b79-40d9-85b5-1615924ea2c0
.upravel.com/ Name: user_id
Value: 15a5f0c8-e1ea-4d45-a7b5-2eb5a7990d1c
.weborama.com/ Name: wui
Value: 028E0470-029F-46FE-BA3A-ED19EB8AA773
.betweendigital.com/ Name: dc
Value: mow1
.betweendigital.com/ Name: tuuid
Value: 7664a743-0bda-51fd-a287-975ec3bcc230
.betweendigital.com/ Name: ss
Value: 1
.adsniper.ru/ Name: uuid3
Value: IiQyZWIzNDY5Mi0xMjM2LTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
.betweendigital.com/ Name: ut
Value: YTtVbgAD3Eiktv7qZdEdcOe9Xbz01Z4j_X-f9A==
.weborama.fr/ Name: AFFICHE_W
Value: 8N7vJ53ysfXw84
.bumlam.com/ Name: suuid3
Value: IiQyZWIzNDY5Mi0xMjM2LTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
.mts.ru/ Name: mts_id
Value: 67974505-2098-4032-bd6f-e611d9e6fb51
.mts.ru/ Name: mts_id_last_sync
Value: 1631278446
.weborama.com/ Name: wam-sync
Value: ok
.yandex.ru/ Name: yuidss
Value: 8930881881631278443
.tns-counter.ru/ Name: guid
Value: 710F691F613B556EX1631278446
.vk.com/ Name: remixlang
Value: 6
.nativeroll.tv/ Name: cid
Value: 8a7127b2-8ee2-4e1b-8587-80ea2814f29d
.nativeroll.tv/ Name: wdata[social_class]
Value: 0
.nativeroll.tv/ Name: wdata[age]
Value: 0
.nativeroll.tv/ Name: wdata[gender]
Value: 0
.nativeroll.tv/ Name: wdata[expire]
Value: 1631285646
.dmg.digitaltarget.ru/ Name: viuserid
Value: nXyY4Me.7xzL3HR7A70k
.pubmatic.com/ Name: SPugT
Value: 1631278446
.sportradarserving.com/ Name: zuuid
Value: daee4435-3cac-4044-90f3-a4ff574d6235
.sportradarserving.com/ Name: c
Value: 1631278447
.sportradarserving.com/ Name: zuuid_lu
Value: 1631278447
.otm-r.com/ Name: mpid
Value: NjEzYjU1NmYxMjc3NGZiYg==
ask.fm/ Name: freewheel-detected-bandwidth
Value: 424
ads.stickyadstv.com/ Name: uid-bp-30833
Value: 1
.openx.net/ Name: i
Value: 8b958008-79db-0bc3-0f2f-a21b137a5600|1631278448
.openx.net/ Name: v
Value: 1
.openx.net/ Name: pd
Value: v2|1631278448|vN
.adnxs.com/ Name: icu
Value: ChgI_t1aEAoYASABKAEw7KrtiQY4AUABSAEKGAjV03UQChgDIAMoAzDxqu2JBjgDQANIAxDxqu2JBhgD
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.pubmatic.com/ Name: DPSync3
Value: 1631318400%3A174%7C1633824000%3A232%7C1632441600%3A226_227_235_219_221_201_197
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1631300049270
.audrte.com/ Name: arcki2
Value: ab3HB9Bv9hSQQOPWu6mKVTE2Q!20210804!1631278449611
.audrte.com/ Name: arcki2_TT
Value: 1631278449611!ab3HB9Bv9hSQQOPWu6mKVTE2Q!6c6fe68e-4096-4245-a5f4-4f251c100ba4#446888de-3d50-3270-a3d2-d1c597b89f30#81aca9e9-9f30-479e-86aa-c2fbdc1e9eb2#fa5aaaf9-b174-491a-affc-cc14e5bc6db9#00e6bee3-f3e2-35e7-8433-78054cf29cea!pubmatic
ads.stickyadstv.com/ Name: pxId
Value: 7169

239 Console Messages

Source Level URL
Text
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9392.DRlVQv2tvCcoYuAYqLgD9MGYlu0MvEs1YxuYlb54kz8Vq2DNxEwLG7rD77JXV5vwNnkPycrcYvxhMnnZP4OaOA%2C%2C.25mvJuJxrfBT20Kgvo0958xQAN0%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript error URL: https://ask.fm/cactussupply519
Message:
Access to XMLHttpRequest at 'https://i.connectad.io/api/v2' from origin 'https://ask.fm' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://i.connectad.io/api/v2
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://static.viralize.tv/viralize_vpaid.min.9026482f.js
Message:
Allow attribute will take precedence over 'allowfullscreen'.
javascript warning URL: https://z.moatads.com/betwayglobalftdisplay906661272790/moatad.js(Line 131)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 8)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 8)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 8)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 8)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
javascript warning URL: https://js.ad-score.com/score.min.js?pid=1000791&tt=g(Line 649)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript warning URL: https://js.ad-score.com/score.min.js?pid=1000791&tt=g(Line 219)
Message:
Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
network error URL: https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: chrome-error://chromewebdata/
Message:
Failed to load resource: the server responded with a status of 403 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://cdn.connectad.io/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
network error URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://an.yandex.ru/setud/mts_banner/CZ1Y_6f2TO-ePAIc6THfZw?sign=44827410
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://c1.adform.net/serving/cookie/match/?party=18&gdpr=1&gdpr_consent=null
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript error URL: https://ask.fm/cactussupply519
Message:
Access to XMLHttpRequest at 'https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzQ1NjZjOWItMTkyYi02YTkwLTQwMTktMzA0YWJkYmZhYjlk' (redirected from 'https://viralize-d.openx.net/v/1.0/av?auid=541171626&url=ask.fm&cb=1631278442&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,') from origin 'https://ask.fm' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzQ1NjZjOWItMTkyYi02YTkwLTQwMTktMzA0YWJkYmZhYjlk
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15a5f0c8-e1ea-4d45-a7b5-2eb5a7990d1c.sync.upravel.com
a.audrte.com
a.sportradarserving.com
a.tribalfusion.com
a.vidoomy.com
acdn.adnxs.com
acds.prod.vidible.tv
ad.adriver.ru
ad.lkqd.net
ad.mail.ru
ad.turn.com
ad4m.at
ade.googlesyndication.com
ads-eu.v.ssp.yahoo.com
ads.adaptv.advertising.com
ads.aralego.com
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.smartstream.tv
ads.stickyadstv.com
ads.vidoomy.com
ads.viralize.tv
adx.adform.net
adx.com.ru
ajax.googleapis.com
aktrack.pubmatic.com
am-0.moevideo.biz
an.yandex.ru
ap.lijit.com
api.feedad.com
apps.sascdn.com
ask.fm
aud.pubmatic.com
aws-fr-sync.bidswitch.net
bid.g.doubleclick.net
c.bannerflow.net
c1.adform.net
cdn-ssl.vidible.tv
cdn.connectad.io
cdn.flashtalking.com
cdn.jsdelivr.net
cdn.ravenjs.com
cdn.stickyadstv.com
cdn.viadata.store
cdn01.nativeroll.tv
cdn02.nativeroll.tv
ced-ns.sascdn.com
clientside-video-bidder.rutarget.ru
cm.adform.net
cm.adgrx.com
cm.adsafety.net
cm.g.doubleclick.net
cmp.optad360.io
colossalcoat.com
connect.facebook.net
content.adriver.ru
creatives.sascdn.com
cs-0.moevideo.biz
cs.lkqd.net
csync.loopme.me
d3r6ceqp4shltl.cloudfront.net
d5p.de17a.com
d9.flashtalking.com
data.ad-score.com
dis.criteo.com
dm.hybrid.ai
dmg.digitaltarget.ru
dmp.brand-display.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dx.frontend.weborama.com
e6c96af6-8b79-40d9-85b5-1615924ea2c0.mitdmp.whiteboxdigital.ru
eu.sportradarserving.com
exchange.buzzoola.com
gcdn.2mdn.net
get.optad360.io
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
gum.criteo.com
htlb.casalemedia.com
i.connectad.io
ib.adnxs.com
ice.360yield.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
itx4.smartadserver.com
js-sec.indexww.com
js.ad-score.com
loada.exelator.com
loadm.exelator.com
login.vk.com
logs.viadata.store
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
mc.yandex.com
mc.yandex.ru
mitdmp.whiteboxdigital.ru
moe.video
moevideo-sync.rutarget.ru
moevideo.biz
ms.quantumdex.io
mug.criteo.com
mwzeom.zeotap.com
onetag-sys.com
pandg.tapad.com
pghub.io
pixel-sync.sitescout.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.tapad.com
pl.viadata.store
playreplay.me
playreplay.net
pm.w55c.net
polyfill.io
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prg.smartadserver.com
pub-eu.p.otm-r.com
pubmatic-match.dotomi.com
px.adhigh.net
px.moatads.com
r.mradx.net
r3---sn-4g5lznes.c.2mdn.net
rd.frontend.weborama.fr
rtb-csync.smartadserver.com
rtb-msk-2.viadata.store
rtb.com.ru
rtb.gumgum.com
s.amazon-adsystem.com
s.richaudience.com
s.tribalfusion.com
script.4dex.io
search.spotxchange.com
secure.adnxs.com
secure.flashtalking.com
servedby.flashtalking.com
serving.stat-rock.com
simage2.pubmatic.com
simage4.pubmatic.com
sm.rtb.mts.ru
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.adsafeprotected.com
static.viralize.tv
stats.g.doubleclick.net
stats.seedr.com
statsb.nativeroll.tv
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.bumlam.com
sync.dmp.otm-r.com
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.quantumdex.io
sync.richaudience.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.upravel.com
sync3.adsniper.ru
t.lkqd.net
tags.adsafety.net
tags.feedad.com
tech.rtb.mts.ru
thesame.tv
trc.taboola.com
trk.vidible.tv
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
useast.quantumdex.io
v.lkqd.net
viadata.store
vid-io-cle.springserve.com
vid.pubmatic.com
viralize-d.openx.net
visitor.fiftyt.com
vk.com
vpaid.pubmatic.com
vpaid.springserve.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.tns-counter.ru
www8.smartadserver.com
x.bidswitch.net
yastatic.net
z.moatads.com
a.audrte.com
ad.mail.ru
aktrack.pubmatic.com
c1.adform.net
cm.g.doubleclick.net
i.connectad.io
match.deepintent.com
moevideo-sync.rutarget.ru
pub-eu.p.otm-r.com
trc.taboola.com
130.211.115.4
138.201.65.68
139.162.141.41
142.250.180.194
142.250.180.226
142.250.184.194
146.185.194.45
146.20.128.118
146.20.132.57
146.20.132.61
147.75.38.124
148.251.129.43
148.251.237.106
151.101.129.108
151.101.194.49
151.139.128.11
157.90.0.13
159.253.128.188
159.65.197.210
162.55.6.211
168.119.79.223
169.197.150.8
178.162.133.149
178.250.0.157
178.250.2.151
18.184.94.176
18.184.95.242
18.185.206.125
18.194.4.26
18.198.126.47
18.198.69.109
184.30.20.198
185.15.175.157
185.180.43.83
185.183.112.148
185.29.134.244
185.33.220.100
185.33.223.178
185.64.189.110
185.64.189.114
185.64.190.75
185.64.190.78
185.64.190.81
185.64.190.87
185.86.137.113
185.86.139.113
185.86.139.59
185.86.139.95
185.94.180.123
185.94.180.126
188.34.131.134
188.42.29.196
192.96.200.41
193.138.77.144
193.232.148.144
195.201.152.105
195.209.108.48
2.21.111.28
2.21.140.103
2.21.141.175
2.21.141.232
2.21.142.210
2.21.143.57
2001:4de0:ac19::1:b:1a
2001:678:cb4:bbbb::11
2001:6d0:4001::226
209.197.3.19
209.54.178.82
213.155.156.184
213.19.147.44
213.87.44.187
216.239.32.21
216.239.34.21
216.52.2.30
217.66.147.165
23.111.115.172
23.111.115.236
23.111.115.244
23.111.119.12
23.111.211.20
23.111.96.36
2600:9000:206f:ce00:11:a4de:2580:93a1
2600:9000:2156:b000:15:6f6c:b180:93a1
2600:9000:21f3:2400:6:b871:4f00:93a1
2600:9000:223d:2600:11:3771:2e40:21
2600:9000:2250:7800:a:deb0:3380:93a1
2606:4700:10::6816:1957
2606:4700:10::6816:37ce
2606:4700:10::6816:387e
2606:4700:20::ac43:4a81
2606:4700::6810:d40
2606:4700::6812:9ca
2606:4700::6812:c05
2606:4700::6812:ea1
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1148:db00::17
2a00:1148:db00::28
2a00:1288:110:c305::8000
2a00:1288:80:800::7001
2a00:1450:4001:10::8
2a00:1450:4001:809::200e
2a00:1450:4001:80e::200a
2a00:1450:4001:828::200e
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2008
2a00:1450:400c:c0b::9b
2a00:1450:400d:804::2002
2a02:2638::1c
2a02:26f0:f7::5c7b:e039
2a02:26f0:f7::5c7b:e052
2a02:26f0:f7::5c7b:e064
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8::90
2a02:fa8:8806:16::1400
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a03:90c0:41:2801::254
2a04:4e42:200::729
2a04:4e42:600::485
2a04:4e42:800::282
3.12.29.116
3.120.43.188
3.123.90.134
3.124.130.33
3.124.203.132
3.125.100.70
3.126.175.244
3.126.56.137
3.129.250.65
31.172.81.158
31.172.81.160
34.199.172.6
34.98.107.212
35.186.238.232
35.190.16.14
35.201.80.102
35.201.96.126
35.201.96.133
35.210.53.219
35.227.248.159
35.241.40.233
35.241.45.217
35.244.159.8
37.157.4.28
37.157.6.241
37.18.16.16
38.27.122.101
51.210.112.236
51.89.9.253
52.213.94.69
52.215.67.233
52.48.175.241
52.51.242.199
54.36.109.47
54.76.195.222
54.87.192.123
54.93.179.96
63.251.232.170
66.102.1.155
66.155.71.25
76.223.111.131
77.243.60.138
78.140.185.32
80.64.106.150
80.82.217.103
80.82.217.90
81.163.17.245
83.222.114.188
83.229.25.15
83.229.25.205
85.114.159.118
87.240.129.135
87.98.242.60
92.223.103.191
92.223.103.54
92.38.138.38
92.38.138.52
93.186.225.208
94.130.13.220
02548c0d5d0e44fdbda04022816bc25a782bfc9eac622f9a80268ce07283aeb4
0496219c4d90decc6f0606227b85bf80c76a742706b68ba5e8b95900d90e2883
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540
059df98f659fccbde359c1692d736de0f72743f2078c710f1e29ad44be7680d7
0666f491ae4559e1f3861052f7443feed7c344699dc225bb3f5c0660e3086915
069a660398be8db8f9b6d8dad3f052d9a061b697b5354c24784c62d3df0a82f7
08d5b53b3ae882a846e5c1ca4d5f62b8ac5acdd8ffdffa848d98512fcb3b3196
091e7752097d92c1b923c87ab56a547d190f2bdf0b53ab666622ea1bd45a3d25
09a1035ead5512982d8e543a9f0ca11d44a49f301e105236bd0f32cf6da3e120
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd268b65711e333aa0bfbe06ce8011ce4377fcdee457a2ebb2451a238f17c21
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76
0e98a1490cb4a4f148652f94a6b15aaf7d7cde4477de13269b307acea894495d
0ea3698701b0651074b610a5c4562603bc7329ebf68c67766d712eedea4b1078
10c861bc88c25be1f3ee98f7652bc7fbb35857f42f923e00c6037b757c77685e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
115d3d222e948b73289c8180d4c821ae08feed8d7c3c62d7abff966e1f890bbb
11d971a0a1debeac970a107b8a5eb5b2825be3e9d5a3aec247ad793431021570
11e41d859e2bb2f97068bbbffff15522b7852828e938a464164ffbad62cfa389
128927f59836c27c5027834ede82532c33ae2ab29870b536d72594c722c0ab1c
147024f9544ce5c541fdcd66fcf0d59ed116b4a35e69a392e4c1fdfa4ce52994
175220fd96c68c199b07b3e496a9a6ce1fc52d7ba23bf732cacd9a010760c2e2
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
199e6b89809978f2e45e44b4b7f75d72f422a36d3a1afd156e159b586659ca92
1b33cdb7b2a268b367f49f834a2b5bc6d51313a4c9f7cf9e1df8882896b8ab8c
1b727c752b1f059280279c183d00428626d0f54d3a26890ce09d4b1694cd264c
1e51fd15944329fa0576ec339cc9071c33ce181e029f486625273f41cc4db361
21aa80733a2e64012e3f4f18beb996d922b2cbe4eb24fe383c556ee13baf1fd2
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772
258f64bee111668968010bcbfc6282820dd36a703868d81839c9930dc82d4e1c
288f53c9b416b02149af1d4a1e80a6cb7dd255742206b2ce59b8abce5b21692a
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2a4244440a81878c0db4fbd16363fa8ff53cd48eca1b6732d761644a5a4a7120
2b3e1d5cba4096f7f78108316a483c9e5430f15064aa3a2b5694f38d2086362b
2c95edb514059559d1aafd3345ece82176c76390deb4225914c4eafface4c3f5
2cddb299c06219e1bfe0702c0d94c078b7aa61bc97c92a04bf89c1fa155e9aab
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e67989c5380ba38f012f9f1675db3127979fecc75ab124fe7ac9ea11cdebfc7
3005566d549831baab1aa7e940190d69a0ad0b67db5a1fde8059275394b1f151
30c065c5189582302f1fc91edd7f8c99956f6f8bd6c4b242081f41ab1c772b08
334631bba8f046f05e088386fda836476680cdb8920919dd666879c905e40fba
334b0a97ec6bd9277f5e2e9ccee5c95026a43510900d2b3b3ac8d448c8bdf903
3419057d4d0ea2416ad392eb797ded2ac1033896fc70df1dadd4eaad31862bf1
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
370e0116de921e16f8852f8f1d0eae51b271f7a4de8a77764175c3e1b86b176c
37858626df4b108f6213cd262455bc11fbf68be16dfff8cd1832e7f8e342d361
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38477db16d8d2916c639a93c9c8687cdb4688b8b7f22e1f5ab9409e1c5cd592d
3929e571584ac404ba32c11166c577244729dbd1e4189320e124126366224f08
3b8376eddf63b945d89f840821352ab5fabaf4d5a208669f4e83d89d10304ffd
3c50e9629fa1a0f26d8a6a017db615c5fc46af69bf4f2e28f6f5e6b05336289e
3d626c254ca862e8374be3cc114261548526669da9eb4870fc69dee90e38ede8
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dc6a7704e3c0a1630b299e7c73d9ed7cc97123dd62c76243810a7d234864c2d
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1
3f32ab7d466ee99b7e292e7b830b4c2ae03c2f959a0555264a01ceb892a15392
407837d8c439977d467f0868cc7be102ffbe3e0d354b3375cbf5d60804d98fd7
41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401
423c811d794e62d7a6aa757c2506f2bc6a35a4184c72729748f99c5376198a89
42761907775a3869fbd2b51a15a5bf53e8b3204e799a708a505f97b6b740ba97
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
42f3c743155b5fd69a1b27ce2847c0e90aabf80ae3936128eb73efc6d0ac567b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
443d41c905362e5073c79212ec86c5f69ddcfbc38f5530c6409b73c604e74259
4455b1dcc6d914ad05ce4909da51de19f20cd99020ff20e98ab5fea35a29db0a
45e26bc5da21ffd6603e788a61f81e9af4bc6325ccb3fbbca6ba93bbce5d8668
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
467206f00105224e1a448a4ac9950cf1ad03988d92f95a03100b64c6feb17999
46f44bc65b39c9abfdeac3908a0aeaf4118ac1b43256b7b29dbb996b7b449651
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
47f24e87af9697fea839c98bb060789be65892c3c6500632d5db312590400344
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98
4a59afde8e0c966992b4cf31107f3e706e78572223f8f28162c218673bf7a71b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c33b33cdeacf996983db545e89f5f538054ceb4d79fd6146de71617499531ac
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e
509070ee93b08f5ec7865ee339406bd8174c8fd99d022816ca3e402efda3af69
516b4bcf4244158d2b9202b7a651449f63b872ce077edd78f4ddfa75cb9e0480
52732007dd790f73859fc299aef99cd5aaff8c209e045f02ce3b0285a0567095
52f714c3f78011bc97493a37219e75e9edf220b7e9de5e7c3f40d6644c7a3232
548d56f93a6178c16825a79ab897b01652aca5b1bda32c07c6d7ba550b13aeab
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660
565bd5f2e2d7b6d0a1b09aa15b5dfa0068964dea3ed52df5c26bcfd3bd80e813
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74
577c219be707f0fd68f4bf96b12882451f14f01164d2c541a52db2caa810ebf9
5837176a5be205c861565cdec44ff713ed7874620fd4b2967a59a0d184477a48
5da3d8e938d51ef849cb42e373bc457290295e50f4aa99e5aa052a5217a80d3e
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
61732724ef457a86cb694449dcd434f954d42a2b50d873a96745f1a7ebac7aca
6243d76b5b5b75e0fdec055242a5c57611b00947964c66c498e90dedb47fbdba
63582b8fe0af6580586ed638be0835a41027e5c5ffa17c2fd4bb02cb61e686d8
64287b4c9a2645226cada97f6bbacf523f0a96db01c234df59b58c8b1e8367fa
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27
65a2eb9deba177f53298f62274f596b2696bd46efaa57c3e2773a6b050d3001d
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67eab82c51941ed21bedc57e9863fadaa5dbe7594a0768fb4fc1ccc77691ce24
690ffda50762909fb778e25be1d99cd8e908476dfb993c3ecee01f25c4de2236
69e3258adb0cfbaf3d21dad95123c507ee6e454fdfbff855c638f98580278976
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6add357eb64adef558f956767816927de0b8be69dd7a8f50953a0f79ee20daee
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bc8c146f3da715000ddeb953d7a5282de42d25de607c6c18322cb6e09b54a73
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
6cf6ab2c1c2e716672d1b3cca8888126ac52b19614d274e176f70dd0435ba20d
6d66ebb4c93a117d8bc17d3b5ba546f5327ababb380162ea67af3078e2362540
6dc1b3097165b12adf713a2382ddfffd7dfb8578967c542f139adf05b2caab2e
6f7cdeefc6f0b83e3057ace9d1096ba993a928c20e86da0cd0bde0fb6d11bec2
71b1d7746d906f8d74defa720321a3c2974aae74ab8b08960981fd3ce9512f20
72accd331f232e69d6be6c9756655c5b829a72bf67ffc7ca6b345f4478cb3d4e
74688e92426ddb650bba0472605a3a138e7c4f21dcc33852ec8757523781aca7
7553f5b5cc17641ff872bf561755e809968ed8906babeb31ef44824f742a8b9b
7568bf67bec31079e13d3eea3a735e7cf5179c15d6deb65822ce6c9bd23df350
756b9209561d2a2a4a54f2198bf8e6ebd9b8982452f3a7607026acc259211c81
768c16c38e24ee434972f0a5d9d0ab96858930b836970b5c54b4f0e15089673c
781883b06058dc10a84cffc8c3277564d84dab240543b26c410ebaf6c03c3307
78311911d14b21b090d929eaf97df372e3bf1c3d94109a39d017acb54e478265
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
79902b0180a228985c5f89c1ee05083861390e437de9600b3756c8edc32833c9
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747
7cb4560c15852d4f239dbe2b2fb095b3e1dcd15086b7a4307d42ae1e6c20c139
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f
7db6f55ad0876e2e00b75bc9c0a1f844cb9f6535a51526fad76357a57ac82a22
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
81e882f9dcaa9b198ce6f04005a11caec7d8b7a10d14a6ebe223b0135193cc4e
82da2ddb7612ff4bffd6abc5f89684ffac5604f451f128d35f1ddbba5f2e20b4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8460b4f10c0219a59879bf83173bfd29af1a3df5405a91dc88f653495022fe77
846b194e92a819c14244a0293f1e3c0b135d1f942db64462258dc669f695b29f
853324ad1cb1a0bbc62244f1854403cfe21ddb5bd45fd2595d018734c80daac7
86a90b183aecfa70018125329bdc860971b2f20123c0f40e68bac0a1dcb58645
8981b7634262efb2ccddde3aaf691c544eb2e2a9f95fe7f7976d6574a14999e4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e56feedb34afeedfeddc229f65dd7216d5ec9abd08f278d648668f79c890485
8e8714dca189afb03bad5e501043094e5133b987bc22126b5ab5ed1d76db3a9e
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
90542f9de6cab010087ab4bcab0e3b0a2ec1e449e445434dc1bb5c852033f046
94aedf74ee9c2f40bc8d5b8e9dd891946d0f843b7cfbd6d86f6343067ecd9528
96bf34be96152a1e9b30121f463904332e2ee264399170c25749b5ba8a562443
96e61209b1c1fff1abe78fb763fbf093a04e6e992dc24b299ab1c4c5f4272f16
9811c1becea5c0c134342f37f302f4362f781675ae5e131f45e8a5434a97d2d6
98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b33810d308f761a076f7d2ddd720839b719bee12e8082e42b3d2042b5041090
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a10d306265feb9fd46afe61797ff3eb234550e49d93624d80212d4761296ce1b
a1dd11385bf9a9e2e67c1107000d9e30010e95da3ef8b8c29b1b5c5071546595
a2fa359af410cfec360147b04e6802bcc6107bc9ce6ed1d012efa10f5fa8efb0
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a357241d63b459f58c556fe32697a5f0177da218e7000876aafd670c62268f42
a44920e93409809816128ce5f7e1fe98a32144f7b335389730192bb2f42c4233
a566ae2a1e7934ac507ab1f3f7b34f7f7d4a2ecf6463c98cb1b2305e8efb19f1
a59e8d8491b501831dd2cb45a4ef16eb2aa3c8c52a80d185d39e257917472bd7
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a77319d6ab3cf3a1c4a4a5ba4e6c5b3ccf689c5269ddb896b93b2393b93d319c
a8d9b7d4230d33c693d11ebca3f0a5caaa527ba7718cf6fc761dd14b595bb84c
a9179676206755fbdcaf25d2c0958cf0ef14c8a787f38c966b9dbd8013b919f0
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa051735a4be53eec3f734962cf3773b0e65adb8238b76f32df8e377ad090258
aa1cfed1a9a07ce73fe93c1ba6d474db5fb4dc2081f8bd94444be5204e632d60
ac2ad6c17aac6e0ffc07c191a0c713205c18daf70856307c1a72fbed3858889a
ac2b85ac1f278e16f50127dc46574bef15d731608a21d5eeeb7fea8813599270
aea958fc561b6df4a36ba723c33b7ed895f0e6940d927bc5c1e127ee900a04a1
b04e63db4ab9aef3c7ec9013344a95f80daaeb8616d368420a28266b6920659f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b21e8894208f8d634fc7efcad5afa5d3bef4a18a9525d01392cddb6b808691c1
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b7eadcc5361f1c0638361ecc69600378ddf67317d10d85c1b130f6131f4237b4
b813529904299f779a45fa707fdc40c9e883fc265bc18e93f7924281398a4d11
b92087c8f2dbb941e624d2403cf39e049a9d75d62859df03ddda63bfdbda182c
ba035cdbd3f36ad13f51ae65d8936311e46cd3f9cf65684892f6b1f05401aa06
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
bd204debaaee1468075efbf39237f0e7e60da7ae5c1130a0eace92b59f578585
befa7b6730402428d9818130a434450cbc8feed9777728920c535ff7a919b419
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c233d6098087425dfeea8f690fd936de6b3cb2dc9fda991b0a5051169d334399
c3f11ffbaaba9768b1b5b86613b1dfe237de5257be4ac0a8d477ec497e38a20c
c536d9de2223f68dd48610fe844fed3a35e19fb8a3a9ca312d3501ba8d025feb
c81d385094258a16ed73e19cfef6b5ddd91ffcd692474281cc7b73b95f71a545
c896be5d2c0d966335fe713e1c71bde42735d11e973928fd8d1d227d79e37432
c95123ccc9890a5ac5dba9d9060abc099e1fcb9f7e1043c675188ac12942616f
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cac4cff1067d546eee4b0907276ecbb1e57c02d2ac6002ddc1718c9ed422a621
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0165ea38eefd4aa76c3a73da6883fd35da178df94d52018b34ecb1ccb068b74
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0d2b70ff09df898f2652af487149d55391a4088ad738ad9f69286ef5e734811
d13b828524033b9a73c68df3bf063d050d264b970d6292f5a177f885a27e6792
d2b26ee086bef66c17fd068e44724bc22acfb82466cb4071b8b1faa0939e4f14
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f
d4ff888b43d9e7a2a2ef1c2ce7a973090ca8d7351579d0286cb0562e53fb916c
d5619551e2524d1359a848586c661da0966af70c18495b796b7ca40574aa0266
d78e7008d6b900d8ff1c355abd68632ce04be4555cdbc8c25a8db0fe8b31aea0
db4857f9c629c7255011feed900ea424555f595daea63a20cb9d28f659024778
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dec9b1658814521902f86d8ba736b2e32de4fc3642069815e0a7d852f0ca9383
df756ad891a20ccedd6cb854a1cce4d94a32006a5ed8381f4f5dfa1bfd697fe4
dfd04b7872d9287e3400f1a62b8db0750dc5ea0f72688717d2f0e6a88194a5e1
e05a9c906ef14102784da5bdd5bb9d7d22471c7bf4ba1a052cbd92a3d6c1156c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4370fd4649973fb1f998692a2c3e5f3f3953d8e46c9d890071b5c461c33a1f9
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7f130df0cb6821e807fb8ae97edf4972151abb6243318e9a246757269281028
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ea8c11136a7433434705f93ac9b944267b1e5b18cb713fe9817c7ca09c730cf7
ebdc6a7c4fd5eaa143fe24ef24bc78c019601191a3a8673835a79752145cd7cb
ed16e1f9f8ee4b45970f8af91c65e1ef9434319912b06a0fc3471edddae3d062
ed75109404e5ed7750f964bfe12245ad0d67cd4fb6d2d4138ee094d322477c82
edb48f47d769a51a21230739ab84880f5d7b12367a72f636e33cb178b0b3d746
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f
efded6408c7e64cd48c00b10bdd63b79539c5bb13a396b9f3773f71fe2d5a606
f050c9ec734121a1688a36225b4b5b05eb5337504cc07f7d6869654933345e67
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8
f217209876e61d74a3304e84b36ac1fe67d5c617bb325bc97f3979c883eb4d36
f241f634c67fb384bc28e2ad5bd96f4879ff34bc1e8865bb6f2393125c5ef70f
f357c45123b16f4074266500339d3378c68262dbaed2b47cc024711213c01db6
f3fafca59b5a72fc80705bde3833c0f0b3a77d7bd0d30bc9d8f36a05fc0815cc
f40b905db28a7e80d8dfff3d9814bba89fe2760ecc06035942ec58591c0de8d2
f54c990487997ac95dbe90a5f99f2898ca94045be6648a40f970d5aeb61246cc
f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025
f7cb20644decb7967fa72d80cabc2106453cfe6b816be9669daf62055d7e7794
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63
f8b8ff4df6547225dca1d2d21c7ae4e4f96f0163825fa6029b183e068bb1ece6
f8dff73ef2b801a62e76e263b475f587f925897c48a178d7a6f7516e840247ff
f9b1f42d0a9b100d27138d26ebcacaff27ec31f617b67a209bfe8a3362124d54
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd43f942f86285972e1a851578ace2d1fa6076aa6dea6f6067e7f523779743f5
fe08c3a5fd2d4a0c5a4f33864bbb3bddc095f87d1aba54a588163f3370b33ff4