urlscan.io logo urlscan.io
SecurityTrails logo

ask.fm Open in urlscan Pro
193.138.77.140  Public Scan

Go To Rescan Add Verdict Report
URL: https://ask.fm/spadebook33
Submission: On September 10 via manual from SG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 143 IPs in 15 countries across 127 domains to perform 632 HTTP transactions. The main IP is 193.138.77.140, located in Latvia and belongs to ASK-FM, US. The main domain is ask.fm.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on July 30th 2020. Valid for: a year.
This is the only time ask.fm was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 193.138.77.140 395754 (ASK-FM)
6 2600:9000:20e... 16509 (AMAZON-02)
1 3.129.250.65 16509 (AMAZON-02)
3 35.201.96.133 15169 (GOOGLE)
3 16 2a02:6b8::1:119 208722 (YNDX)
20 2600:9000:218... 16509 (AMAZON-02)
5 2600:9000:211... 16509 (AMAZON-02)
1 52.49.37.161 16509 (AMAZON-02)
16 151.139.128.11 20446 (HIGHWINDS3)
3 3 66.155.71.150 13768 (COGECO-PEER1)
3 18.158.22.228 16509 (AMAZON-02)
10 10 18.198.117.246 16509 (AMAZON-02)
1 2 2a00:1288:110... 34010 (YAHOO-IRD)
5 6 213.19.147.44 26120 (RHYTHMONE)
5 6 13.248.242.197 16509 (AMAZON-02)
2 2 213.19.147.45 26120 (RHYTHMONE)
3 9 23.40.113.157 16625 (AKAMAI-AS)
18 146.20.132.184 27357 (RACKSPACE)
40 146.20.132.134 27357 (RACKSPACE)
9 9 2001:678:cb4:... 56396 (AMOBEE)
35 146.20.132.63 27357 (RACKSPACE)
2 2a03:2880:f03... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:219... 16509 (AMAZON-02)
2 2600:9000:211... 16509 (AMAZON-02)
2 23.111.211.20 7979 (SERVERS-COM)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f13... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
15 37.157.4.40 198622 (ADFORM)
4 185.94.180.123 35220 (SPOTX-AMS)
6 19 18.195.69.184 16509 (AMAZON-02)
14 92.122.149.47 16625 (AKAMAI-AS)
4 23.111.115.92 7979 (SERVERS-COM)
3 23.111.115.244 7979 (SERVERS-COM)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
1 2a04:4e42::485 54113 (FASTLY)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 178.250.0.157 44788 (ASN-CRITE...)
5 13 185.33.221.90 29990 (ASN-APPNEX)
1 185.86.139.58 201081 (SMARTADSE...)
6 147.75.38.124 54825 (PACKET)
1 104.120.60.249 16625 (AKAMAI-AS)
5 51.89.9.251 16276 (OVH)
1 8 35.244.159.8 15169 (GOOGLE)
2 23.111.119.12 7979 (SERVERS-COM)
3 185.64.190.78 62713 (AS-PUBMATIC)
5 7 37.157.4.24 198622 (ADFORM)
2 2 213.155.156.182 1299 (TELIANET ...)
1 8 185.64.189.110 62713 (AS-PUBMATIC)
1 178.250.0.163 44788 (ASN-CRITE...)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
15 185.64.190.80 62713 (AS-PUBMATIC)
4 4 34.252.144.15 16509 (AMAZON-02)
8 10 142.250.178.130 15169 (GOOGLE)
1 1 198.148.27.140 19189 (PULSEPOINT)
2 185.86.138.142 201081 (SMARTADSE...)
1 1 162.55.6.212 24940 (HETZNER-AS)
1 1 193.0.160.128 54312 (ROCKETFUEL)
1 173.231.180.197 29791 (VOXEL-DOT...)
1 1 94.23.73.243 16276 (OVH)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 2a04:4e42:200... 54113 (FASTLY)
1 151.101.193.44 54113 (FASTLY)
1 38.91.45.7 398989 (DEEPINTENT)
3 3 185.29.134.244 30419 (MEDIAMATH...)
2 185.64.189.114 62713 (AS-PUBMATIC)
1 2 169.50.137.190 36351 (SOFTLAYER)
4 4 18.156.0.31 16509 (AMAZON-02)
1 1 2620:116:800d... 16509 (AMAZON-02)
2 3 151.101.194.49 54113 (FASTLY)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 34.98.107.212 15169 (GOOGLE)
1 3 37.252.172.38 29990 (ASN-APPNEX)
1 1 34.254.122.11 16509 (AMAZON-02)
2 80.64.106.152 20764 (RASCOM-AS...)
3 23.111.115.236 7979 (SERVERS-COM)
5 195.209.108.39 52007 (ADRIVER-AS)
39 35.186.238.232 15169 (GOOGLE)
11 92.38.138.105 199524 (GCORE)
1 3 188.34.131.130 24940 (HETZNER-AS)
2 192.96.200.41 30633 (LEASEWEB-...)
1 2 185.15.175.132 43226 (SAFEDATA ...)
1 3 37.157.4.29 198622 (ADFORM)
1 185.94.180.125 35220 (SPOTX-AMS)
3 185.64.190.75 62713 (AS-PUBMATIC)
1 2a02:26f0:d9:... 20940 (AKAMAI-ASN1)
1 2a02:26f0:d9:... 20940 (AKAMAI-ASN1)
1 5 18.185.205.93 16509 (AMAZON-02)
1 185.86.139.96 201081 (SMARTADSE...)
1 1 3.69.77.40 16509 (AMAZON-02)
1 1 3.120.43.188 16509 (AMAZON-02)
3 23.40.112.228 16625 (AKAMAI-AS)
1 216.239.34.21 15169 (GOOGLE)
1 2 34.120.25.144 15169 (GOOGLE)
1 216.239.32.21 15169 (GOOGLE)
2 209.197.3.19 20446 (HIGHWINDS3)
1 205.185.216.10 20446 (HIGHWINDS3)
4 2606:4700::68... 13335 (CLOUDFLAR...)
5 2a02:6b8::90 208722 (YNDX)
3 34.249.65.165 16509 (AMAZON-02)
18 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:218... 16509 (AMAZON-02)
9 92.122.150.58 16625 (AKAMAI-AS)
2 23.40.112.51 16625 (AKAMAI-AS)
1 162.55.233.28 24940 (HETZNER-AS)
4 185.86.137.17 201081 (SMARTADSE...)
1 3 18.198.126.47 16509 (AMAZON-02)
1 35.241.45.217 15169 (GOOGLE)
2 2a04:4e42:400... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a04:4e42:600... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
2 35.227.248.159 15169 (GOOGLE)
7 130.211.115.4 15169 (GOOGLE)
5 2a02:6b8:20::215 208722 (YNDX)
2 54.76.92.25 16509 (AMAZON-02)
2 157.90.0.13 24940 (HETZNER-AS)
8 92.223.106.12 199524 (GCORE)
1 92.223.103.67 199524 (GCORE)
5 92.38.138.145 199524 (GCORE)
1 92.223.103.58 199524 (GCORE)
2 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 3 209.54.178.82 16509 (AMAZON-02)
2 2a02:26f0:d9:... 20940 (AKAMAI-ASN1)
8 95.217.114.174 24940 (HETZNER-AS)
4 92.223.103.116 199524 (GCORE)
28 2a00:1148:db0... 47764 (MAILRU-AS...)
2 23.111.96.52 7979 (SERVERS-COM)
1 1 3.66.135.160 16509 (AMAZON-02)
1 38.27.122.101 174 (COGENT-174)
1 1 52.44.220.233 14618 (AMAZON-AES)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.229 62713 (AS-PUBMATIC)
1 2 77.243.60.138 42697 (NETIC-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 52.71.206.53 14618 (AMAZON-AES)
1 74.125.206.156 15169 (GOOGLE)
2 146.185.194.45 50340 (SELECTEL-MSK)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1148:db0... 47764 (MAILRU-AS...)
10 2a03:90c0:1d1... 199524 (GCORE)
1 1 80.64.106.149 ()
1 37.18.16.21 205675 (HYBRID-AS)
1 2 193.232.148.151 ()
4 5 31.172.81.159 44066 (DE-FIRSTC...)
2 2 81.163.17.245 ()
1 1 138.201.34.238 24940 (HETZNER-AS)
2 2 148.251.236.115 24940 (HETZNER-AS)
1 1 148.251.129.43 ()
2 2 217.66.147.170 ()
1 1 213.87.44.187 ()
1 195.201.152.110 24940 (HETZNER-AS)
1 83.222.114.186 ()
2 3 35.201.80.102 ()
1 1 35.190.16.14 ()
1 34.98.67.61 15169 (GOOGLE)
1 1 178.62.202.251 ()
1 1 80.82.217.93 ()
2 3 80.82.217.103 ()
1 1 51.77.65.176 ()
1 11 2606:4700:10:... ()
3 11 92.122.149.105 ()
2 92.122.149.30 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 3 216.52.2.48 ()
3 3 18.184.95.242 16509 (AMAZON-02)
1 142.250.75.226 ()
1 3 2001:6d0:4001... ()
2 87.240.139.194 ()
1 2 141.95.34.105 ()
1 1 35.158.223.21 ()
2 178.162.133.149 ()
4 185.180.43.83 ()
1 1 185.183.112.155 ()
1 1 52.44.213.11 ()
2 87.240.129.135 ()
1 2 3.213.248.174 ()
2 159.69.72.5 ()
6 3.124.203.132 ()
632 143
1    193.138.77.140 (Latvia)

ASN395754 (ASK-FM, US)
ask.fm
6    2600:9000:20e1:c200:11:3771:2e40:21 (United States)

ASN16509 (AMAZON-02, US)
d3r6ceqp4shltl.cloudfront.net
1    3.129.250.65 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-129-250-65.us-east-2.compute.amazonaws.com
ads.vidoomy.com
3    35.201.96.133 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 133.96.201.35.bc.googleusercontent.com
colossalcoat.com
16    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
mc.yandex.ru
mc.yandex.com
20    2600:9000:218d:3600:13:811c:e440:21 (United States)

ASN16509 (AMAZON-02, US)
d16vsmxl4d5tw1.cloudfront.net
5    2600:9000:2117:b400:c:d85b:b300:21 (United States)

ASN16509 (AMAZON-02, US)
dbq8hrmshvuto.cloudfront.net
1    52.49.37.161 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-37-161.eu-west-1.compute.amazonaws.com
static.adsafeprotected.com
16    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
ad.lkqd.net
3    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
3    18.158.22.228 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-22-228.eu-central-1.compute.amazonaws.com
a.vidoomy.com
10    18.198.117.246 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-117-246.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
6    213.19.147.44 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
6    13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
2    213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.targeting.unrulymedia.com
9    23.40.113.157 (Paris, France)

ASN16625 (AKAMAI-AS, US)
PTR: a23-40-113-157.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
18    146.20.132.184 (United States)

ASN27357 (RACKSPACE, US)
v.lkqd.net
40    146.20.132.134 (United States)

ASN27357 (RACKSPACE, US)
cs.lkqd.net
9    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
35    146.20.132.63 (United States)

ASN27357 (RACKSPACE, US)
t.lkqd.net
2    2a03:2880:f030:13:face:b00c:0:3 (France)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4007:81a::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:219c:fc00:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.optad360.io
2    2600:9000:2113:da00:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)
get.optad360.io
2    23.111.211.20 (Russian Federation)

ASN7979 (SERVERS-COM, US)
viadata.store
6    2a00:1450:4007:80f::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a03:2880:f130:83:face:b00c:0:25de (France)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
15    37.157.4.40 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
4    185.94.180.123 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
19    18.195.69.184 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-69-184.eu-central-1.compute.amazonaws.com
ads.adaptv.advertising.com
14    92.122.149.47 (London, United Kingdom)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-149-47.deploy.static.akamaitechnologies.com
vpaid.pubmatic.com
ads.pubmatic.com
4    23.111.115.92 (Russian Federation)

ASN7979 (SERVERS-COM, US)
cdn.viadata.store
3    23.111.115.244 (Russian Federation)

ASN7979 (SERVERS-COM, US)
logs.viadata.store
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    2606:4700::6812:fa1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
13    185.33.221.90 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    185.86.139.58 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
6    147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    104.120.60.249 (Paris, France)

ASN16625 (AKAMAI-AS, US)
PTR: a104-120-60-249.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
5    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
8    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
vidoomy-d.openx.net
viralize-d.openx.net
2    23.111.119.12 (Russian Federation)

ASN7979 (SERVERS-COM, US)
pl.viadata.store
3    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
7    37.157.4.24 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    213.155.156.182 (Uppsala, Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-182.teliacarrier-cust.com
d5p.de17a.com
8    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
15    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
4    34.252.144.15 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-144-15.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
10    142.250.178.130 (United States)

ASN15169 (GOOGLE, US)
PTR: par21s22-in-f2.1e100.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
googleads.g.doubleclick.net
1    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    185.86.138.142 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    162.55.6.212 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.212.6.55.162.clients.your-server.de
csync.loopme.me
1    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    173.231.180.197 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
1    94.23.73.243 (Lisbon, Portugal)

ASN16276 (OVH, FR)
PTR: ip243.ip-94-23-73.eu
green.erne.co
1    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    2606:4700::6812:d05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
match.taboola.com
1    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
3    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
2    169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
4    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
3    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    34.98.107.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 212.107.98.34.bc.googleusercontent.com
ads.playground.xyz
3    37.252.172.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    34.254.122.11 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
2    80.64.106.152 (Russian Federation)

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr7.rutarget.ru
clientside-video-bidder.rutarget.ru
3    23.111.115.236 (Russian Federation)

ASN7979 (SERVERS-COM, US)
rtb-msk-2.viadata.store
5    195.209.108.39 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)
ad.adriver.ru
39    35.186.238.232 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 232.238.186.35.bc.googleusercontent.com
ads.viralize.tv
11    92.38.138.105 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
PTR: f12.moevideo.net
moevideo.biz
3    188.34.131.130 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.130.131.34.188.clients.your-server.de
adx.com.ru
2    192.96.200.41 (Washington, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ads.aralego.com
2    185.15.175.132 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)
dmg.digitaltarget.ru
3    37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
3    185.64.190.75 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
vid.pubmatic.com
1    2a02:26f0:d9::58dd:3012 (London, United Kingdom)

ASN20940 (AKAMAI-ASN1, NL)
ced-ns.sascdn.com
1    2a02:26f0:d9::58dd:3049 (London, United Kingdom)

ASN20940 (AKAMAI-ASN1, NL)
apps.sascdn.com
5    18.185.205.93 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-205-93.eu-central-1.compute.amazonaws.com
eu.sportradarserving.com
1    185.86.139.96 (France)

ASN201081 (SMARTADSERVER, FR)
itx4.smartadserver.com
1    3.69.77.40 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-77-40.eu-central-1.compute.amazonaws.com
aws-fr-sync.bidswitch.net
1    3.120.43.188 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-43-188.eu-central-1.compute.amazonaws.com
a.sportradarserving.com
3    23.40.112.228 (Paris, France)

ASN16625 (AKAMAI-AS, US)
PTR: a23-40-112-228.deploy.static.akamaitechnologies.com
aktrack.pubmatic.com
1    216.239.34.21 (United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2215.1e100.net
tags.feedad.com
2    34.120.25.144 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 144.25.120.34.bc.googleusercontent.com
public-prod-dspcookiematching.dmxleo.com
1    216.239.32.21 (United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2015.1e100.net
api.feedad.com
2    209.197.3.19 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: vip0x013.map2.ssl.hwcdn.net
servedby.flashtalking.com
1    205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net
cdn.flashtalking.com
4    2606:4700::6812:8ca (United States)

ASN13335 (CLOUDFLARENET, US)
static.viralize.tv
5    2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
an.yandex.ru
3    34.249.65.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-65-165.eu-west-1.compute.amazonaws.com
d9.flashtalking.com
18    2606:4700::6810:d40 (United States)

ASN13335 (CLOUDFLARENET, US)
c.bannerflow.net
1    2600:9000:218d:6800:a:deb0:3380:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.ad-score.com
9    92.122.150.58 (London, United Kingdom)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-150-58.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
2    23.40.112.51 (Paris, France)

ASN16625 (AKAMAI-AS, US)
PTR: a23-40-112-51.deploy.static.akamaitechnologies.com
secure.flashtalking.com
1    162.55.233.28 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.28.233.55.162.clients.your-server.de
sync.richaudience.com
4    185.86.137.17 (France)

ASN201081 (SMARTADSERVER, FR)
www8.smartadserver.com
3    18.198.126.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
loadus.exelator.com
loadm.exelator.com
1    35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com
pghub.io
2    2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)
cdn.ravenjs.com
2    2a00:1450:4007:80a::200a (Ireland)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
4    2a04:4e42:600::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
2    2a00:1450:4007:805::200a (Ireland)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pandg.tapad.com
pixel.tapad.com
7    130.211.115.4 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 4.115.211.130.bc.googleusercontent.com
data.ad-score.com
5    2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
yastatic.net
2    54.76.92.25 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-92-25.eu-west-1.compute.amazonaws.com
ice.360yield.com
2    157.90.0.13 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.13.0.90.157.clients.your-server.de
s.richaudience.com
8    92.223.106.12 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
PTR: f41.moevideo.net
playreplay.me
moe.video
1    92.223.103.67 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
PTR: f52.moevideo.net
thesame.tv
5    92.38.138.145 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
PTR: f49.moevideo.net
cs-0.moevideo.biz
1    92.223.103.58 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
PTR: f43.moevideo.net
playreplay.net
2    2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)
cdn.stickyadstv.com
3    209.54.178.82 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    2a02:26f0:d9::58dd:305b (London, United Kingdom)

ASN20940 (AKAMAI-ASN1, NL)
creatives.sascdn.com
8    95.217.114.174 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: ap10.adplayer.pro
serving.stat-rock.com
4    92.223.103.116 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
PTR: f54.moevideo.net
am-0.moevideo.biz
28    2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
ad.mail.ru
2    23.111.96.52 (Russian Federation)

ASN7979 (SERVERS-COM, US)
content.adriver.ru
1    3.66.135.160 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-135-160.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    38.27.122.101 (Chestertown, United States)

ASN174 (COGENT-174, US)
match.bnmla.com
1    52.44.220.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-220-233.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    185.64.189.229 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
1    52.71.206.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-206-53.compute-1.amazonaws.com
sync.ipredictive.com
1    74.125.206.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wk-in-f156.1e100.net
bid.g.doubleclick.net
2    146.185.194.45 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: host45.seedr.ru
stats.seedr.com
1    2a00:1450:4007:809::200e (Ireland)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
1    2a00:1450:4001:10::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r3---sn-4g5lznes.c.2mdn.net
2    2a00:1148:db00::28 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
r.mradx.net
10    2a03:90c0:1d1:2801::14 (Paris, France)

ASN199524 (GCORE, LU)
cdn01.nativeroll.tv
cdn02.nativeroll.tv
1    80.64.106.149 (None, )

ASN- ()
moevideo-sync.rutarget.ru
1    37.18.16.21 (Netherlands)

ASN205675 (HYBRID-AS, RU)
dm.hybrid.ai
2    193.232.148.151 (None, )

ASN- ()
px.adhigh.net
5    31.172.81.159 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
sync3.adsniper.ru
2    81.163.17.245 (None, )

ASN- ()
mitdmp.whiteboxdigital.ru
e4a0d02b-0984-4d99-85c4-cbdbc56f9ab8.mitdmp.whiteboxdigital.ru
1    138.201.34.238 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.238.34.201.138.clients.your-server.de
exchange.buzzoola.com
2    148.251.236.115 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-5.community.moscow
sync.upravel.com
1    148.251.129.43 (None, )

ASN- ()
9a7eb090-76c1-4547-a6f7-d6139ca6932c.sync.upravel.com
2    217.66.147.170 (None, )

ASN- ()
sm.rtb.mts.ru
1    213.87.44.187 (None, )

ASN- ()
tech.rtb.mts.ru
1    195.201.152.110 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.110.152.201.195.clients.your-server.de
sync.dmp.otm-r.com
1    83.222.114.186 (None, )

ASN- ()
rtb.com.ru
3    35.201.80.102 (None, )

ASN- ()
dx.frontend.weborama.com
1    35.190.16.14 (None, )

ASN- ()
rd.frontend.weborama.fr
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
1    178.62.202.251 (None, )

ASN- ()
match.adsby.bidtheatre.com
1    80.82.217.93 (None, )

ASN- ()
ads.smartstream.tv
3    80.82.217.103 (None, )

ASN- ()
cm.adsafety.net
1    51.77.65.176 (None, )

ASN- ()
tags.adsafety.net
11    2606:4700:10::6816:397e (None, )

ASN- ()
sync.quantumdex.io
ms.quantumdex.io
11    92.122.149.105 (None, )

ASN- ()
js-sec.indexww.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
2    92.122.149.30 (London, United Kingdom)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-149-30.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    2606:4700:10::ac43:8ae (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.connectad.io
3    216.52.2.48 (None, )

ASN- ()
ap.lijit.com
3    18.184.95.242 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-95-242.eu-central-1.compute.amazonaws.com
pixel.advertising.com
1    142.250.75.226 (None, )

ASN- ()
ade.googlesyndication.com
3    2001:6d0:4001::226 (None, )

ASN- ()
www.tns-counter.ru
2    87.240.139.194 (None, )

ASN- ()
vk.com
2    141.95.34.105 (None, )

ASN- ()
id5-sync.com
1    35.158.223.21 (None, )

ASN- ()
match.sharethrough.com
2    178.162.133.149 (None, )

ASN- ()
sync.go.sonobi.com
4    185.180.43.83 (None, )

ASN- ()
statsb.nativeroll.tv
1    185.183.112.155 (None, )

ASN- ()
sync.adotmob.com
1    52.44.213.11 (None, )

ASN- ()
nep.advangelists.com
2    87.240.129.135 (None, )

ASN- ()
login.vk.com
2    3.213.248.174 (None, )

ASN- ()
a.audrte.com
2    159.69.72.5 (None, )

ASN- ()
pub-eu.p.otm-r.com
6    3.124.203.132 (None, )

ASN- ()
ads-eu.v.ssp.yahoo.com
Apex Domain
Subdomains		 Transfer
109 lkqd.net
ad.lkqd.net
v.lkqd.net
cs.lkqd.net
t.lkqd.net
496 KB
49 pubmatic.com
vpaid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
vid.pubmatic.com
aktrack.pubmatic.com
aud.pubmatic.com
229 KB
43 viralize.tv
ads.viralize.tv
static.viralize.tv
477 KB
31 cloudfront.net
d3r6ceqp4shltl.cloudfront.net
d16vsmxl4d5tw1.cloudfront.net
dbq8hrmshvuto.cloudfront.net
725 KB
28 mail.ru
ad.mail.ru
12 KB
25 adform.net
adx.adform.net
c1.adform.net
cm.adform.net
17 KB
22 advertising.com
ads.adaptv.advertising.com
pixel.advertising.com
14 KB
20 moevideo.biz
moevideo.biz
cs-0.moevideo.biz
am-0.moevideo.biz
1 MB
18 bannerflow.net
c.bannerflow.net
161 KB
18 adnxs.com
ib.adnxs.com
secure.adnxs.com
acdn.adnxs.com
54 KB
14 nativeroll.tv
cdn01.nativeroll.tv
cdn02.nativeroll.tv
statsb.nativeroll.tv
303 KB
14 viadata.store
viadata.store
cdn.viadata.store
logs.viadata.store
pl.viadata.store
rtb-msk-2.viadata.store
181 KB
14 yandex.com
mc.yandex.com
3 KB
12 doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net Failed
bid.g.doubleclick.net
googleads4.g.doubleclick.net
googleads.g.doubleclick.net
7 KB
12 yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
ads-eu.v.ssp.yahoo.com
8 KB
11 casalemedia.com
htlb.casalemedia.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
11 KB
11 quantumdex.io
useast.quantumdex.io Failed
sync.quantumdex.io
ms.quantumdex.io
2 KB
11 stickyadstv.com
ads.stickyadstv.com
cdn.stickyadstv.com
144 KB
11 bidswitch.net
x.bidswitch.net
aws-fr-sync.bidswitch.net
3 KB
9 moatads.com
z.moatads.com
px.moatads.com
103 KB
9 turn.com
ad.turn.com
4 KB
8 stat-rock.com
serving.stat-rock.com
98 KB
8 ad-score.com
js.ad-score.com
data.ad-score.com
152 KB
8 flashtalking.com
servedby.flashtalking.com
cdn.flashtalking.com
d9.flashtalking.com
secure.flashtalking.com
40 KB
8 openx.net
vidoomy-d.openx.net
viralize-d.openx.net
2 KB
8 smartadserver.com
prg.smartadserver.com
rtb-csync.smartadserver.com
itx4.smartadserver.com
www8.smartadserver.com
8 KB
7 moe.video
moe.video
47 KB
7 adriver.ru
ad.adriver.ru
content.adriver.ru
33 KB
7 yandex.ru
mc.yandex.ru
an.yandex.ru
227 KB
6 sportradarserving.com
eu.sportradarserving.com
a.sportradarserving.com
12 KB
6 a-mo.net
prebid.a-mo.net
1 KB
6 google-analytics.com
www.google-analytics.com
97 KB
6 adsrvr.org
match.adsrvr.org
3 KB
6 1rx.io
sync.1rx.io
4 KB
5 yastatic.net
yastatic.net
296 KB
5 onetag-sys.com
onetag-sys.com
3 KB
5 criteo.com
gum.criteo.com
mug.criteo.com
dis.criteo.com
2 KB
5 spotxchange.com
search.spotxchange.com
sync.search.spotxchange.com
6 KB
4 vk.com
vk.com
login.vk.com
45 KB
4 adsafety.net
cm.adsafety.net
tags.adsafety.net
7 KB
4 polyfill.io
polyfill.io
1002 B
4 googleapis.com
ajax.googleapis.com
imasdk.googleapis.com
306 KB
4 sascdn.com
ced-ns.sascdn.com
apps.sascdn.com
creatives.sascdn.com
12 KB
4 com.ru
adx.com.ru
rtb.com.ru
1 KB
4 bidr.io
match.prod.bidr.io
2 KB
4 vidoomy.com
ads.vidoomy.com
a.vidoomy.com
6 KB
3 tns-counter.ru
www.tns-counter.ru
1 KB
3 lijit.com
ap.lijit.com
2 KB
3 weborama.com
dx.frontend.weborama.com
926 B
3 otm-r.com
sync.dmp.otm-r.com
pub-eu.p.otm-r.com
774 B
3 mts.ru
sm.rtb.mts.ru
tech.rtb.mts.ru
2 KB
3 upravel.com
sync.upravel.com
9a7eb090-76c1-4547-a6f7-d6139ca6932c.sync.upravel.com
2 KB
3 bumlam.com
sync.bumlam.com
2 KB
3 amazon-adsystem.com
s.amazon-adsystem.com
2 KB
3 exelator.com
loadus.exelator.com
loadm.exelator.com
2 KB
3 richaudience.com
sync.richaudience.com
s.richaudience.com
2 KB
3 rutarget.ru
clientside-video-bidder.rutarget.ru
moevideo-sync.rutarget.ru
1 KB
3 everesttech.net
sync-tm.everesttech.net
1003 B
3 mathtag.com
sync.mathtag.com
2 KB
3 optad360.io
cmp.optad360.io
get.optad360.io
225 KB
3 sitescout.com
pixel-sync.sitescout.com
884 B
3 colossalcoat.com
colossalcoat.com
30 KB
2 audrte.com
a.audrte.com
2 KB
2 sonobi.com
sync.go.sonobi.com
1 KB
2 id5-sync.com
id5-sync.com
3 KB
2 whiteboxdigital.ru
mitdmp.whiteboxdigital.ru
e4a0d02b-0984-4d99-85c4-cbdbc56f9ab8.mitdmp.whiteboxdigital.ru
2 KB
2 adsniper.ru
sync3.adsniper.ru
1 KB
2 adhigh.net
px.adhigh.net
746 B
2 mradx.net
r.mradx.net
113 KB
2 2mdn.net
gcdn.2mdn.net
r3---sn-4g5lznes.c.2mdn.net
2 MB
2 seedr.com
stats.seedr.com
2 KB
2 semasio.net
uipglob.semasio.net
1 KB
2 fiftyt.com
visitor.fiftyt.com
1 KB
2 360yield.com
ice.360yield.com
672 B
2 tapad.com
pandg.tapad.com
pixel.tapad.com
1 KB
2 ravenjs.com
cdn.ravenjs.com
19 KB
2 dmxleo.com
public-prod-dspcookiematching.dmxleo.com
305 B
2 feedad.com
tags.feedad.com
api.feedad.com
626 B
2 digitaltarget.ru
dmg.digitaltarget.ru
1 KB
2 aralego.com
ads.aralego.com
1 KB
2 simpli.fi
um.simpli.fi
1 KB
2 taboola.com
trc.taboola.com
match.taboola.com
653 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 de17a.com
d5p.de17a.com
637 B
2 4dex.io
script.4dex.io
22 KB
2 facebook.net
connect.facebook.net
68 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com
1016 B
1 advangelists.com
nep.advangelists.com
233 B
1 adotmob.com
sync.adotmob.com
689 B
1 sharethrough.com
match.sharethrough.com
241 B
1 googlesyndication.com
ade.googlesyndication.com
515 B
1 indexww.com
js-sec.indexww.com
1 KB
1 smartstream.tv
ads.smartstream.tv
823 B
1 mookie1.com
odr.mookie1.com
324 B
1 weborama.fr
rd.frontend.weborama.fr
383 B
1 buzzoola.com
exchange.buzzoola.com
176 B
1 hybrid.ai
dm.hybrid.ai
238 B
1 ipredictive.com
sync.ipredictive.com
522 B
1 zeotap.com
mwzeom.zeotap.com
455 B
1 stackadapt.com
sync.srv.stackadapt.com
649 B
1 bnmla.com
match.bnmla.com
114 B
1 w55c.net
pm.w55c.net
904 B
1 playreplay.net
playreplay.net
332 B
1 thesame.tv
thesame.tv
332 B
1 playreplay.me
playreplay.me
332 B
1 pghub.io
pghub.io
2 KB
1 gumgum.com
rtb.gumgum.com
336 B
1 playground.xyz
ads.playground.xyz
489 B
1 bidtheatre.com
match.adsby.bidtheatre.com Failed
493 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 quantserve.com
pixel.quantserve.com
542 B
1 deepintent.com
match.deepintent.com
44 B
1 ad4m.at
ad4m.at
974 B
1 erne.co
green.erne.co
327 B
1 adgrx.com
cm.adgrx.com
408 B
1 rfihub.com
p.rfihub.com
784 B
1 loopme.me
csync.loopme.me
217 B
1 contextweb.com
bh.contextweb.com
488 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 connectad.io
i.connectad.io Failed
cdn.connectad.io
1 jsdelivr.net
cdn.jsdelivr.net
1 KB
1 facebook.com
www.facebook.com
313 B
1 googletagmanager.com
www.googletagmanager.com
36 KB
1 adsafeprotected.com
static.adsafeprotected.com
259 B
1 ask.fm
ask.fm
14 KB
0 betweendigital.com Failed
ads.betweendigital.com Failed
0 onaudience.com Failed
pixel.onaudience.com Failed
632 127
Domain Requested by
40 cs.lkqd.net ad.lkqd.net
39 ads.viralize.tv ask.fm
static.viralize.tv
cdn.ravenjs.com
35 t.lkqd.net ad.lkqd.net
28 ad.mail.ru moevideo.biz
r.mradx.net
20 d16vsmxl4d5tw1.cloudfront.net ask.fm
19 ads.adaptv.advertising.com 6 redirects ad.lkqd.net
18 c.bannerflow.net cdn.flashtalking.com
c.bannerflow.net
18 v.lkqd.net ad.lkqd.net
16 ad.lkqd.net ask.fm
ad.lkqd.net
15 simage2.pubmatic.com ads.pubmatic.com
15 adx.adform.net ad.lkqd.net
get.optad360.io
cdn.ravenjs.com
14 mc.yandex.com 2 redirects ask.fm
mc.yandex.ru
13 ib.adnxs.com 5 redirects get.optad360.io
acdn.adnxs.com
11 moevideo.biz ask.fm
moevideo.biz
10 sync.quantumdex.io get.optad360.io
sync.quantumdex.io
ssum-sec.casalemedia.com
ads.pubmatic.com
10 x.bidswitch.net 10 redirects
9 ad.turn.com 9 redirects
9 ads.stickyadstv.com 3 redirects ask.fm
cdn.ravenjs.com
ad.lkqd.net
cdn.stickyadstv.com
8 serving.stat-rock.com get.optad360.io
8 px.moatads.com eu.sportradarserving.com
8 image2.pubmatic.com 1 redirects ads.pubmatic.com
8 ads.pubmatic.com vpaid.pubmatic.com
ads.pubmatic.com
sync.quantumdex.io
8 cm.g.doubleclick.net
7 moe.video moevideo.biz
7 data.ad-score.com js.ad-score.com
7 c1.adform.net 5 redirects ads.pubmatic.com
6 ads-eu.v.ssp.yahoo.com
6 cdn01.nativeroll.tv moevideo.biz
cdn01.nativeroll.tv
6 vidoomy-d.openx.net 1 redirects ad.lkqd.net
6 prebid.a-mo.net get.optad360.io
6 vpaid.pubmatic.com ad.lkqd.net
cdn.ravenjs.com
static.viralize.tv
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
moevideo.biz
cdn01.nativeroll.tv
6 match.adsrvr.org 5 redirects ssum-sec.casalemedia.com
6 sync.1rx.io 5 redirects sync.quantumdex.io
6 d3r6ceqp4shltl.cloudfront.net ask.fm
d3r6ceqp4shltl.cloudfront.net
5 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
5 cs-0.moevideo.biz moevideo.biz
5 yastatic.net an.yandex.ru
5 an.yandex.ru ask.fm
an.yandex.ru
5 eu.sportradarserving.com 1 redirects ced-ns.sascdn.com
eu.sportradarserving.com
5 ad.adriver.ru ask.fm
content.adriver.ru
5 onetag-sys.com get.optad360.io
sync.quantumdex.io
5 dbq8hrmshvuto.cloudfront.net ask.fm
4 statsb.nativeroll.tv cdn01.nativeroll.tv
4 cdn02.nativeroll.tv cdn01.nativeroll.tv
4 am-0.moevideo.biz moevideo.biz
4 polyfill.io static.viralize.tv
ask.fm
4 www8.smartadserver.com ask.fm
cdn.ravenjs.com
4 static.viralize.tv ask.fm
static.viralize.tv
4 ups.analytics.yahoo.com 4 redirects
4 match.prod.bidr.io 4 redirects
4 cdn.viadata.store ask.fm
cdn.viadata.store
4 search.spotxchange.com ad.lkqd.net
cdn.ravenjs.com
3 ssum-sec.casalemedia.com js-sec.indexww.com
sync.quantumdex.io
ssum-sec.casalemedia.com
3 www.tns-counter.ru 1 redirects moevideo.biz
3 pixel.advertising.com 3 redirects
3 ap.lijit.com 3 redirects
3 cm.adsafety.net 2 redirects
3 dx.frontend.weborama.com 2 redirects
3 sync.bumlam.com 2 redirects
3 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
3 d9.flashtalking.com cdn.flashtalking.com
d9.flashtalking.com
eu.sportradarserving.com
3 aktrack.pubmatic.com
3 vid.pubmatic.com vpaid.pubmatic.com
3 cm.adform.net 1 redirects
3 adx.com.ru 1 redirects ask.fm
3 rtb-msk-2.viadata.store ask.fm
3 secure.adnxs.com 1 redirects cdn.ravenjs.com
3 sync-tm.everesttech.net 2 redirects ssum-sec.casalemedia.com
3 sync.mathtag.com 3 redirects
3 image6.pubmatic.com ads.pubmatic.com
3 logs.viadata.store
3 a.vidoomy.com ask.fm
3 pixel-sync.sitescout.com 3 redirects
3 colossalcoat.com ask.fm
colossalcoat.com
2 pub-eu.p.otm-r.com moevideo.biz
2 a.audrte.com 1 redirects ads.pubmatic.com
2 login.vk.com vk.com
2 sync.go.sonobi.com sync.quantumdex.io
2 id5-sync.com 1 redirects sync.quantumdex.io
2 vk.com ad.mail.ru
2 ssum.casalemedia.com 2 redirects
2 acdn.adnxs.com get.optad360.io
2 sm.rtb.mts.ru 2 redirects
2 sync.upravel.com 2 redirects
2 sync3.adsniper.ru 2 redirects
2 px.adhigh.net 1 redirects
2 r.mradx.net ad.mail.ru
2 stats.seedr.com moevideo.biz
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 visitor.fiftyt.com 2 redirects
2 content.adriver.ru moevideo.biz
2 viralize-d.openx.net cdn.ravenjs.com
2 creatives.sascdn.com
2 cdn.stickyadstv.com static.viralize.tv
cdn.stickyadstv.com
2 s.richaudience.com cdn.ravenjs.com
2 ice.360yield.com cdn.ravenjs.com
2 imasdk.googleapis.com static.viralize.tv
2 ajax.googleapis.com static.viralize.tv
2 cdn.ravenjs.com static.viralize.tv
2 loadus.exelator.com 1 redirects
2 secure.flashtalking.com eu.sportradarserving.com
2 servedby.flashtalking.com eu.sportradarserving.com
2 public-prod-dspcookiematching.dmxleo.com 1 redirects eu.sportradarserving.com
2 dmg.digitaltarget.ru 1 redirects
2 ads.aralego.com ask.fm
2 clientside-video-bidder.rutarget.ru ask.fm
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 image4.pubmatic.com ads.pubmatic.com
2 rtb-csync.smartadserver.com ads.pubmatic.com
ask.fm
2 d5p.de17a.com 2 redirects
2 pl.viadata.store ask.fm
2 mug.criteo.com
2 script.4dex.io get.optad360.io
script.4dex.io
2 gum.criteo.com 1 redirects
2 viadata.store d3r6ceqp4shltl.cloudfront.net
ask.fm
2 get.optad360.io d3r6ceqp4shltl.cloudfront.net
get.optad360.io
2 connect.facebook.net d3r6ceqp4shltl.cloudfront.net
connect.facebook.net
2 sync.targeting.unrulymedia.com 2 redirects
2 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
2 mc.yandex.ru 1 redirects d3r6ceqp4shltl.cloudfront.net
1 nep.advangelists.com 1 redirects
1 sync.adotmob.com 1 redirects
1 ms.quantumdex.io 1 redirects
1 match.sharethrough.com 1 redirects
1 ade.googlesyndication.com
1 cdn.connectad.io get.optad360.io
1 js-sec.indexww.com get.optad360.io
1 tags.adsafety.net 1 redirects
1 ads.smartstream.tv 1 redirects
1 googleads.g.doubleclick.net 1 redirects
1 googleads4.g.doubleclick.net
1 odr.mookie1.com
1 rd.frontend.weborama.fr 1 redirects
1 rtb.com.ru
1 sync.dmp.otm-r.com
1 tech.rtb.mts.ru 1 redirects
1 9a7eb090-76c1-4547-a6f7-d6139ca6932c.sync.upravel.com 1 redirects
1 exchange.buzzoola.com 1 redirects
1 e4a0d02b-0984-4d99-85c4-cbdbc56f9ab8.mitdmp.whiteboxdigital.ru 1 redirects
1 mitdmp.whiteboxdigital.ru 1 redirects
1 dm.hybrid.ai
1 moevideo-sync.rutarget.ru 1 redirects
1 r3---sn-4g5lznes.c.2mdn.net
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net serving.stat-rock.com
1 sync.ipredictive.com 1 redirects
1 loadm.exelator.com ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 aud.pubmatic.com ads.pubmatic.com
1 sync.srv.stackadapt.com 1 redirects
1 match.bnmla.com ads.pubmatic.com
1 pm.w55c.net 1 redirects
1 playreplay.net moevideo.biz
1 thesame.tv moevideo.biz
1 playreplay.me moevideo.biz
1 pixel.tapad.com pandg.tapad.com
1 pandg.tapad.com pghub.io
1 pghub.io ask.fm
1 sync.richaudience.com ask.fm
1 z.moatads.com cdn.flashtalking.com
1 js.ad-score.com cdn.flashtalking.com
1 cdn.flashtalking.com servedby.flashtalking.com
1 api.feedad.com eu.sportradarserving.com
1 tags.feedad.com eu.sportradarserving.com
1 a.sportradarserving.com 1 redirects
1 aws-fr-sync.bidswitch.net 1 redirects
1 itx4.smartadserver.com ask.fm
1 apps.sascdn.com ced-ns.sascdn.com
1 ced-ns.sascdn.com ask.fm
1 sync.search.spotxchange.com
1 rtb.gumgum.com 1 redirects
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com ads.pubmatic.com
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 pixel.quantserve.com 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 ad4m.at ads.pubmatic.com
1 green.erne.co 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 p.rfihub.com 1 redirects
1 csync.loopme.me 1 redirects
1 bh.contextweb.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 htlb.casalemedia.com get.optad360.io
1 prg.smartadserver.com get.optad360.io
1 cdn.jsdelivr.net get.optad360.io
1 stats.g.doubleclick.net www.google-analytics.com
1 www.facebook.com
1 cmp.optad360.io d3r6ceqp4shltl.cloudfront.net
1 www.googletagmanager.com d3r6ceqp4shltl.cloudfront.net
1 static.adsafeprotected.com ask.fm
1 ads.vidoomy.com ask.fm
1 ask.fm
0 ads.betweendigital.com Failed
0 pixel.onaudience.com Failed ads.pubmatic.com
0 useast.quantumdex.io Failed get.optad360.io
0 i.connectad.io Failed get.optad360.io
632 203

This site contains links to these domains. Also see Links.

Domain
about.ask.fm
safety.ask.fm
support.ask.fm
www.facebook.com
instagram.com
twitter.com
vk.com
Subject Issuer Validity Valid
*.ask.fm
AlphaSSL CA - SHA256 - G2		 2020-07-30 -
2021-09-27		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2021-08-06 -
2022-09-05		 a year crt.sh
colossalcoat.com
R3		 2021-07-13 -
2021-10-11		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2021-07-28 -
2022-01-07		 5 months crt.sh
static.adsafeprotected.com
Amazon		 2021-01-06 -
2022-02-04		 a year crt.sh
ad.lkqd.net
R3		 2021-07-25 -
2021-10-23		 3 months crt.sh
ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-11-17		 a year crt.sh
*.lkqd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-09 -
2022-07-14		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-20 -
2021-10-18		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.optad360.io
Amazon		 2020-12-17 -
2022-01-15		 a year crt.sh
*.viadata.store
Sectigo RSA Domain Validation Secure Server CA		 2020-11-17 -
2021-11-27		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2021-03-10 -
2022-03-29		 a year crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-05-24 -
2021-11-17		 6 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-30 -
2022-06-01		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-08 -
2022-07-07		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.a-mo.net
R3		 2021-07-16 -
2021-10-14		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
onetag-sys.com
R3		 2021-07-26 -
2021-10-24		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.pbp.bf2.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-18 -
2021-11-17		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.rutarget.ru
Thawte RSA CA 2018		 2021-05-17 -
2022-06-17		 a year crt.sh
*.adriver.ru
RapidSSL RSA CA 2018		 2020-04-03 -
2022-04-24		 2 years crt.sh
*.viralize.tv
Sectigo RSA Domain Validation Secure Server CA		 2019-10-21 -
2021-11-18		 2 years crt.sh
*.moevideo.biz
AlphaSSL CA - SHA256 - G2		 2021-04-27 -
2022-05-29		 a year crt.sh
*.adx.com.ru
Sectigo RSA Domain Validation Secure Server CA		 2021-05-04 -
2022-05-04		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-23 -
2021-11-21		 2 years crt.sh
dmg.digitaltarget.ru
R3		 2021-08-17 -
2021-11-15		 3 months crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2021-04-08 -
2022-05-09		 a year crt.sh
*.sascdn.com
DigiCert Secure Site ECC CA-1		 2020-10-14 -
2021-11-11		 a year crt.sh
*.sportradarserving.com
Entrust Certification Authority - L1K		 2020-10-15 -
2021-10-15		 a year crt.sh
tags.feedad.com
GTS CA 1D4		 2021-08-29 -
2021-11-27		 3 months crt.sh
dspcookiematching.dmxleo.com
ZeroSSL RSA Domain Secure Site CA		 2021-08-27 -
2021-11-25		 3 months crt.sh
api.feedad.com
GTS CA 1D4		 2021-07-22 -
2021-10-20		 3 months crt.sh
servedby.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-04 -
2022-02-22		 a year crt.sh
cdn.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-03 -
2022-02-23		 a year crt.sh
bs.yandex.ru
Yandex CA		 2021-05-31 -
2021-11-29		 6 months crt.sh
tag.device9.com
Go Daddy Secure Certificate Authority - G2		 2021-07-19 -
2022-08-20		 a year crt.sh
*.ad-score.com
Go Daddy Secure Certificate Authority - G2		 2020-09-02 -
2021-10-04		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-01-21 -
2022-01-25		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-17 -
2022-03-16		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-02 -
2022-06-07		 a year crt.sh
*.pghub.io
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-09 -
2022-02-16		 a year crt.sh
cdn.ravenjs.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-02-22 -
2022-03-26		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-23 -
2021-11-15		 3 months crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2020		 2021-06-04 -
2022-07-06		 a year crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA		 2020-10-05 -
2021-11-06		 a year crt.sh
*.yastatic.net
Yandex CA		 2021-08-18 -
2022-02-16		 6 months crt.sh
*.360yield.com
Amazon		 2021-07-28 -
2022-08-26		 a year crt.sh
*.playreplay.me
AlphaSSL CA - SHA256 - G2		 2021-02-11 -
2022-03-15		 a year crt.sh
*.thesame.tv
AlphaSSL CA - SHA256 - G2		 2021-06-09 -
2022-07-11		 a year crt.sh
*.playreplay.net
AlphaSSL CA - SHA256 - G2		 2020-10-01 -
2021-11-02		 a year crt.sh
*.stickyadstv.com
DigiCert SHA2 High Assurance Server CA		 2019-11-25 -
2022-02-18		 2 years crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
*.moe.video
AlphaSSL CA - SHA256 - G2		 2021-01-15 -
2022-02-16		 a year crt.sh
serving.stat-rock.com
R3		 2021-08-22 -
2021-11-20		 3 months crt.sh
*.mail.ru
GeoTrust ECC CA 2018		 2020-11-13 -
2021-11-17		 a year crt.sh
*.bnmla.com
Go Daddy Secure Certificate Authority - G2		 2021-01-06 -
2022-02-07		 a year crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-09 -
2022-04-10		 a year crt.sh
stats.seedr.ru
R3		 2021-08-23 -
2021-11-21		 3 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2021-08-17 -
2021-10-26		 2 months crt.sh
*.mradx.net
GeoTrust RSA CA 2018		 2021-07-23 -
2022-08-16		 a year crt.sh
cdn01.nativeroll.tv
R3		 2021-09-01 -
2021-11-30		 3 months crt.sh
*.hybrid.ai
Sectigo RSA Domain Validation Secure Server CA		 2020-07-07 -
2022-10-05		 2 years crt.sh
ltmse.com
R3		 2021-07-30 -
2021-10-28		 3 months crt.sh
*.bumlam.com
R3		 2021-07-01 -
2021-09-29		 3 months crt.sh
sync.dmp.otm-r.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-18 -
2022-06-18		 a year crt.sh
rtb.com.ru
Sectigo RSA Domain Validation Secure Server CA		 2021-03-01 -
2022-03-07		 a year crt.sh
*.frontend.weborama.com
Go Daddy Secure Certificate Authority - G2		 2019-08-29 -
2021-10-27		 2 years crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-28 -
2022-06-15		 a year crt.sh
*.adsafety.net
R3		 2021-07-12 -
2021-10-10		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2021-05-16 -
2022-05-15		 a year crt.sh
cdn02.nativeroll.tv
R3		 2021-09-04 -
2021-12-03		 3 months crt.sh
*.tns-counter.ru
GlobalSign ECC OV SSL CA 2018		 2020-11-10 -
2021-12-12		 a year crt.sh
*.vk.com
GlobalSign Organization Validation CA - SHA256 - G2		 2020-06-09 -
2022-06-10		 2 years crt.sh
*.id5-sync.com
R3		 2021-07-13 -
2021-10-11		 3 months crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
statsb.nativeroll.tv
R3		 2021-08-05 -
2021-11-03		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.audrte.com
Amazon		 2021-01-26 -
2022-02-24		 a year crt.sh
*.p.otm-r.com
Sectigo RSA Domain Validation Secure Server CA		 2020-01-27 -
2022-02-06		 2 years crt.sh

This page contains 95 frames:

Primary Page: https://ask.fm/spadebook33
Frame ID: B5109F82B7EC1A4EA096D97461C063C5
Requests: 180 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: CE53236CEFC977FFA99F1B19C0B291FB
Requests: 7 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 6116B7257ECBABEE47141378D39107A3
Requests: 2 HTTP requests in this frame

Frame: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Frame ID: 9460DA523CC579DFBD1204D91510FFE9
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 02A7BB745911C0971987C224F24CC245
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 2A3DEC6185CE492DE55A1893DEF3962F
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 13EED356D4442653F27C09EDA9CA64D3
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 335572BD62956E52AED16199102551CC
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: A43BAD7C5EA9D9809AB84EB12B360DB4
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 501C2A64D3E17AE73774B0463935ADC9
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: E4831AEC7904E57B8E14C80B70500DDD
Requests: 4 HTTP requests in this frame

Frame: https://cdn.viadata.store/js/player/210830.js
Frame ID: 57AEC57B90B5E00AF52E2903445CA4AD
Requests: 22 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fspadebook33&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C20268939301771083074143345888%2C%2C
Frame ID: BE3383E81CB83E1C03828CD8D5320034
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 14529BB8DDA805A7A4446FCD2B2D037C
Requests: 23 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=99B50716-645B-4619-885E-FF6900806EF8
Frame ID: 660D35C40840D5DCE5F9F605D655F96F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9109962894328357128
Frame ID: F54D5AD6560F4B378FFC07491E87FD64
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: B4CC3900963E27310641D9E20625887F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7006098674996082839
Frame ID: 8AE5786A0F40110D7D58766B1831F7DD
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABtN07CdVMAABREzLmq8A&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Frame ID: FD83C99CDA89762FE3B66846CB325D8B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 7E82B2DEF2520D47DB8F63C4CCD0BC39
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b002ce4b-af79-4b56-b8be-e8737ddf4673-003
Frame ID: 49D9601BDEE359A43D58B80CB569D96D
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: DCAA83149AD7084F01D7BDCD1089BB60
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=mP6c8yWZTjRovg8LPKj3XdLp
Frame ID: 5107D734ED41A4921B5EDB2A595320ED
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: E27F646A8457EDF92FBB1125DD248BB3
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 3016A48DE0288C5CE63D5C41E7A3CEA9
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=222df056-1e86-4e45-92cb-a33e42b109cf-tuct8342f20&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 97A6ECCAFC19A4C40D277DD0183047B1
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 67252ACF99BDBCBBB3FE263656C8DB0A
Requests: 1 HTTP requests in this frame

Frame: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Frame ID: 36A94DA093A820FFA739C5B479451F37
Requests: 2 HTTP requests in this frame

Frame: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22453563092062709631%22%2c%22adomain%22%3a%22betway.de%22%2c%22page%22%3a%221438277%22%2c%22format%22%3a%2289189%22%2c%22crid%22%3a%22409_19636%22%2c%22dsp%22%3a%2231%22%2c%22buyer%22%3a%22137327%22%2c%22cid%22%3a%221347%22%2c%22adid%22%3a%22409_19636%22%2c%22hash%22%3a%22-3175275454855945423%22%7d
Frame ID: AAB676BEF568F8DB75C543E5DC37A333
Requests: 1 HTTP requests in this frame

Frame: https://eu.sportradarserving.com/ul_cb/content/prUAFVTiRfGELjzXPvVd1nm_NJ9lJY-Qji31nqAANQvuKfhg9qR-BWo6retaFCxiS2PosVvayCLeO0JcX0T9XyCWOcDhGZontQwJg8Uq2K0xcBmgxYT61m7MSItrCpS8f4gAFq-2aVtvd-ArJ0-w7VCMWf85dxGQhlEeRPy5LkHb7WytMPCie5ztcSOw43Crpcp4e5bUG_yzQChlWPCIsSM1wBgvfmqahrOJMlMty7r26MYf1HG4aWbxBrXd4YE3Qvmt-rPZtTQcU2vgtPYxgO6_D8wmW_tjbQDd2g-3LihdMcITlVCVvub4m_SB40WdfmsKgXUKZ_rmSFCICAG3rBxoyTtRyy91IxOa5Vgg7EB5LkqaYk7t2RmW51AoDM1126lvB7x0Ckhdw9i8EMTC5TjLDrZ-dGvnfaByy6_tmYVndEeSLNO4nH1_DTZH5YsMEfGUhFRZwsZ-HuBNfR1UUO4O2EmCjrg1amSdCrSUCtZd_aeT0YMwnJm3Yp9PRWc6MryymkS0ZuBxvKAcjRIMNiUsUjUztP5Nuk3yZUTEMLwOzul6SIiqc1g2eUhWjU1VhBj59xC3bMndphkEmYOCHhGx1Bh17D0mQDJkFHS71msjDsZwXadQPntGh-eMPoCaxPLG5IiViFJDYn1GTwoh85SWwQdSjuiAWboONERjJLlVSDfv6_yBT-udS1B4_pE8hRDkVkx-bU-mfIW4XBfqidoqWApL6LO7eNyFOTlzrWHy3VzEtY1bj9-Ge2Jwsv1CrwVTRxpH0BBBIyt1yAYqTOUYYom8xlFWHYhJXaLCoPYdUDnryTRMRQI0T2BRev9GCaU7ScH_y7LwfHgBnaYpfGJ4h1dyZ48AbbOels5po8s9FkeqF_FbJWqSlNw78QI0rHhsy1JTIAv845tcKsgB0bRaHTNixfuFsNw0Gj4iee29Ooz2Zba51M0jJE6d5P744mPDe5hKvzbtGgYXljZc3Jn9sjY2MCLogil7hCDWLY23J7qwpiAmkODAqcqEyMhd2Fi2_VyacMSijjBLYeI7S7-096N1svS0WEpOixPA0Teg1AQIevwY76fddz9YLWmgrvVqCXbgpxAWNZkY3mSgoDUK6pgZkX3XwtF1GlsltCM-m_5AtneaCEqMIvF6bGWhFI7t42Dyf2_9/
Frame ID: 163E7DFBEB71DBF2EC058E84DE68193E
Requests: 35 HTTP requests in this frame

Frame: https://itx4.smartadserver.com/h/aip?uii=453563092062721022&tmstp=3651565068&ckid=4680613590851676424&pubid=18&systgt=%24qc%3d1311284246%3b%24ql%3dUnknown%3b%24qpc%3d60311%3b%24qt%3d25_1045_42811t%3b%24dma%3d0%3b%24b%3d16890%3b%24o%3d11100&acd=1631234464041&envtype=0&opid=71319850-d663-4554-b53d-84a3f446b4dc&opdt=1631234464040&siteid=259837&tgt=%24dt%3d1t&gdpr=0&visit=S&statid=3&imptype=0&pgDomain=https%3a%2f%2fask.fm%2fspadebook33&cappid=4680613590851676424&capp=1&mcrdbt=1&insid=10104881&imgid=0&pgid=1438277&fmtid=89189&isLazy=0&rtb=1&rtbnid=2079&rtbbid=453563092062709631&rtbh=0d280d76a75038fca6f8d83b169fc16e858a325d&rtblt=637668312640431845&rtbet=0&rtbptnid=31&cftgid=7c452d5c7363
Frame ID: A8631D3D4FFE160AE18FD6A02CCD6D35
Requests: 2 HTTP requests in this frame

Frame: https://moevideo.biz/embed/player/1707/vpaid/vpaid.min.js
Frame ID: 88826FE8C239EF3EA8CE522B3EA0A6C5
Requests: 1 HTTP requests in this frame

Frame: https://static.viralize.tv/viralize_vpaid.min.9026482f.js?e=ops
Frame ID: 9DD3D19DDA09D69F4D7F58C6663454E6
Requests: 2 HTTP requests in this frame

Frame: https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc57&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602466%3B3529837%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Frame ID: C50E1BEC7EC8D1F32AC844C81F427D08
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ravenjs.com/3.17.0/raven.min.js
Frame ID: 5D215F48D4A89867D177DB66E3DCC248
Requests: 35 HTTP requests in this frame

Frame: https://pandg.tapad.com/tag?gdpr=0&gdpr_consent=&referrer_url=&page_url=https%3A%2F%2Fask.fm%2Fspadebook33&owner=P%26G&bp_id=showheroes&data=%7B%7D
Frame ID: 91AD619DEBDB9F045C7C05F06B529F87
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: D707D265EBE6802493071F5E873E7C28
Requests: 1 HTTP requests in this frame

Frame: https://moevideo.biz/embed/vpaid?token=BgKKYfpisL2DMd60%2Brsy9hRFCVVeHrUxvTQR747gOTh62fsQrHV4Nibe3I84mXOk&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fspadebook33&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
Frame ID: 87C789E03A7B0E0C592811ACE76919EF
Requests: 42 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: AE7A3A4C51FD4D81A423B8F8DB66EFEB
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 217CC1E5F4D693C4440F10640C1D5A04
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 07668D7442C98826D96319841C1FBBFA
Requests: 3 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 91888864E33D2022B26EE7829EE9A34B
Requests: 4 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: F09E5D82CA8E68771943F64013766F8C
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1631234465
Frame ID: CFE04584321F8D1A2EF2ECAF6D22F92E
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 4823A690F00A5B03AAA50C4A91A969A8
Requests: 7 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: BCA70D31610421D2B71D47F0CD9FD1CA
Requests: 1 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: EEBFD047F3097DECD59402B6C8EC38DB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:kVIHXRy11MouBk5&gdpr=0&gdpr_consent=
Frame ID: 9DF7C3EC42FC130E4E38480C710DAE90
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: 4D88CEE6C83F7F5BFADC8E459CB0BB92
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:762AF14F632641BB920CDABAF016FA99
Frame ID: 8B159F84E292F0ADEEF7F71C0FE5BC7D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VcaibnwWRb5BtkCfnIBbYMIkbBM
Frame ID: 9CB86A72D56320C63A3FB40649C4B610
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 7775753C5D1DBAAAFFF986A1E86BD35E
Requests: 2 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetway%2F581701278d987c10bca61aed%2Fimages%2Fe56741f2-e1b9-4438-b2ab-ed263b2e70c2.png&w=104&h=90&q=90&f=webp&rt=contain
Frame ID: A0DFEC0DB9E7E9B40D9B203FA2F271D4
Requests: 4 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetway%2F581701278d987c10bca61aed%2Fimages%2Ffa473745-880c-42d3-9470-5aed7b5ae848.png&w=136&h=135&q=90&f=webp&rt=contain
Frame ID: A10F4F1A6D4355A70D47DC9C1336EBE5
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 9D1BC818111CF92C68ABF738AFFA87F7
Requests: 6 HTTP requests in this frame

Frame: https://cdn01.nativeroll.tv/js/nr-vpaid.min.js
Frame ID: D60E6D1D635B9D7194D1ECF6B41557B7
Requests: 2 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: BE5FD5E72804DD7EF71483EAECE76025
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: E688E9D2609A35096D226D13A1725B59
Requests: 3 HTTP requests in this frame

Frame: https://cdn01.nativeroll.tv/js/nr-player.min.js
Frame ID: 0FE6FB4B8A9600610C07CC30EBF47FE9
Requests: 5 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1631234466945
Frame ID: 8FBE8082B6E001995C1DC4462BE8DBE8
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1631234464029
Frame ID: F14A4B326AEA15D8E97C987FEABCD0F1
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: 6CE54A928B60174C5810DA394528C1A2
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 560AAE5E227A6BF241D4E863109308AC
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7F9CB73AC887AC9DC25E3F16846A1296
Requests: 3 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 982A022F99F4568BCF0903DA0A40EF79
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 11E8BD9F54AA0041DEE7E26C6F2DDE4D
Requests: 3 HTTP requests in this frame

Frame: https://cdn01.nativeroll.tv/js/nr-box.html?origin=https%3A%2F%2Fmoevideo.biz
Frame ID: 40798A016BF689C652766B0C513E89BF
Requests: 1 HTTP requests in this frame

Frame: https://ad.mail.ru/dist/vkAuth.html
Frame ID: 6723998834F0D492B5755F9292392CFA
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: B96B6432C87F1F25428D035116D9E975
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: DACFC0CB611579853E75F347BD5C409E
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 618F0B0EB5A19BBA2875BF0473646F9E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: DF640EC4416CF494E4B03456959863FC
Requests: 3 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 48056AF402EF607484B574BAAEFF92EF
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=99B50716-645B-4619-885E-FF6900806EF8
Frame ID: 6655E8AE42D1EABCAFB60B7C827FAA14
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 671328AEB3AB0E911D9178E987627E2A
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 997B903E024D30DB93B2852B99396707
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: C0B30A201000E1E081B0F03889384906
Requests: 3 HTTP requests in this frame

Frame: https://static.viralize.tv/viralize_vpaid.min.9026482f.js?e=ops
Frame ID: 1A6E6FDBCDE7048C19D486488A2DE671
Requests: 2 HTTP requests in this frame

Frame: https://moevideo.biz/embed/player/1707/vpaid/vpaid.min.js
Frame ID: 354369B912CABE1F49250DF37A095711
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ravenjs.com/3.17.0/raven.min.js
Frame ID: CC29F9A8848D3647D62D229A0E87AB73
Requests: 34 HTTP requests in this frame

Frame: https://moevideo.biz/embed/vpaid?token=DEedjxUig%2B%2FUWO6k%2BzfPmh3cagbfs7JrKQXhaTLZds1%2BtRWIJIzFJsiDhG7LKxR1&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fspadebook33&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
Frame ID: FE4184E15E42059C9E75D368887E49AE
Requests: 24 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: 0BDFCA360DC660E215E9872F9B43CC93
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1631234470
Frame ID: 86A386C84A24209D004E28BE9A231A19
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 5B69F5BA317ECCCACA07838B0EA37FCA
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: A8246EFF0D7143DF4AC807B19E7A9EED
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: A945156B0BEB9E5472337F94CEC6C7D0
Requests: 6 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: 718FF9DC4C4EF836926BEFC901AED488
Requests: 1 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: A14DA09C24AA3953AF5D12181EC7E663
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: F0F775B9EDE4A920D989E300C5EEB974
Requests: 3 HTTP requests in this frame

Frame: https://ad.mail.ru/dist/vkAuth.html
Frame ID: F3AE50C986F73964383759F6FF58D146
Requests: 3 HTTP requests in this frame

Frame: https://cdn01.nativeroll.tv/js/nr-vpaid.min.js
Frame ID: 2A084621B75119A38D935587FAD1726D
Requests: 2 HTTP requests in this frame

Frame: https://cdn01.nativeroll.tv/js/nr-player.min.js
Frame ID: 5F42B11DBEECC5E7A3DFBBD60A689169
Requests: 5 HTTP requests in this frame

Frame: https://cdn01.nativeroll.tv/js/nr-box.html?origin=https%3A%2F%2Fmoevideo.biz
Frame ID: BAAB8E5F9FDEBA2158E9020790BE81B8
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 08DEB660AC45E4C8E9D66EC35D7D5F94
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 783070BAFCEC24B48B04B70F3EA3C76D
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Account Suspended - Ask.fm

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:adriver\.core\.\d\.js|https?://(?:content|ad|masterh\d)\.adriver\.ru/)
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

632
Requests

98 %
HTTPS

24 %
IPv6

127
Domains

203
Subdomains

143
IPs

15
Countries

8319 kB
Transfer

18219 kB
Size

185
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9391.NM65Bs-3msUgJU-uiXjf7yD_8xZBr2y9KBTeGXYQFNyZZ602rEbjE7yaWrfUdpB6.7U0Ffw1PECbwOUvZYI3ivaKXAgM%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9391.Zo-KRg9SWL_yMuCCJBfiqtCbd7Z8CdybswGRPpnCYBL0b_bMU6x1BJYDQk5KpH5Rh1nf3yM72NIaOowA45wsNg%2C%2C.oA2cVtk4r22REC70R-F1tNB-Mqg%2C
Request Chain 39
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Request Chain 40
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=87665474.071598751445641611.9769384 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=87665474.071598751445641611.9769384 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=vidoomy&ssp_user_id=fdbbf0d3-14c9-4e18-beb2-1f263514daae HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=181398446&expires=5&ssp=vidoomy HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=fdbbf0d3-14c9-4e18-beb2-1f263514daae
Request Chain 41
  • https://sync.1rx.io/usersync2/vidoomy?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4250804550 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4250804550 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/be919faa-1a75-4dee-97fe-3f0e168429c9 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b002ce4b-af79-4b56-b8be-e8737ddf4673-003?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3DRX-b002ce4b-af79-4b56-b8be-e8737ddf4673-003 HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=RX-b002ce4b-af79-4b56-b8be-e8737ddf4673-003
Request Chain 51
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8632571902530157938
Request Chain 56
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8416399120416374130
Request Chain 57
  • https://mc.yandex.com/watch/48953915?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fspadebook33&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A785%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A420019176269%3Ahid%3A511849672%3Az%3A0%3Ai%3A202109010004102%3Aet%3A1631234463%3Ac%3A1%3Arn%3A376985905%3Arqn%3A1%3Au%3A1631234463427757091%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1631234461948%3Ads%3A20%2C296%2C151%2C1%2C0%2C0%2C%2C179%2C4%2C%2C%2C%2C731%3Adsn%3A20%2C295%2C152%2C1%2C0%2C0%2C%2C262%2C4%2C%2C%2C%2C731%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1631234463%3At%3AAccount%20Suspended%20-%20Ask.fm HTTP 302
  • https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fspadebook33&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A785%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A420019176269%3Ahid%3A511849672%3Az%3A0%3Ai%3A202109010004102%3Aet%3A1631234463%3Ac%3A1%3Arn%3A376985905%3Arqn%3A1%3Au%3A1631234463427757091%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1631234461948%3Ads%3A20%2C296%2C151%2C1%2C0%2C0%2C%2C179%2C4%2C%2C%2C%2C731%3Adsn%3A20%2C295%2C152%2C1%2C0%2C0%2C%2C262%2C4%2C%2C%2C%2C731%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1631234463%3At%3AAccount%20Suspended%20-%20Ask.fm
Request Chain 77
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8632571902530157938
Request Chain 88
  • https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fask.fm%2Fspadebook33&cb=1508583271&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C1771083074143345888660584968,, HTTP 302
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fask.fm%2Fspadebook33&cb=1508583271&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C1771083074143345888660584968,, HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjJjYmJlZjItYjRlOS02ZDM2LTU2MWEtZDc5MGZlOTFkZDZj
Request Chain 101
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=_Ehe8HxPa2tkbXJsR3pKTnNjNUlvY2h2SG94d2hLV1REUitMWGsrUGZnTW1scGRuOXYrbXg1VUsrblFzYnVwNDlqc2lpY0pyREVJeDI5WU80WlgwcW9YbHJwdGJIZFVaWkpndlcwaWZtLy93dU9LYUttNlJjTWd5SUJBUmc1dUxqMUtacEdSR0lLR1NaQzI4dHNLemI0VFRLWXRyakJnNmgzTXdHVXBaOG9LUWM4MmR5V0dFSXJUU1JubG9pQUo3dUdlVU9YVGdLMjlhWWNyd3R3ZTR2WVpRc21OMVc1b01sMzdXelUyRXlqVHFoUjdVPXw&cppv=2
Request Chain 113
  • https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fask.fm%2Fspadebook33&cb=1508583271&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C1771083074143345888660584968,, HTTP 302
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fask.fm%2Fspadebook33&cb=1508583271&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C1771083074143345888660584968,,
Request Chain 136
  • https://c1.adform.net/serving/cookie/match?party=14&cid=99B50716-645B-4619-885E-FF6900806EF8 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=99B50716-645B-4619-885E-FF6900806EF8
Request Chain 137
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9109962894328357128
Request Chain 139
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7006098674996082839
Request Chain 140
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCdE4wN0NkVk1BQUJSRXpMbXE4QQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABtN07CdVMAABREzLmq8A&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AABtN07CdVMAABREzLmq8A&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABtN07CdVMAABREzLmq8A&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Request Chain 141
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 142
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-b002ce4b-af79-4b56-b8be-e8737ddf4673-003&rndcb=2398106540 HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=adconductor HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=1871597498117090967&expires=30&ssp=adconductor HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/fdbbf0d3-14c9-4e18-beb2-1f263514daae?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b002ce4b-af79-4b56-b8be-e8737ddf4673-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-b002ce4b-af79-4b56-b8be-e8737ddf4673-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b002ce4b-af79-4b56-b8be-e8737ddf4673-003
Request Chain 144
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=mP6c8yWZTjRovg8LPKj3XdLp
Request Chain 146
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 147
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=222df056-1e86-4e45-92cb-a33e42b109cf-tuct8342f20&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 149
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mbUHFmRbRhmIXv9pAIBu-A%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 150
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c3a1613a-a9a0-4400-901c-beee312d150c
Request Chain 151
  • https://pixel.onaudience.com/?partner=214&mapped=99B50716-645B-4619-885E-FF6900806EF8 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=be919faa-1a75-4dee-97fe-3f0e168429c9&icm HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=40956236ede3ea41e75673ce27359298
Request Chain 152
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTlCNTA3MTYtNjQ1Qi00NjE5LTg4NUUtRkY2OTAwODA2RUY4&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 153
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENTIr-0_0qIBssK1GrxVwuA&google_cver=1
Request Chain 155
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5802539667209419446
Request Chain 156
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:ec47613a-a9a0-4400-88c3-4f3971a0b5d2&gdpr=0&gdpr_consent=
Request Chain 157
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=be919faa-1a75-4dee-97fe-3f0e168429c9
Request Chain 158
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8753280251054543738&gdpr=0&gdpr_consent=
Request Chain 159
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=99B50716-645B-4619-885E-FF6900806EF8&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-2QhM9SlE2uXevawqPSzVPuVyUmhhJ1Y-~A&gdpr=0&gdpr_consent=
Request Chain 161
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=wWHgSZZpshjaMeMdlmT-GZVl4UzaMuUYxGcZA9CR
Request Chain 162
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=pubmatic HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=2460156151415142363&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=fdbbf0d3-14c9-4e18-beb2-1f263514daae&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 163
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YTqpoAAAVIlJPAAT HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YTqpoAAAVIlJPAAT&gdpr=0&gdpr_consent=&_test=YTqpoAAAVIlJPAAT
Request Chain 164
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8632571902530157938&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 166
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 168
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8753280251054543738
Request Chain 169
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_41fcf18c-4708-488e-894a-d8c42b5365c8
Request Chain 175
  • https://adx.com.ru/viads-vast?vpaid=true&rolltype=outstream&referer=https%3A%2F%2Fask.fm%2Fspadebook33&uid=c2acdbca-6d63-4dcc-bef8-e53f751fb959&cbb=1234464826 HTTP 302
  • https://adx.com.ru/viads-vast?confirm=1&referer=https%3A%2F%2Fask.fm%2Fspadebook33&rolltype=content-roll&uid=c2acdbca-6d63-4dcc-bef8-e53f751fb959&vpaid=false
Request Chain 177
  • https://dmg.digitaltarget.ru/1/7205/i/i?a=945&e=c2acdbca-6d63-4dcc-bef8-e53f751fb959&i=1631234464 HTTP 307
  • https://dmg.digitaltarget.ru/awg/custom/7205/i/i?call_source=awg&a=945&e=c2acdbca-6d63-4dcc-bef8-e53f751fb959&i=1631234464
Request Chain 178
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Frtb-msk-2.viadata.store%2Ftools%2Fsync%3Fdsp%3D30%26uid%3D%24UID HTTP 303
  • https://rtb-msk-2.viadata.store/tools/sync?dsp=30&uid=2460156151415142363
Request Chain 184
  • https://eu.sportradarserving.com/content/prUAFVTiRfGELjzXPvVd1nm_NJ9lJY-Qji31nqAANQvuKfhg9qR-BWo6retaFCxiS2PosVvayCLeO0JcX0T9XyCWOcDhGZontQwJg8Uq2K0xcBmgxYT61m7MSItrCpS8f4gAFq-2aVtvd-ArJ0-w7VCMWf85dxGQhlEeRPy5LkHb7WytMPCie5ztcSOw43Crpcp4e5bUG_yzQChlWPCIsSM1wBgvfmqahrOJMlMty7r26MYf1HG4aWbxBrXd4YE3Qvmt-rPZtTQcU2vgtPYxgO6_D8wmW_tjbQDd2g-3LihdMcITlVCVvub4m_SB40WdfmsKgXUKZ_rmSFCICAG3rBxoyTtRyy91IxOa5Vgg7EB5LkqaYk7t2RmW51AoDM1126lvB7x0Ckhdw9i8EMTC5TjLDrZ-dGvnfaByy6_tmYVndEeSLNO4nH1_DTZH5YsMEfGUhFRZwsZ-HuBNfR1UUO4O2EmCjrg1amSdCrSUCtZd_aeT0YMwnJm3Yp9PRWc6MryymkS0ZuBxvKAcjRIMNiUsUjUztP5Nuk3yZUTEMLwOzul6SIiqc1g2eUhWjU1VhBj59xC3bMndphkEmYOCHhGx1Bh17D0mQDJkFHS71msjDsZwXadQPntGh-eMPoCaxPLG5IiViFJDYn1GTwoh85SWwQdSjuiAWboONERjJLlVSDfv6_yBT-udS1B4_pE8hRDkVkx-bU-mfIW4XBfqidoqWApL6LO7eNyFOTlzrWHy3VzEtY1bj9-Ge2Jwsv1CrwVTRxpH0BBBIyt1yAYqTOUYYom8xlFWHYhJXaLCoPYdUDnryTRMRQI0T2BRev9GCaU7ScH_y7LwfHgBnaYpfGJ4h1dyZ48AbbOels5po8s9FkeqF_FbJWqSlNw78QI0rHhsy1JTIAv845tcKsgB0bRaHTNixfuFsNw0Gj4iee29Ooz2Zba51M0jJE6d5P744mPDe5hKvzbtGgYXljZc3Jn9sjY2MCLogil7hCDWLY23J7qwpiAmkODAqcqEyMhd2Fi2_VyacMSijjBLYeI7S7-096N1svS0WEpOixPA0Teg1AQIevwY76fddz9YLWmgrvVqCXbgpxAWNZkY3mSgoDUK6pgZkX3XwtF1GlsltCM-m_5AtneaCEqMIvF6bGWhFI7t42Dyf2_9/ HTTP 302
  • https://eu.sportradarserving.com/ul_cb/content/prUAFVTiRfGELjzXPvVd1nm_NJ9lJY-Qji31nqAANQvuKfhg9qR-BWo6retaFCxiS2PosVvayCLeO0JcX0T9XyCWOcDhGZontQwJg8Uq2K0xcBmgxYT61m7MSItrCpS8f4gAFq-2aVtvd-ArJ0-w7VCMWf85dxGQhlEeRPy5LkHb7WytMPCie5ztcSOw43Crpcp4e5bUG_yzQChlWPCIsSM1wBgvfmqahrOJMlMty7r26MYf1HG4aWbxBrXd4YE3Qvmt-rPZtTQcU2vgtPYxgO6_D8wmW_tjbQDd2g-3LihdMcITlVCVvub4m_SB40WdfmsKgXUKZ_rmSFCICAG3rBxoyTtRyy91IxOa5Vgg7EB5LkqaYk7t2RmW51AoDM1126lvB7x0Ckhdw9i8EMTC5TjLDrZ-dGvnfaByy6_tmYVndEeSLNO4nH1_DTZH5YsMEfGUhFRZwsZ-HuBNfR1UUO4O2EmCjrg1amSdCrSUCtZd_aeT0YMwnJm3Yp9PRWc6MryymkS0ZuBxvKAcjRIMNiUsUjUztP5Nuk3yZUTEMLwOzul6SIiqc1g2eUhWjU1VhBj59xC3bMndphkEmYOCHhGx1Bh17D0mQDJkFHS71msjDsZwXadQPntGh-eMPoCaxPLG5IiViFJDYn1GTwoh85SWwQdSjuiAWboONERjJLlVSDfv6_yBT-udS1B4_pE8hRDkVkx-bU-mfIW4XBfqidoqWApL6LO7eNyFOTlzrWHy3VzEtY1bj9-Ge2Jwsv1CrwVTRxpH0BBBIyt1yAYqTOUYYom8xlFWHYhJXaLCoPYdUDnryTRMRQI0T2BRev9GCaU7ScH_y7LwfHgBnaYpfGJ4h1dyZ48AbbOels5po8s9FkeqF_FbJWqSlNw78QI0rHhsy1JTIAv845tcKsgB0bRaHTNixfuFsNw0Gj4iee29Ooz2Zba51M0jJE6d5P744mPDe5hKvzbtGgYXljZc3Jn9sjY2MCLogil7hCDWLY23J7qwpiAmkODAqcqEyMhd2Fi2_VyacMSijjBLYeI7S7-096N1svS0WEpOixPA0Teg1AQIevwY76fddz9YLWmgrvVqCXbgpxAWNZkY3mSgoDUK6pgZkX3XwtF1GlsltCM-m_5AtneaCEqMIvF6bGWhFI7t42Dyf2_9/
Request Chain 186
  • https://aws-fr-sync.bidswitch.net/sync?ssp=smartadserver&dsp_id=409&imp=1 HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=smartadserver HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=d96529e4-0670-4342-a8bb-9b602b67ced8&ssp=smartadserver HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=fdbbf0d3-14c9-4e18-beb2-1f263514daae&gdpr=&gdpr_consent=
Request Chain 191
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=d96529e4-0670-4342-a8bb-9b602b67ced8 HTTP 302
  • https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=25&dspUserId=fdbbf0d3-14c9-4e18-beb2-1f263514daae HTTP 307
  • https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=25&dspUserId=fdbbf0d3-14c9-4e18-beb2-1f263514daae&cookieRequired=true
Request Chain 207
  • https://ads.stickyadstv.com/auto-user-sync HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=dce92ee15bffc23d8e31137e73f8f28&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l1e52_7006098679283637919 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZGNlOTJlZTE1YmZmYzIzZDhlMzExMzdlNzNmOGYyOA==&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEDnGf47Q2X-YrRDKC3yWJZE&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=be919faa-1a75-4dee-97fe-3f0e168429c9 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=8753280251054543738 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/dce92ee15bffc23d8e31137e73f8f28&gdpr=0&gdpr_consent=?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-n74x9YJE2oNAagO6byHyribXCrd.MEpyvbhOOoIL~A HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=c3a1613a-a9a0-4400-901c-beee312d150c&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 303
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AABtN07CdVMAABREzLmq8A&gdpr=0 HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=kVIHXRy11MouBk5&gdpr=0 HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YTqpoAAAVIlJPAAT&gdpr=0 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0
Request Chain 208
  • https://loadus.exelator.com/load/?p=204&g=119&buid= HTTP 302
  • https://loadus.exelator.com/load/?p=204&g=119&buid=&xl8blockcheck=1
Request Chain 237
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=38521a83-bb43-4d48-86fd-e836d6e7a4cd&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=be919faa-1a75-4dee-97fe-3f0e168429c9&ttd_puid=38521a83-bb43-4d48-86fd-e836d6e7a4cd
Request Chain 258
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8632571902530157938
Request Chain 296
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=1&gdpr_consent=null
Request Chain 299
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZGNlOTJlZTE1YmZmYzIzZDhlMzExMzdlNzNmOGYyOA==&gdpr=0&gdpr_consent=
Request Chain 300
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=dce92ee15bffc23d8e31137e73f8f28&ex=freewheel.tv&gdpr=0&gdpr_consent=
Request Chain 347
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:kVIHXRy11MouBk5&gdpr=0&gdpr_consent=
Request Chain 349
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:762AF14F632641BB920CDABAF016FA99
Request Chain 350
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VcaibnwWRb5BtkCfnIBbYMIkbBM
Request Chain 351
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=99B50716-645B-4619-885E-FF6900806EF8&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=99B50716-645B-4619-885E-FF6900806EF8&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=99B50716-645B-4619-885E-FF6900806EF8&addseg=19,36,42
Request Chain 352
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=99B50716-645B-4619-885E-FF6900806EF8&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=99B50716-645B-4619-885E-FF6900806EF8&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 355
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=c966c27b-11cf-11ec-a9a1-2972a6622f69&gdpr=0&gdpr_consent=
Request Chain 371
  • https://gcdn.2mdn.net/videoplayback/id/a94f4d7b3fe25b13/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1662770467/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/083064C3170266A7DFBD658E844D7646711E581A.4FADF0353FF1E6850D049D881DB527ECEDA3003F/key/ck2/file/file.mp4 HTTP 302
  • https://r3---sn-4g5lznes.c.2mdn.net/videoplayback/id/a94f4d7b3fe25b13/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1662770467/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0FAA5CB4ACC4E7EA10558C68E04E7D9AB9691509.18CF61082C9CF5B6D65C3DA7169EA80EAE6C3C8B/key/cms1/cms_redirect/yes/mh/Tu/mip/2001:ac8:36:6:207::1/mm/42/mn/sn-4g5lznes/ms/onc/mt/1631233885/mv/u/mvi/3/pl/48/file/file.mp4
Request Chain 389
  • https://moevideo-sync.rutarget.ru/sync HTTP 302
  • https://cs-0.moevideo.biz/ssp/cs?d=1&b=0tg3WBmcLP5q
Request Chain 391
  • https://px.adhigh.net/p/cm/moevideo?u=186662e8883042b41dc9 HTTP 302
  • https://px.adhigh.net/p/cm/moevideo?u=186662e8883042b41dc9&bounced=1
Request Chain 392
  • https://sync.bumlam.com/?src=moe2&uid=186662e8883042b41dc9 HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABij0-qJBlIFst3qqQtiFDE4NjY2MmU4ODgzMDQyYjQxZGM5 HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARij0-qJBlIFst3qqQtiFDE4NjY2MmU4ODgzMDQyYjQxZGM5ogEQyaH__BHPEeyG4AAlkMBkfA** HTTP 302
  • https://sync.bumlam.com/?src=moe2&s_data=CAIQABij0-qJBmIUMTg2NjYyZTg4ODMwNDJiNDFkYzmiARDJof_8Ec8R7IbgACWQwGR8 HTTP 302
  • https://sync.bumlam.com/?src=moe2&s_data=CAIQARij0-qJBmIUMTg2NjYyZTg4ODMwNDJiNDFkYzmiARDJof_8Ec8R7IbgACWQwGR8
Request Chain 393
  • https://mitdmp.whiteboxdigital.ru/pixel?source=moevideo&id=186662e8883042b41dc9&redirect=true&href=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D51%26b%3D%7Buid%7D HTTP 302
  • https://e4a0d02b-0984-4d99-85c4-cbdbc56f9ab8.mitdmp.whiteboxdigital.ru/redirect?miid=e4a0d02b-0984-4d99-85c4-cbdbc56f9ab8&href=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D51%26b%3De4a0d02b-0984-4d99-85c4-cbdbc56f9ab8 HTTP 302
  • https://cs-0.moevideo.biz/ssp/cs?d=51&b=e4a0d02b-0984-4d99-85c4-cbdbc56f9ab8
Request Chain 395
  • https://exchange.buzzoola.com/cookiesync/redirect/moevideo?redirect_url=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D81%26b%3D%24%7BUUID%7D HTTP 301
  • https://cs-0.moevideo.biz/ssp/cs?d=81&b=a0dc1d96-75d4-44ca-65bc-865fe3406601
Request Chain 396
  • https://sync.upravel.com/moevideo/sync HTTP 302
  • https://sync.upravel.com/moevideo/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9tb2V2aWRlby5iaXovIl19fQ HTTP 302
  • https://9a7eb090-76c1-4547-a6f7-d6139ca6932c.sync.upravel.com/moevideo/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9tb2V2aWRlby5iaXovIiwiaHR0cHM6Ly9tb2V2aWRlby5iaXovIl19fQ HTTP 302
  • https://cs-0.moevideo.biz/ssp/cs?d=91&b=9a7eb090-76c1-4547-a6f7-d6139ca6932c
Request Chain 397
  • https://sm.rtb.mts.ru/p?ssp=moevideo&id=186662e8883042b41dc9 HTTP 301
  • https://sm.rtb.mts.ru/match/second?ssp=moevideo&exu=186662e8883042b41dc9 HTTP 301
  • https://tech.rtb.mts.ru/?dsp_uid=25a9ea08-d4a1-45d8-8f46-324b468d9a75&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FJanqCNShRdiPRjJLRo2adQ%3Fsign%3D3331683762 HTTP 302
  • https://an.yandex.ru/setud/mts_banner/JanqCNShRdiPRjJLRo2adQ?sign=3331683762
Request Chain 401
  • https://dx.frontend.weborama.com/collect?touchpoint=0&url=https%3A//moevideo.biz/embed/vpaid%3Ftoken%3DBgKKYfpisL2DMd60%252Brsy9hRFCVVeHrUxvTQR747gOTh62fsQrHV4Nibe3I84mXOk%26ref%3Dviads-ask.fm%26title%3D%26duration%3D0%26test%3D0%26proxyVars%255Breferer%255D%3Dhttps%253A%252F%252Fask.fm%252Fspadebook33%26impressionAfterPaid%3D1%26muteVisibleCheck%3D1%26vl%3D1%26es%3D1%26mvver%3D1707 HTTP 302
  • https://dx.frontend.weborama.com/collect?touchpoint=0&url=https%3A%2F%2Fmoevideo.biz%2Fembed%2Fvpaid%3Ftoken%3DBgKKYfpisL2DMd60%252Brsy9hRFCVVeHrUxvTQR747gOTh62fsQrHV4Nibe3I84mXOk%26ref%3Dviads-ask.fm%26title%3D%26duration%3D0%26test%3D0%26proxyVars%255Breferer%255D%3Dhttps%253A%252F%252Fask.fm%252Fspadebook33%26impressionAfterPaid%3D1%26muteVisibleCheck%3D1%26vl%3D1%26es%3D1%26mvver%3D1707&bounce=1&random=671529414 HTTP 302
  • https://rd.frontend.weborama.fr/rd?key=wamsync&url=https%3A%2F%2Fdx.frontend.weborama.com%2Fcollect%3Fdsp_id%3D0%26eid%3D%7BWEBO_ID%7D HTTP 302
  • https://dx.frontend.weborama.com/collect?dsp_id=0&eid=wGFzK0v6cljA
Request Chain 409
  • https://x.bidswitch.net/sync?ssp=adform HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=fdbbf0d3-14c9-4e18-beb2-1f263514daae&ssp=adform&gdpr=&gdpr_consent=
Request Chain 410
  • https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID HTTP 302
  • https://cm.adform.net/pixel?adform_pid=16&adform_pc=8753280251054543738
Request Chain 411
  • https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID HTTP 302
  • https://cm.adform.net/pixel?adform_pid=18&adform_pc=4bfa5bea-ada0-4b38-9394-38ebb8b06147
Request Chain 413
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-8yQIQ78_RAhj1l86BASABMAE&v=APEucNW-77h5rpISeBGvHZ3odt_mPyL8t-6XtEaUKYqFtgZYJXDBI-soX-Eabj6w92flk81WQK7rUuJ-Bbx8aiRA4yqdMQ-biGLJKULEL2v7YHKJTc0NBL8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&gdpr=0&google_gid=CAESEDCVdkH8rw5N8YZu0v1Vnls&google_cver=1 HTTP 302
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEDCVdkH8rw5N8YZu0v1Vnls&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=eba40a42daeed875f81f00393d985604&uid=eba40a42daeed875f81f00393d985604&data[stv][idt_did_status]=added&gdpr_consent=&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1 HTTP 302
  • https://cm.adsafety.net/?_cmsrc=ttdx&idt=100&did=be919faa-1a75-4dee-97fe-3f0e168429c9 HTTP 302
  • https://tags.adsafety.net/v1/cm?cm_uid=CM1202109100050d000ad72cbf43e974&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Ddefault%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D HTTP 302
  • https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=default&idt=100&did=eba40a42daeed875f81f00393d985604
Request Chain 420
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8632571902530157938
Request Chain 436
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da6a6222a-a3e4-446e-bf5f-3b3a0c811550%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da6a6222a-a3e4-446e-bf5f-3b3a0c811550%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://prebid.a-mo.net/setuid?A=a6a6222a-a3e4-446e-bf5f-3b3a0c811550&D=&bidder=sovrn&uid=297cb7d52fd12dc67047e5d2
Request Chain 437
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da6a6222a-a3e4-446e-bf5f-3b3a0c811550%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/setuid?A=a6a6222a-a3e4-446e-bf5f-3b3a0c811550&D=&bidder=appnexus&uid=8753280251054543738
Request Chain 438
  • https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da6a6222a-a3e4-446e-bf5f-3b3a0c811550%26D%3D%26bidder%3Dindex_rtb%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da6a6222a-a3e4-446e-bf5f-3b3a0c811550%26D%3D%26bidder%3Dindex_rtb%26uid%3D&s=191503&C=1 HTTP 302
  • https://prebid.a-mo.net/setuid?A=a6a6222a-a3e4-446e-bf5f-3b3a0c811550&D=&bidder=index_rtb&uid=YTqppCCJJMbXm4CAFDxZgQAA%261139
Request Chain 439
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da6a6222a-a3e4-446e-bf5f-3b3a0c811550%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID HTTP 302
  • https://prebid.a-mo.net/setuid?A=a6a6222a-a3e4-446e-bf5f-3b3a0c811550&D=&bidder=pubmatic&uid=99B50716-645B-4619-885E-FF6900806EF8
Request Chain 440
  • https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=a6a6222a-a3e4-446e-bf5f-3b3a0c811550 HTTP 302
  • https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=a6a6222a-a3e4-446e-bf5f-3b3a0c811550&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=a6a6222a-a3e4-446e-bf5f-3b3a0c811550&apid=UPc9a4413e-11cf-11ec-ae6d-06efd8582e12 HTTP 302
  • https://prebid.a-mo.net/setuid/verizon_video?uid=UPc9a4413e-11cf-11ec-ae6d-06efd8582e12&gdpr=0&gdpr_consent=
Request Chain 447
  • https://www.tns-counter.ru/V13a****nativeroll_tv/ru/UTF-8/tmsec=nativeroll_total/286714873 HTTP 302
  • https://www.tns-counter.ru/V13b****nativeroll_tv/ru/UTF-8/tmsec=nativeroll_total/286714873
Request Chain 455
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8753280251054543738
Request Chain 456
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-0H5o2cRE2uGzG2BccUykFrkH.qalm1FgjnRsKsQ-~A
Request Chain 457
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Request Chain 458
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=297cb7d52fd12dc67047e5d2
Request Chain 459
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8753280251054543738
Request Chain 460
  • https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F2064%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=6828565610 HTTP 302
  • https://sync.1rx.io/usersync3/centro/2064/no-consent?zcc=0&sspret=1&rndcb=6828565610
Request Chain 461
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=bdc8e699-b85d-486f-950d-7f4481626ba5
Request Chain 462
  • https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=e9b526ba-502f-42dd-9355-5fa240cfde87
Request Chain 464
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPc9a4413e-11cf-11ec-ae6d-06efd8582e12 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPc9a4413e-11cf-11ec-ae6d-06efd8582e12
Request Chain 476
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YTqppCCJJMbXm4CAFDxZgQAABHMAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENsUePAmxf_dQsWXzVyWoQM&google_cver=1
Request Chain 477
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YTqppCCJJMbXm4CAFDxZgQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDD503J4aRt0s_LfmkD_56o&google_cver=1&gdpr=1
Request Chain 478
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YTqppCCJJMbXm4CAFDxZgQAABHMAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YTqppCCJJMbXm4CAFDxZgQAABHMAAAAB&dcc=t
Request Chain 479
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06b12204009801a24eefb82b&expiration=[EXPIRATION]&gdpr=1
Request Chain 481
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=c3a1613a-a9a0-4400-901c-beee312d150c&gdpr=1&gdpr_consent=
Request Chain 482
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-4dce8498-e7bc-48bf-8eb4-e2a4299dd55f
Request Chain 486
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=99B50716-645B-4619-885E-FF6900806EF8 HTTP 302
  • https://a.audrte.com/p
Request Chain 510
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8632571902530157938
Request Chain 515
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1801287469&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1 HTTP 302
  • https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1801287469&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=9362bc9e-7bda-42c6-9daf-a2697f012683&a.is_yahoo=3&redirect_y=dHM9MTYzMTIzNDQ2OTcyNS4zMjM0ODY6YXBpZD1VUGM5YTQ0MTNlLTExY2YtMTFlYy1hZTZkLTA2ZWZkODU4MmUxMjpyZXF1ZXN0X2lkPTkzNjJiYzllLTdiZGEtNDJjNi05ZGFmLWEyNjk3ZjAxMjY4Mw==
Request Chain 516
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=989101710&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1 HTTP 302
  • https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=989101710&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=29befbcd-9ffb-46fd-892c-00117adc4bf1&a.is_yahoo=3&redirect_y=dHM9MTYzMTIzNDQ2OTcyNC4wOTM5OTQ6YXBpZD1VUGM5YTQ0MTNlLTExY2YtMTFlYy1hZTZkLTA2ZWZkODU4MmUxMjpyZXF1ZXN0X2lkPTI5YmVmYmNkLTlmZmItNDZmZC04OTJjLTAwMTE3YWRjNGJmMQ==
Request Chain 517
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=2132474692&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov&pi.width=400&pi.height=225&pi.viewable=1 HTTP 302
  • https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=2132474692&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=fe0195dd-cd53-488a-91d0-193c01b49337&a.is_yahoo=3&redirect_y=dHM9MTYzMTIzNDQ2OTcyNC44ODE1OTI6YXBpZD1VUGM5YTQ0MTNlLTExY2YtMTFlYy1hZTZkLTA2ZWZkODU4MmUxMjpyZXF1ZXN0X2lkPWZlMDE5NWRkLWNkNTMtNDg4YS05MWQwLTE5M2MwMWI0OTMzNw==
Request Chain 596
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8632571902530157938
Request Chain 613
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1080011793&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1 HTTP 302
  • https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1080011793&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=6e440eea-b8ce-467b-835d-8de80cd678c5&a.is_yahoo=3&redirect_y=dHM9MTYzMTIzNDQ3MTc2MC4wNzQ5NTE6YXBpZD1VUGM5YTQ0MTNlLTExY2YtMTFlYy1hZTZkLTA2ZWZkODU4MmUxMjptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPTZlNDQwZWVhLWI4Y2UtNDY3Yi04MzVkLThkZTgwY2Q2NzhjNQ==
Request Chain 614
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1769525303&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1 HTTP 302
  • https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1769525303&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=adbe46ab-07a2-41f9-90bd-9d8d07ed1a29&a.is_yahoo=3&redirect_y=dHM9MTYzMTIzNDQ3MTc2Mi43NzgwNzY6YXBpZD1VUGM5YTQ0MTNlLTExY2YtMTFlYy1hZTZkLTA2ZWZkODU4MmUxMjptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPWFkYmU0NmFiLTA3YTItNDFmOS05MGJkLTlkOGQwN2VkMWEyOQ==
Request Chain 615
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=151940007&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov&pi.width=400&pi.height=225&pi.viewable=1 HTTP 302
  • https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=151940007&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=d0b0881d-0adf-4e0f-8294-38851883ca93&a.is_yahoo=3&redirect_y=dHM9MTYzMTIzNDQ3MTc2MC44NDA4MjA6YXBpZD1VUGM5YTQ0MTNlLTExY2YtMTFlYy1hZTZkLTA2ZWZkODU4MmUxMjptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPWQwYjA4ODFkLTBhZGYtNGUwZi04Mjk0LTM4ODUxODgzY2E5Mw==
Request Chain 652
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8632571902530157938

632 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set spadebook33
ask.fm/ 		12 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ask.fm/spadebook33
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.138.77.140 , Latvia, ASN395754 (ASK-FM, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
89807bc7f0682a08365ba7f6f28ca01e71ee5d7e0b88b4d29a3d3ffecd342888
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
ask.fm
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Status
410 Gone
Cache-Control
no-cache
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Date
Fri, 10 Sep 2021 00:41:02 GMT
Set-Cookie
locale=de; path=/; expires=Sat, 10 Sep 2022 06:41:02 GMT uuid=b2e18f2d-ca99-4da6-81c7-7d7151fa5d19; path=/; expires=Sat, 10 Sep 2022 06:41:02 GMT; secure; HttpOnly country=DE; path=/; expires=Sat, 10 Sep 2022 06:41:02 GMT _m_ask_fm_session=NnNFbDhlbkFIRnVrRzVzQkE0aEVKNDd3dXhramlRbFpqbEJuRHB4L01iZ2FyMXkxOVN3bEdJTmlmU3A1RmF3aWpPVHU2VWZHWnRhTWRIS2RTL0FHcGJaSUZiOEU4Ym5CR1JJc2ZIR21pSnowb2pFK2xyR080dXczOXJjVGtpb0kwOE5LVDZGTXp4ZGFHbVYraTZycTRWcXYzMWhPSHZpVTVTK0hjYmIrOGl4ZERyRU45N2N1N0l6bkkzSytNZEpuQ1RTQ0J1NWdZaGdrTVl1MVh5eUR1QmdQYjhmbWFvWUZSaEpUbFhmejkzSlRLU2QyTngyUEdaWWFMd2dObXRNQS0tbXdPbzU5M2xxRUlmUXA4OS82QjFVUT09--7c45e3862631ff54a136aadd36c49b7fa015e79c; path=/; expires=Mon, 13 Sep 2021 00:41:02 GMT; secure; HttpOnly
Server
Ask.FM Web Service
Content-Security-Policy
frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security
max-age=63072000
application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css
d3r6ceqp4shltl.cloudfront.net/assets/ 		184 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e1:c200:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
6bf4d1a5ab84231d4d77a7aa49811be50601ad46f93002a7dfc4b29403980787
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 12:24:06 GMT
content-encoding
gzip
age
1945015
x-cache
Hit from cloudfront
access-control-max-age
3000
content-length
39692
access-control-allow-origin
https://ask.fm
last-modified
Wed, 18 Aug 2021 12:19:47 GMT
server
Ask.FM Web Service
etag
"611cfae3-9b0c"
strict-transport-security
max-age=63072000
access-control-allow-methods
GET
content-type
text/css
via
1.1 a06b3af7aeb84a80d60dd16b849e62e0.cloudfront.net (CloudFront)
cache-control
public, max-age=315360000, immutable
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
CDG50-C2
x-amz-cf-id
flTygM1UKQ9GhIqeFN3d-TZNw5JbEl_8h9GjLqzOI3A7qybrl35r_Q==
expires
Thu, 31 Dec 2037 23:55:55 GMT
application-bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477.js
d3r6ceqp4shltl.cloudfront.net/assets/ 		217 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3r6ceqp4shltl.cloudfront.net/assets/application-bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477.js
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e1:c200:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 12:07:21 GMT
content-encoding
gzip
age
1946021
x-cache
Hit from cloudfront
access-control-max-age
3000
content-length
69074
access-control-allow-origin
https://ask.fm
last-modified
Wed, 18 Aug 2021 07:22:53 GMT
server
Ask.FM Web Service
etag
"611cb54d-10dd2"
strict-transport-security
max-age=63072000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 a06b3af7aeb84a80d60dd16b849e62e0.cloudfront.net (CloudFront)
cache-control
public, max-age=315360000, immutable
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
CDG50-C2
x-amz-cf-id
YwgL0M7JCGjihX6GjLSbfkzK9rTSkBWo0vh3TF99WStuHfLuIBC_Yw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
askfm_4249.js
ads.vidoomy.com/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.vidoomy.com/askfm_4249.js
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.129.250.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-129-250-65.us-east-2.compute.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash
9adcb66c5787b7cfea40f01e917238c3a90ff74423e96a5d551ed2411ef29754

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:02 GMT
Server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By
PHP/7.0.33
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=300
Content-Length
4963
account-suspended.gif
d3r6ceqp4shltl.cloudfront.net/images/errors/ 		380 KB
380 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3r6ceqp4shltl.cloudfront.net/images/errors/account-suspended.gif
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e1:c200:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
b570d38ee9fb9d3c62cdd3395021b23cf0c1b8d6e55aa0f4c31496723a30c202
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 13:30:55 GMT
via
1.1 a06b3af7aeb84a80d60dd16b849e62e0.cloudfront.net (CloudFront)
age
1941007
x-cache
Hit from cloudfront
content-length
388641
last-modified
Wed, 18 Aug 2021 12:19:47 GMT
server
Ask.FM Web Service
etag
"611cfae3-5ee21"
strict-transport-security
max-age=63072000
content-type
image/gif
cache-control
max-age=315360000, public
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
CDG50-C2
accept-ranges
bytes
x-amz-cf-id
Db83lNIBvPkJ67UQcezyhygXwqgomB4raBM_ImCUOg03tHh-Grcj7g==
expires
Thu, 31 Dec 2037 23:55:55 GMT
v2doydDDr7mj6NrgHnAK5ak-qxBmJSRZTUAYuHM-2FpCgUsDt2NNH9aFlN0Jtm2lc
colossalcoat.com/ 		103 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://colossalcoat.com/v2doydDDr7mj6NrgHnAK5ak-qxBmJSRZTUAYuHM-2FpCgUsDt2NNH9aFlN0Jtm2lc
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
133.96.201.35.bc.googleusercontent.com
Software
/
Resource Hash
1f899a70037c22f406429658305232b6e9aad210092284833a260a7fc357b8f9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"7796c0b3069549379f0bb7e2e12b057a0e4c4c779190a66b7178ee145e3c6d43"
vary
Accept-Encoding, Accept-Language
x-hostname
c984a0b3
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Fri, 10 Sep 2021 00:41:02 GMT
timing-allow-origin
*
tag.js
mc.yandex.ru/metrika/ 		224 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
96e61209b1c1fff1abe78fb763fbf093a04e6e992dc24b299ab1c4c5f4272f16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:02 GMT
content-encoding
br
last-modified
Wed, 08 Sep 2021 16:07:49 GMT
etag
"61372b26-11d31"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
73009
expires
Fri, 10 Sep 2021 01:41:02 GMT
527.jpg
d16vsmxl4d5tw1.cloudfront.net/b46/6e492/6cbb/4bfd/b357/4cb321bdbad8/thumb/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/b46/6e492/6cbb/4bfd/b357/4cb321bdbad8/thumb/527.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:3600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
617ba2dc77da6e3d059e36ff53297f52b52a74390302b4d3cbb080d83590ba88

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 21:16:40 GMT
via
1.1 8e20810f1edd66323991c4412691bb48.cloudfront.net (CloudFront)
last-modified
Sun, 25 Aug 2019 01:16:38 GMT
server
AmazonS3
age
12263
etag
"f8d7e26ba4439c23819cc87d5a065753"
x-cache
Hit from cloudfront
x-amz-version-id
KzITzc6rFUA4GC23BUiH3ML28qBIIdZ5
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-type
image/jpeg
content-length
4424
x-amz-cf-id
IVnboDyklbNG6CiZZw756IALktZDmRE0gjF59aXSM3rdf_fGHl3Bsg==
86185.png
d16vsmxl4d5tw1.cloudfront.net/8d9/bfdd3/7c5a/40e0/b2ab/6fdb237caa22/thumb/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/8d9/bfdd3/7c5a/40e0/b2ab/6fdb237caa22/thumb/86185.png
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:3600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e8f59cde367fecd05745d704d3d62230ebcfef6345b381ff17ddcac901dd466f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:35:47 GMT
via
1.1 8e20810f1edd66323991c4412691bb48.cloudfront.net (CloudFront)
last-modified
Tue, 18 Dec 2018 15:30:34 GMT
server
AmazonS3
age
316
etag
"bb002b9ecc3c68d9dac14820dcad8054"
x-cache
Hit from cloudfront
x-amz-version-id
UE15scg8UtEHo_J5SovRuufQtOPTbepy
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-type
image/png
content-length
12560
x-amz-cf-id
C7dTATSkkhGAMzdT6AfAJ7dyKwpjqvgy3wr5BU1W_OQ1inQ-ucMcWw==
161168.jpg
d16vsmxl4d5tw1.cloudfront.net/c1b/7eece/aa4a/4c49/a62f/746c274b7ebf/thumb/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/c1b/7eece/aa4a/4c49/a62f/746c274b7ebf/thumb/161168.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:3600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3a1ecfa819ced4074bab4349a235468af542042d56dc7beec4dbd2b677a8ee58

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:33:44 GMT
via
1.1 8e20810f1edd66323991c4412691bb48.cloudfront.net (CloudFront)
last-modified
Tue, 19 Jun 2018 12:28:37 GMT
server
AmazonS3
age
439
etag
"a891e83cccc8384e747506eb69226b40"
x-cache
Hit from cloudfront
x-amz-version-id
0bVtzhnFGjBaDs5cxHd9LBo_4GDkEjd1
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-type
image/jpeg
content-length
4109
x-amz-cf-id
_OGcyw_49AVn9DpK0J9McZddvR-ahjlt6p9XlawYwcgAVl-RI-jtaw==
3146.jpg
d16vsmxl4d5tw1.cloudfront.net/f84/7d31d/8f5c/4e7f/a522/45372d203cd8/thumb/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/f84/7d31d/8f5c/4e7f/a522/45372d203cd8/thumb/3146.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:3600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
280570f2a3e4d14d5790dc16ebfaa8e57b6af7daabb5d3323f522f490ecd156f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:29:54 GMT
via
1.1 8e20810f1edd66323991c4412691bb48.cloudfront.net (CloudFront)
last-modified
Tue, 20 Nov 2018 11:19:59 GMT
server
AmazonS3
age
669
etag
"865502f7aa5bb6a2ea2425353f6f27c9"
x-cache
Hit from cloudfront
x-amz-version-id
LLCZK7JuAk_tNYuiCSXSsVSHRw6T7MoS
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-type
image/jpeg
content-length
2859
x-amz-cf-id
7-XVjIzZETL-bx6dhTHIYLnMwAytFfRjRHwyjfmdHayB2OC1ERr_5w==
143358.jpg
d16vsmxl4d5tw1.cloudfront.net/39b/6054d/3027/4723/96f0/e3172e62ffd6/thumb/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/39b/6054d/3027/4723/96f0/e3172e62ffd6/thumb/143358.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:3600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
059b72f14737050f8ac4856e24946f99722e5de465e6b5310e6d32072cc3131e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 22:05:47 GMT
via
1.1 8e20810f1edd66323991c4412691bb48.cloudfront.net (CloudFront)
last-modified
Sat, 24 Nov 2018 22:15:59 GMT
server
AmazonS3
age
9315
etag
"9ace0ca0529eed792ce1aa151b5d02ec"
x-cache
Hit from cloudfront
x-amz-version-id
WaAVx4DjmjR4njBd64KrVjTTzX_l829J
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-type
image/jpeg
content-length
4592
x-amz-cf-id
Sy5CxK45Zc-ZP5Xx8QHJCS1cL2P40Sk1z2lfFIIdbqOy7ovbLa4Q-g==
76538.jpg
d16vsmxl4d5tw1.cloudfront.net/113/5f405/e9fe/4d84/8a53/01b1b99bf593/thumb/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/113/5f405/e9fe/4d84/8a53/01b1b99bf593/thumb/76538.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:3600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
165eda3282bc8bae930b1b800c7894508e9a9094a613e6e430635ff0c3c10f92

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:04 GMT
via
1.1 8e20810f1edd66323991c4412691bb48.cloudfront.net (CloudFront)
last-modified
Sun, 15 Sep 2019 11:09:02 GMT
server
AmazonS3
x-amz-cf-pop
CDG50-P2
etag
"dcca021b01c0451dc28f6a02e4d4604d"
x-cache
Miss from cloudfront
x-amz-version-id
HxUXfUIzVbWJvw8kHj4fH_7taeB1wp0b
x-amz-storage-class
REDUCED_REDUNDANCY
accept-ranges
bytes
content-type
image/jpeg
content-length
2432
x-amz-cf-id
7t6eAlJ_tyNKqcLWRbsdWovzE-EYVhm-sUFTKMbj4dB0FFCPTgiSlA==
179006.jpg
d16vsmxl4d5tw1.cloudfront.net/2f9/4a540/bcde/46ee/b564/a959dc6ed97a/thumb/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/2f9/4a540/bcde/46ee/b564/a959dc6ed97a/thumb/179006.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:3600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2858b882cb470f5f66333fcf3e1d4715730c5f71dccf5c6e98f5e6da7ec27bd1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:35:53 GMT
via
1.1 8e20810f1edd66323991c4412691bb48.cloudfront.net (CloudFront)
last-modified
Mon, 26 Nov 2018 19:33:03 GMT
server
AmazonS3
age
310
etag
"cd5865ae946fb8339c1c7d7605641c59"
x-cache
Hit from cloudfront
x-amz-version-id
UeDPWvk7iQA2HIv7vxjgXTMnfxMeG0vL
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-type
image/jpeg
content-length
5227
x-amz-cf-id
7rUD_z5LooB7QK5l7LyLk8cWCGtuu1N9WBL7HdUhL5l0pBwk8sCnCQ==
29049.jpg
dbq8hrmshvuto.cloudfront.net/d35/52abe/e8d3/4306/a30e/eee468218c45/thumb/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dbq8hrmshvuto.cloudfront.net/d35/52abe/e8d3/4306/a30e/eee468218c45/thumb/29049.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2117:b400:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
be231d3b61bb49d5bc6ad7d34a4d68f5ba96627cafddb76f8b8f7d2040a7a2f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:04 GMT
via
1.1 da7c369ddd47be9fe24a924ca2788c8f.cloudfront.net (CloudFront)
last-modified
Sat, 23 May 2020 04:43:25 GMT
server
AmazonS3
x-amz-cf-pop
CDG50-C1
etag
"a9237bd971f09497d0b6878e2854ae1f"
x-cache
Miss from cloudfront
x-amz-version-id
ixb1VRlbVXGk8BMdre8SfpoSvoUYKH0S
x-amz-storage-class
REDUCED_REDUNDANCY
accept-ranges
bytes
content-type
image/jpeg
content-length
3585
x-amz-cf-id
NClJBoOLhKF_yzwWcGEWlk-Ocu7wJFO5RUU9rNqACsuPVwqIYVMSeg==
65975.jpg
d16vsmxl4d5tw1.cloudfront.net/7e2/43c79/060d/4ae0/b11d/ad74724d2f82/thumb/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/7e2/43c79/060d/4ae0/b11d/ad74724d2f82/thumb/65975.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:3600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
20f368defde6d7df46841a6e09c2f6305e63684b0474360efe9a284d8493df94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 10:09:29 GMT
via
1.1 8e20810f1edd66323991c4412691bb48.cloudfront.net (CloudFront)
last-modified
Thu, 14 Jun 2018 17:15:58 GMT
server
AmazonS3
age
52294
etag
"3eb780ec9bfb00c61c797db8f5eb4ef3"
x-cache
Hit from cloudfront
x-amz-version-id
ZrrUpIMt5LU7itPny_Nbr2olUUqT3QQf
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-type
image/jpeg
content-length
2186
x-amz-cf-id
Xrhl8E4Y5EPtG7MHZ_kJ_vguLu4LxxnwqE0VAZtcTzk--MoqkxCTLw==
218959.jpg
d16vsmxl4d5tw1.cloudfront.net/6a4/8344d/0b8a/406d/90c1/873911302024/thumb/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/6a4/8344d/0b8a/406d/90c1/873911302024/thumb/218959.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:3600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
96ef141614f01a20556683a2f5138c89ed7ef8b486bdbc0671d66791e34a8b55

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 18:12:36 GMT
via
1.1 8e20810f1edd66323991c4412691bb48.cloudfront.net (CloudFront)
last-modified
Wed, 18 Sep 2019 05:30:52 GMT
server
AmazonS3
age
23307
etag
"b733e571700298b2f332e0bdb68fafe0"
x-cache
Hit from cloudfront
x-amz-version-id
2Bp7ztLS7YAvgcUV1F5FBnHV3pjqAwvc
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-type
image/jpeg
content-length
2696
x-amz-cf-id
UvVsAbk1S251W4VCEBqdINkbSKPUnWTmxga_ZB0YdDMaZt4Z7jF1Mw==
25910.jpg
d16vsmxl4d5tw1.cloudfront.net/25a/65475/81b4/45dd/b816/2e28b57f1d78/thumb/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/25a/65475/81b4/45dd/b816/2e28b57f1d78/thumb/25910.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:3600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
750527157dff7937ae6015a0326ccb925ccebfc19e659b321191a96a1c67557b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 21:21:25 GMT
via
1.1 8e20810f1edd66323991c4412691bb48.cloudfront.net (CloudFront)
last-modified
Sun, 17 Jun 2018 04:15:43 GMT
server
AmazonS3
age
11978
etag
"7a1239eb41359fca0e2a24d5bffc5987"
x-cache
Hit from cloudfront
x-amz-version-id
BJuiRXzEDuPvx5DJrzw9i9fYCxgm3onG
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-type
image/jpeg
content-length
2573
x-amz-cf-id
oKbElPNO_PHXuWi_rEZlrC8ECWBm3ltWbXtz98cuuoesWIMobCCAxw==
134909.jpg
dbq8hrmshvuto.cloudfront.net/6e9/71920/2f7e/49a0/8e82/b036efea297e/thumb/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dbq8hrmshvuto.cloudfront.net/6e9/71920/2f7e/49a0/8e82/b036efea297e/thumb/134909.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2117:b400:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72dcb6cb625e171517ba4fb891c6a5df69bb25e4cf98fdac7e1f9c5572a634f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 11:24:28 GMT
via
1.1 da7c369ddd47be9fe24a924ca2788c8f.cloudfront.net (CloudFront)
last-modified
Sat, 25 Jan 2020 02:34:24 GMT
server
AmazonS3
age
47795
etag
"7e5dd769e5496556791287b4684c5eee"
x-cache
Hit from cloudfront
x-amz-version-id
fpxBgEncgQtjlE_6dgZ9T6RyLktBSbdC
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-cf-pop
CDG50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
4204
x-amz-cf-id
alDCdNTXbJwq0gUauiSst6uqdtoO9TTrRo96FanWETdg5nxiqOc2uw==
285286.jpg
d16vsmxl4d5tw1.cloudfront.net/979/34f35/0c45/4e01/82fa/2d432fc6849b/thumb/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/979/34f35/0c45/4e01/82fa/2d432fc6849b/thumb/285286.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:3600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5afe540c92182fd4572eadf02dd03cc8271115f41fabb1fcff1867425985d48a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 22:08:16 GMT
via
1.1 8e20810f1edd66323991c4412691bb48.cloudfront.net (CloudFront)
last-modified
Mon, 25 Jun 2018 11:11:11 GMT
server
AmazonS3
age
9167
etag
"644972af4557a2333796edd32086018c"
x-cache
Hit from cloudfront
x-amz-version-id
HnD8C69L1dEMx6_sZVHGSD13drA8mx0L
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-type
image/jpeg
content-length
3906
x-amz-cf-id
aJ6LhifiOuPghTlPeHVNrWlf4nUzyl2t5wv2YgMbYvg6kso4k6_cOQ==
80440.png
d16vsmxl4d5tw1.cloudfront.net/379/25ce9/929c/4ba2/819b/f903437fc84a/thumb/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/379/25ce9/929c/4ba2/819b/f903437fc84a/thumb/80440.png
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:3600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3d9997c626bcef2e373a0c2c96ae97eed72f1a89ff26c70224f635917f58a9e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:03 GMT
via
1.1 8e20810f1edd66323991c4412691bb48.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2019 17:31:28 GMT
server
AmazonS3
x-amz-cf-pop
CDG50-P2
etag
"0ab00fa0136b76e6974c52fde1179a97"
x-cache
Miss from cloudfront
x-amz-version-id
DTO7To2E4DDtPjKxo97Sd8zB0EDsOqUn
x-amz-storage-class
REDUCED_REDUNDANCY
accept-ranges
bytes
content-type
image/png
content-length
15267
x-amz-cf-id
8KQAHf89eosCSiBwZWMvjUo4HtkF6kjHtvUgn_0BSlGrBI4aErROQA==
296173.jpg
d16vsmxl4d5tw1.cloudfront.net/da6/cb0ef/7771/434a/9971/6b05c545a84e/thumb/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/da6/cb0ef/7771/434a/9971/6b05c545a84e/thumb/296173.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:3600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d52831c7deccb95bdb395e7568871f673fc341db02dba14bf407b2ca5dbf91a1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:04 GMT
via
1.1 8e20810f1edd66323991c4412691bb48.cloudfront.net (CloudFront)
last-modified
Sun, 14 Oct 2018 06:20:22 GMT
server
AmazonS3
x-amz-cf-pop
CDG50-P2
etag
"635a275012e905e868771da1d4d7deb6"
x-cache
Miss from cloudfront
x-amz-version-id
90rAFRasuKZzLms.5ersbam0NrKHvU.U
x-amz-storage-class
REDUCED_REDUNDANCY
accept-ranges
bytes
content-type
image/jpeg
content-length
3678
x-amz-cf-id
j8LfLHa_25YWTmmSb3gyk4PSvKGlGGKTpX9jeY3eFk9_1SbW3oSQxw==
180446.jpg
d16vsmxl4d5tw1.cloudfront.net/ad9/f7e52/abe9/4e79/ad9b/066d98f4ab7c/thumb/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/ad9/f7e52/abe9/4e79/ad9b/066d98f4ab7c/thumb/180446.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:3600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8344ed8bfc89007d3d4bfa7dc668a84512a7ce67e5b9997b43818c0ce78ce31e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:33:43 GMT
via
1.1 8e20810f1edd66323991c4412691bb48.cloudfront.net (CloudFront)
last-modified
Sat, 14 Sep 2019 18:18:42 GMT
server
AmazonS3
age
440
etag
"14be48f28f5b89f4ce0a1c837ed9a6de"
x-cache
Hit from cloudfront
x-amz-version-id
Z2G_3qZg8l4Vcaf4__US1iSiGqnDKle6
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-type
image/jpeg
content-length
3818
x-amz-cf-id
keKrPiygjPrQRwe9lWfRS6ReYP2qyW69esvw9RSaOGDDMVqbfMzXIg==
260160.jpg
d16vsmxl4d5tw1.cloudfront.net/e1a/4f75a/7ea6/4145/896f/1c0634b64dbf/thumb/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/e1a/4f75a/7ea6/4145/896f/1c0634b64dbf/thumb/260160.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:3600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
704b5fd701b82d8f4c92cf56d5c0b77fdf2c677d0457ec974a94aea9c699ab1a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 21:59:30 GMT
via
1.1 8e20810f1edd66323991c4412691bb48.cloudfront.net (CloudFront)
last-modified
Thu, 23 Aug 2018 10:19:13 GMT
server
AmazonS3
age
9693
etag
"1b432c537035cc5d4fcc75522fbf27f4"
x-cache
Hit from cloudfront
x-amz-version-id
Q5WiC6MuBUzqSlMsDFF3ggWOmF5IrCyd
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-type
image/jpeg
content-length
5418
x-amz-cf-id
UYkitD-mQH3-NeYeOyuIT49bvuLzUFjXLr5oO-bLwgdk8dZd9Dr-SQ==
31804.jpg
dbq8hrmshvuto.cloudfront.net/c3b/3ca1a/aefe/425e/9798/464c7d1ae469/thumb/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dbq8hrmshvuto.cloudfront.net/c3b/3ca1a/aefe/425e/9798/464c7d1ae469/thumb/31804.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2117:b400:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ce127f2204d9af08d5a567cb98d1082ebba8281ea8ce629833b9dcc607bc8bfe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:04 GMT
via
1.1 da7c369ddd47be9fe24a924ca2788c8f.cloudfront.net (CloudFront)
last-modified
Sun, 16 Feb 2020 20:13:42 GMT
server
AmazonS3
x-amz-cf-pop
CDG50-C1
etag
"c1762b7f489810125a85c8707dd0065d"
x-cache
Miss from cloudfront
x-amz-version-id
mAfYAz1ywXWKBJZDqB9daqHrK2XXH4By
x-amz-storage-class
REDUCED_REDUNDANCY
accept-ranges
bytes
content-type
image/jpeg
content-length
4982
x-amz-cf-id
LGPGVf7iHm9gM5vSyE6-qfrqb1LYbm5pvkxOIG4E939IVjIdNYMsVw==
163883.jpg
dbq8hrmshvuto.cloudfront.net/ecd/d85a6/9122/4f75/9e29/c2028e85dab2/thumb/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dbq8hrmshvuto.cloudfront.net/ecd/d85a6/9122/4f75/9e29/c2028e85dab2/thumb/163883.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2117:b400:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
18c60715458a95298fdb9d8ac01255409a6e2aa2736175efdaebf255aa06c7e4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:04 GMT
via
1.1 da7c369ddd47be9fe24a924ca2788c8f.cloudfront.net (CloudFront)
last-modified
Sun, 14 Jun 2020 21:56:03 GMT
server
AmazonS3
x-amz-cf-pop
CDG50-C1
etag
"7b93f029d80dc0b0a2e387a0e67f4415"
x-cache
Miss from cloudfront
x-amz-version-id
JRAog3tE9kyJXnMxzFGkU4KmOorGleIA
x-amz-storage-class
REDUCED_REDUNDANCY
accept-ranges
bytes
content-type
image/jpeg
content-length
4152
x-amz-cf-id
0aNLXtZFeqgXYgU9fidXnZYZaQOIUw0ZxjpkZUj758d5tTMdhFIeCg==
504179.jpg
d16vsmxl4d5tw1.cloudfront.net/d2f/4c4d0/d75f/41ea/a201/812e66d94ec2/thumb/ 		436 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/d2f/4c4d0/d75f/41ea/a201/812e66d94ec2/thumb/504179.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:3600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8cf18d9627ce9c818c53e663222497e53246553d83a451bb92758c935b348386

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 22:34:04 GMT
via
1.1 8e20810f1edd66323991c4412691bb48.cloudfront.net (CloudFront)
last-modified
Tue, 15 Jan 2019 10:44:33 GMT
server
AmazonS3
age
7619
etag
"6a2a4beca8bf642ed07b254156d7f871"
x-cache
Hit from cloudfront
x-amz-version-id
UJ8VZvFAnl3gVWbEKpSeiQjtKti_UVJI
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-type
image/jpeg
content-length
436
x-amz-cf-id
9yKeKgyYRCd3DFwzwrqXLEoQYOjkxVfrg83dY1uppi__UI53m0CMpg==
948053.png
d16vsmxl4d5tw1.cloudfront.net/749/9d9bc/b02c/48b4/b675/8e4cf0ce9a2d/thumb/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/749/9d9bc/b02c/48b4/b675/8e4cf0ce9a2d/thumb/948053.png
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:3600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a64c03a7a2f7fa21672864b9770432ea5cd14653b8eaeca9bf3ef4da74507cf2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 02:37:35 GMT
via
1.1 8e20810f1edd66323991c4412691bb48.cloudfront.net (CloudFront)
last-modified
Sat, 29 Dec 2018 15:23:55 GMT
server
AmazonS3
age
79408
etag
"773ebaf08a1aa9a04cb660753b72bb74"
x-cache
Hit from cloudfront
x-amz-version-id
izq4UxQaqnAeA_wY8FUc6NgCBzBHipdr
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-type
image/png
content-length
13402
x-amz-cf-id
8XqyCrTscp8Y3hMX4Zl6CZru4ab7e9N287fNuoBIKYC99Fpmkr2XKw==
477224.jpg
d16vsmxl4d5tw1.cloudfront.net/9e2/5c0f8/9d3a/4a72/950e/e7fd5419c719/thumb/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/9e2/5c0f8/9d3a/4a72/950e/e7fd5419c719/thumb/477224.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:3600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5a253c5cc75790e559cda76e8de21cac68fc7af7e93f3cd76ea1eca314f8d021

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:36:13 GMT
via
1.1 8e20810f1edd66323991c4412691bb48.cloudfront.net (CloudFront)
last-modified
Sat, 22 Dec 2018 07:30:58 GMT
server
AmazonS3
age
290
etag
"aea23c38bd1b22dfba4d0221f1f3ea87"
x-cache
Hit from cloudfront
x-amz-version-id
1sY7y8kjmhgpLGmmL0xzyUVsvcyoCGzE
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-type
image/jpeg
content-length
5404
x-amz-cf-id
XGfHrf7ThgtjIqtIqtrB2I946W6Nmhj64PDowwoKWybF1KiY96hI7A==
46332.png
dbq8hrmshvuto.cloudfront.net/f65/21012/e736/4f99/b1af/ece726a37edf/thumb/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dbq8hrmshvuto.cloudfront.net/f65/21012/e736/4f99/b1af/ece726a37edf/thumb/46332.png
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2117:b400:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3649f57f6df23c7708eea467e4bfd0b1fe8c5e4860ba69e4f4b6d179c888d125

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:04 GMT
via
1.1 da7c369ddd47be9fe24a924ca2788c8f.cloudfront.net (CloudFront)
last-modified
Mon, 22 Jun 2020 13:31:45 GMT
server
AmazonS3
x-amz-cf-pop
CDG50-C1
etag
"9eb8f623522b45dce0778dce82d3653c"
x-cache
Miss from cloudfront
x-amz-version-id
OAndfGAaeMXYgV62TgqZHFSFpm25uyeH
x-amz-storage-class
REDUCED_REDUNDANCY
accept-ranges
bytes
content-type
image/png
content-length
15914
x-amz-cf-id
Bep51W46WpUr57galz5diov_rFD1p-7ta0jUfJ8Jc_n8dOs7t49d1g==
165410.jpg
d16vsmxl4d5tw1.cloudfront.net/166/0803a/92d9/4fc0/9835/56614205aca4/thumb/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/166/0803a/92d9/4fc0/9835/56614205aca4/thumb/165410.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:3600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
53d42d687e2602c5d8ab6a764e48c272dc48648a854cb5fe84ed092efa13dbbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 22:43:42 GMT
via
1.1 8e20810f1edd66323991c4412691bb48.cloudfront.net (CloudFront)
last-modified
Tue, 19 Jun 2018 16:26:01 GMT
server
AmazonS3
age
7040
etag
"785b891d56ad1ca010eebebddd0a2421"
x-cache
Hit from cloudfront
x-amz-version-id
jYIoI7xEACKQWHFhofFDC_62WBDG_V1W
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-type
image/jpeg
content-length
4188
x-amz-cf-id
kJxWssZsB2wvnQ9qmY-DHUIweP7gUuZP3n_QK-BdbRPvI-umphDioQ==
249424.jpg
d16vsmxl4d5tw1.cloudfront.net/79c/48cfd/ce1d/4b83/b1bd/18a351008321/thumb/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/79c/48cfd/ce1d/4b83/b1bd/18a351008321/thumb/249424.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:3600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
62cb548b1f90f78f37186ee658c37d108ff3eba8f19d56668b0fc01fb53e2579

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:19:59 GMT
via
1.1 8e20810f1edd66323991c4412691bb48.cloudfront.net (CloudFront)
last-modified
Sat, 21 Sep 2019 00:39:00 GMT
server
AmazonS3
age
1264
etag
"a8394e34feaccbb59896daad2533b92c"
x-cache
Hit from cloudfront
x-amz-version-id
2eM8QG5NQoTRombpCbz_fUbm_czZcrE9
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-type
image/jpeg
content-length
3624
x-amz-cf-id
DsL_xt2VRpCz4mS8oS3QsrkyPWQDo3SGlyzu44s93xPBREzT2m039w==
fontello-4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316.woff2
d3r6ceqp4shltl.cloudfront.net/assets/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3r6ceqp4shltl.cloudfront.net/assets/fontello-4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316.woff2
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e1:c200:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Jul 2021 00:47:46 GMT
via
1.1 c64455167e397f58d6d4c8de3a78489c.cloudfront.net (CloudFront)
vary
Accept-Encoding,Origin
age
5269996
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000
content-length
17880
last-modified
Thu, 29 Apr 2021 05:41:49 GMT
server
Ask.FM Web Service
etag
"608a471d-45d8"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
https://ask.fm
cache-control
public, max-age=315360000, immutable
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
CDG50-C2
accept-ranges
bytes
x-amz-cf-id
P6xq0zODEUY3r-NOgt6DtmZwKENUfUGVAkTWO7ukMOQoQhLZ2d04Jg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
proximanova-semibold-41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401.woff2
d3r6ceqp4shltl.cloudfront.net/assets/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3r6ceqp4shltl.cloudfront.net/assets/proximanova-semibold-41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401.woff2
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e1:c200:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 00:48:00 GMT
via
1.1 c64455167e397f58d6d4c8de3a78489c.cloudfront.net (CloudFront)
vary
Accept-Encoding,Origin
age
15983581
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000
content-length
25400
last-modified
Wed, 06 Sep 2017 12:36:34 GMT
server
Ask.FM Web Service
etag
"59afebd2-6338"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
https://ask.fm
cache-control
public, max-age=315360000, immutable
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
CDG50-C2
accept-ranges
bytes
x-amz-cf-id
TaDG1JhaNR7ecd41Yv8txxoFq2X65HplWMO9n0xMSqbuw7FIZOUl8A==
expires
Thu, 31 Dec 2037 23:55:55 GMT
proximanovareg-98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f.woff2
d3r6ceqp4shltl.cloudfront.net/assets/ 		51 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3r6ceqp4shltl.cloudfront.net/assets/proximanovareg-98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f.woff2
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e1:c200:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jul 2021 00:02:51 GMT
via
1.1 c64455167e397f58d6d4c8de3a78489c.cloudfront.net (CloudFront)
vary
Accept-Encoding,Origin
age
3717491
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000
content-length
52204
last-modified
Wed, 02 Aug 2017 08:00:22 GMT
server
Ask.FM Web Service
etag
"59818696-cbec"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
https://ask.fm
cache-control
public, max-age=315360000, immutable
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
CDG50-C2
accept-ranges
bytes
x-amz-cf-id
oUasS1e0A9BFnufNn8ja1FzvF_U-11ApR8Uj0_WOAccCDZsykJazLw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
skeleton.gif
static.adsafeprotected.com/ 		43 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.37.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-37-161.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:02 GMT
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
nginx/1.16.1
age
18557168
etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-cache-status
HIT
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
content-length
43
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9391.NM65Bs-3msUgJU-uiXjf7yD_8xZBr2y9KBTeGXYQFNyZZ602rEbjE7yaWrfUdpB6.7U0Ffw1PECbwOUvZYI3ivaKXAgM%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9391.Zo-KRg9SWL_yMuCCJBfiqtCbd7Z8CdybswGRPpnCYBL0b_bMU6x1BJYDQk5KpH5Rh1nf3yM72NIaOowA45wsNg%2C%2C.oA2cVtk4r22REC70R-F1tNB-Mqg%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9391.Zo-KRg9SWL_yMuCCJBfiqtCbd7Z8CdybswGRPpnCYBL0b_bMU6x1BJYDQk5KpH5Rh1nf3yM72NIaOowA45wsNg%2C%2C.oA2cVtk4r22REC70R-F1tNB-Mqg%2C
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:03 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9391.Zo-KRg9SWL_yMuCCJBfiqtCbd7Z8CdybswGRPpnCYBL0b_bMU6x1BJYDQk5KpH5Rh1nf3yM72NIaOowA45wsNg%2C%2C.oA2cVtk4r22REC70R-F1tNB-Mqg%2C
date
Fri, 10 Sep 2021 00:41:03 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:03 GMT
last-modified
Wed, 08 Sep 2021 16:07:49 GMT
etag
"61372b26-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Fri, 10 Sep 2021 01:41:03 GMT
formats.js
ad.lkqd.net/vpaid/ Frame CE53 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:03 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1631234463.cds017.fr8.hn,1631234463.cds289.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
formats.js
ad.lkqd.net/vpaid/ Frame 6116 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:03 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1631234463.cds017.fr8.hn,1631234463.cds289.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
cookie
a.vidoomy.com/api/rtbserver/ Frame 9460
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
  • https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
43 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.22.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-22-228.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

:method
GET
:authority
a.vidoomy.com
:scheme
https
:path
/api/rtbserver/cookie?i=CEN&uid=no-consent
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ask.fm/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

date
Fri, 10 Sep 2021 00:41:03 GMT
content-type
image/gif
content-length
43
content-encoding
none
set-cookie
vidoomy-uids=eyJ1aWRzIjp7IkNFTiI6eyJ1aWQiOiJuby1jb25zZW50IiwiZXhwaXJlcyI6MTYzMzgyNjQ2M319fQ==; Path=/; Domain=vidoomy.com; Expires=Sat, 10 Sep 2022 00:41:03 GMT; Secure; SameSite=None
vary
Origin

Redirect headers

cache-control
max-age=0,no-cache,no-store
pragma
no-cache
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
content-length
0
date
Fri, 10 Sep 2021 00:41:02 GMT
server
AC1.1
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=87665474.071598751445641611.9769384
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=87665474.071598751445641611.9769384
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=vidoomy&ssp_user_id=fdbbf0d3-14c9-4e18-beb2-1f263514daae
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=181398446&expires=5&ssp=vidoomy
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=fdbbf0d3-14c9-4e18-beb2-1f263514daae
43 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=fdbbf0d3-14c9-4e18-beb2-1f263514daae
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.22.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-22-228.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:03 GMT
content-encoding
none
content-length
43
vary
Origin
content-type
image/gif

Redirect headers

location
//a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=fdbbf0d3-14c9-4e18-beb2-1f263514daae
date
Fri, 10 Sep 2021 00:41:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://sync.1rx.io/usersync2/vidoomy?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4250804550
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4250804550
  • https://sync.1rx.io/usersync/tradedesk/be919faa-1a75-4dee-97fe-3f0e168429c9
  • https://sync.targeting.unrulymedia.com/csync/RX-b002ce4b-af79-4b56-b8be-e8737ddf4673-003?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3DRX-b002ce4b-af79-4b56-b8be-e87...
  • https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=RX-b002ce4b-af79-4b56-b8be-e8737ddf4673-003
43 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=RX-b002ce4b-af79-4b56-b8be-e8737ddf4673-003
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.22.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-22-228.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:03 GMT
content-encoding
none
content-length
43
vary
Origin
content-type
image/gif

Redirect headers

location
https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=RX-b002ce4b-af79-4b56-b8be-e8737ddf4673-003
date
Fri, 10 Sep 2021 00:41:03 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXb002ce4baf794b56b8bee8737ddf4673003
content-type
text/html
auto-user-sync
ads.stickyadstv.com/ 		43 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/auto-user-sync
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.40.113.157 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-113-157.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:03 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1631234463056011-402
Expires
Fri, 10 Sep 2021 00:41:03 GMT
usync.html
ad.lkqd.net/cookie-sync/ Frame 02A7 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 10 Sep 2021 00:41:03 GMT
content-encoding
gzip
content-length
1868
content-type
text/html
last-modified
Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges
bytes
etag
"81f08e6987a7c8675462207e3514d72e"
cache-control
public, max-age=1209600
x-hw
1631234463.cds017.fr8.hn,1631234463.cds226.fr8.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame CE53 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fspadebook33&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=5283213&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.184 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
eec78f13dd2101917e704385c6e70a7482c7d70244e2ed4198d5d066cb054851

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:03 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1355
usync.html
ad.lkqd.net/cookie-sync/ Frame 2A3D 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 10 Sep 2021 00:41:03 GMT
content-encoding
gzip
content-length
1868
content-type
text/html
last-modified
Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges
bytes
etag
"81f08e6987a7c8675462207e3514d72e"
cache-control
public, max-age=1209600
x-hw
1631234463.cds017.fr8.hn,1631234463.cds226.fr8.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 6116 		180 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148643&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fspadebook33&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=62000795&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.184 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:03 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
150
cs
cs.lkqd.net/ Frame 02A7 		43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:03 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 02A7 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:03 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 02A7 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:03 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 02A7 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:03 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 02A7
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8632571902530157938
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8632571902530157938
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:03 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8632571902530157938
pragma
no-cache
date
Fri, 10 Sep 2021 00:41:02 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame 2A3D 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:03 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 2A3D 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:03 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 2A3D 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:03 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 2A3D 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:03 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 2A3D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8416399120416374130
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8416399120416374130
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:03 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8416399120416374130
pragma
no-cache
date
Fri, 10 Sep 2021 00:41:02 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
1
mc.yandex.com/watch/48953915/
Redirect Chain
  • https://mc.yandex.com/watch/48953915?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fspadebook33&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A785%3Afu%3A0%3Aen%3Autf-8%3Al...
  • https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fspadebook33&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A785%3Afu%3A0%3Aen%3Autf-8%3...
383 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fspadebook33&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A785%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A420019176269%3Ahid%3A511849672%3Az%3A0%3Ai%3A202109010004102%3Aet%3A1631234463%3Ac%3A1%3Arn%3A376985905%3Arqn%3A1%3Au%3A1631234463427757091%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1631234461948%3Ads%3A20%2C296%2C151%2C1%2C0%2C0%2C%2C179%2C4%2C%2C%2C%2C731%3Adsn%3A20%2C295%2C152%2C1%2C0%2C0%2C%2C262%2C4%2C%2C%2C%2C731%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1631234463%3At%3AAccount%20Suspended%20-%20Ask.fm
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
f74eb001c8d539b13ad1ea7b5377fcbb80192d1dd0321657375dbb333c977408
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:03 GMT
x-content-type-options
nosniff
last-modified
Fri, 10-Sep-2021 00:41:03 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
383
x-xss-protection
1; mode=block
expires
Fri, 10-Sep-2021 00:41:03 GMT

Redirect headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:03 GMT
last-modified
Fri, 10-Sep-2021 00:41:03 GMT
location
/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fspadebook33&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A785%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A420019176269%3Ahid%3A511849672%3Az%3A0%3Ai%3A202109010004102%3Aet%3A1631234463%3Ac%3A1%3Arn%3A376985905%3Arqn%3A1%3Au%3A1631234463427757091%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1631234461948%3Ads%3A20%2C296%2C151%2C1%2C0%2C0%2C%2C179%2C4%2C%2C%2C%2C731%3Adsn%3A20%2C295%2C152%2C1%2C0%2C0%2C%2C262%2C4%2C%2C%2C%2C731%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1631234463%3At%3AAccount%20Suspended%20-%20Ask.fm
strict-transport-security
max-age=31536000
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Fri, 10-Sep-2021 00:41:03 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 00:41:03 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame 13EE 		0
0
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 00:41:03 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame 3355 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 00:41:03 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid.js
ad.lkqd.net/vpaid/ Frame A43B 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:03 GMT
content-encoding
gzip
last-modified
Mon, 10 May 2021 16:09:54 GMT
etag
"18431b5d583ab7507824ab63424fc76a"
x-hw
1631234463.cds017.fr8.hn,1631234463.cds107.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62012
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e7b929f46fddf638bb3adbc002956675d5f00f3f2726e2cc3722444d51a19fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
GDYnbHz0VF14Rj3kLoRY5Q==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1686
x-fb-rlafr
0
x-fb-debug
RfGK3joJoenpwyRwGfUai+yiHW64yll9eD7Pkv5g20hFbGhXCaD8/aevFa3u5CWqorATkH+LmuSUK4ld+lja2w==
x-fb-trip-id
2050670934
x-fb-content-md5
22fab70647af38754c95e4bbe48892c1
x-frame-options
DENY
date
Fri, 10 Sep 2021 00:41:03 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"7df9df8b0a485ec7b7d6b5e2e049f1bd"
timing-allow-origin
*
expires
Fri, 10 Sep 2021 01:00:11 GMT
gtm.js
www.googletagmanager.com/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NDJVZHZ
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:81a::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
60068a3e0907fab4470c9fe988f9a78709119c390304135a667be98fd4633464
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:03 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36531
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 10 Sep 2021 00:41:03 GMT
3eb3366e-65c3-4a24-90f5-0026136a4131.min.js
cmp.optad360.io/items/ 		2 B
361 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.optad360.io/items/3eb3366e-65c3-4a24-90f5-0026136a4131.min.js
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:219c:fc00:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:08:25 GMT
via
1.1 95a1a2515bcfe82199fde4e864c4e6f1.cloudfront.net (CloudFront)
last-modified
Wed, 28 Apr 2021 09:49:58 GMT
server
AmazonS3
age
1960
etag
"99914b932bd37a50b983c5e7c90ae93b"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
CDG3-C2
accept-ranges
bytes
content-length
2
x-amz-cf-id
QAiGzaFtkXdYvkBQd0jH657O6ZDX73qha0DKXkulOarUWxcxNUZrQA==
plugin.min.js
get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/ 		275 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2113:da00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f241f634c67fb384bc28e2ad5bd96f4879ff34bc1e8865bb6f2393125c5ef70f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:00:33 GMT
content-encoding
gzip
last-modified
Wed, 25 Aug 2021 16:12:10 GMT
server
AmazonS3
age
2431
etag
W/"f218ca27c0278f5ff55a841b20817a44"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9d2c93ece5a5ccb2b5952a40f7502a04.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
CDG3-C1
x-amz-cf-id
dCumtquGHP4KWhCx1oEcL5UnDTc_PYduMJoX_oIwsCbbeoUuoo5loA==
html.js
viadata.store/slider/ 		8 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://viadata.store/slider/html.js?sid=102415
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.211.20 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
13d8ecf1aacb252e42e56c88686dc72abf67f4cad939814df512e5190bc8512c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:03 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
server
nginx/1.19.5
content-encoding
br
vary
Accept-Encoding
content-type
application/javascript
v2whcc2nX0pKH_s3B3u_wx0iqTME-a9BS9ZYL887F2Ay03RU0FAo2nlLxy-UkiuTao_FI4T65Yih1IG_5yw
colossalcoat.com/ 		216 B
607 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://colossalcoat.com/v2whcc2nX0pKH_s3B3u_wx0iqTME-a9BS9ZYL887F2Ay03RU0FAo2nlLxy-UkiuTao_FI4T65Yih1IG_5yw
Requested by
Host: colossalcoat.com
URL: https://colossalcoat.com/v2doydDDr7mj6NrgHnAK5ak-qxBmJSRZTUAYuHM-2FpCgUsDt2NNH9aFlN0Jtm2lc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
133.96.201.35.bc.googleusercontent.com
Software
/
Resource Hash
13c8ca362a71bc10a20c6272ffacaa1143e7ee6367647a0bd6998c583e7b96a7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Fri, 10 Sep 2021 00:41:03 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
c984a0b3
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
216
expires
Fri, 10 Sep 2021 00:41:02 GMT
usync.html
ad.lkqd.net/cookie-sync/ Frame 501C 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 10 Sep 2021 00:41:03 GMT
content-encoding
gzip
content-length
1868
content-type
text/html
last-modified
Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges
bytes
etag
"81f08e6987a7c8675462207e3514d72e"
cache-control
public, max-age=1209600
x-hw
1631234463.cds017.fr8.hn,1631234463.cds226.fr8.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame A43B 		64 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fspadebook33&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=5283213&m=&rtv=1&thost=ask.fm
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.184 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
4f690afa12a3d3a49c9a66dd294323218f74ccde4151fb2392f4a89e2432a29f

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 10 Sep 2021 00:41:03 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
4556
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fspadebook33&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=5283213&m=&rtv=1&thost=ask.fm
Protocol
H2
Server
146.20.132.184 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 00:41:03 GMT
content-length
0
access-control-allow-origin
https://ask.fm
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
cs
cs.lkqd.net/ Frame 501C 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:03 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 501C 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:03 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 501C 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:03 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 501C 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:03 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 501C
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8632571902530157938
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8632571902530157938
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:03 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8632571902530157938
pragma
no-cache
date
Fri, 10 Sep 2021 00:41:02 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
v2gcs5o6Y2LiakbkGhCB1N83--n1YzTQ5gCtWpgJJ3WIjO9CFRzNkirS8hfmEr9ocpGu7LeHtQ-zK3h35eA
colossalcoat.com/ 		3 B
36 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://colossalcoat.com/v2gcs5o6Y2LiakbkGhCB1N83--n1YzTQ5gCtWpgJJ3WIjO9CFRzNkirS8hfmEr9ocpGu7LeHtQ-zK3h35eA
Requested by
Host: colossalcoat.com
URL: https://colossalcoat.com/v2doydDDr7mj6NrgHnAK5ak-qxBmJSRZTUAYuHM-2FpCgUsDt2NNH9aFlN0Jtm2lc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
133.96.201.35.bc.googleusercontent.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Fri, 10 Sep 2021 00:41:03 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
access-control-allow-credentials
true
x-hostname
c984a0b3
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
3
sdk.js
connect.facebook.net/en_US/ 		222 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=a737d93be48089c8cf90293662eef6e0
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ef373639b1a3dac8d655588f454c17291e5883579a99b35190204864f4f0189c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
s5LmdvY4QK2TBHxBTJCPiw==
cross-origin-resource-policy
cross-origin
expires
Sat, 10 Sep 2022 00:07:25 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
66825
x-fb-rlafr
0
x-fb-debug
6U/hEEvFvFZNGejz9zbpSHIKs5pu1aDmTEGIx2BiH2adOVsK4DYR6x+SY//TpVK9hkBzkl8eG1pHt8+TutmhLA==
x-fb-trip-id
686109401
x-fb-content-md5
65ad7a8b0f5daabd6e43e464fc203986
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 10 Sep 2021 00:41:03 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"a500d142530429f40523c3c432c40d41"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDJVZHZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:80f::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
1410
date
Fri, 10 Sep 2021 00:17:33 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Fri, 10 Sep 2021 02:17:33 GMT
/
www.facebook.com/tr/ 		44 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=129215213762342&ev=fb_page_view&dl=https%3A%2F%2Fask.fm%2Fspadebook33&rl=&if=false&ts=1631234463625&sw=1600&sh=1200&at=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:03 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 10 Sep 2021 00:41:03 GMT
t
t.lkqd.net/ Frame E483 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 00:41:03 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 00:41:03 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
collect
www.google-analytics.com/j/ 		2 B
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1453788442&t=pageview&_s=1&dl=https%3A%2F%2Fask.fm%2Fspadebook33&ul=en-us&de=UTF-8&dt=Account%20Suspended%20-%20Ask.fm&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1200684381&gjid=132829486&cid=1785975214.1631234464&tid=UA-12308109-15&_gid=837632158.1631234464&_r=1&gtm=2wg910NDJVZHZ&z=767612911
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:80f::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-12308109-15&cid=1785975214.1631234464&jid=1200684381&gjid=132829486&_gid=837632158.1631234464&_u=YEBAAEAAAAAAAC~&z=1906759779
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 10 Sep 2021 00:41:03 GMT
content-type
text/plain
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid4.39.0.js
get.optad360.io/sf/ 		492 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/prebid4.39.0.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2113:da00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
86a90b183aecfa70018125329bdc860971b2f20123c0f40e68bac0a1dcb58645

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 00:55:25 GMT
content-encoding
gzip
last-modified
Thu, 13 May 2021 10:44:35 GMT
server
AmazonS3
age
6306339
etag
W/"e020700f5effdce1f4be56434553da72"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9d2c93ece5a5ccb2b5952a40f7502a04.cloudfront.net (CloudFront)
cache-control
public, max-age=360000000
x-amz-cf-pop
CDG3-C1
x-amz-cf-id
-WlmxIBSlFHsgoGE1HgPW89HvXp4UF6zH-KLOssTfIFdhb_NcJ0TpA==
/
adx.adform.net/adx/ 		65 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fask.fm%2Fspadebook33
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:04 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fask.fm%2Fspadebook33&cb=1508583271&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C1771083074143345888660584968,,
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fask.fm%2Fspadebook33&cb=1508583271&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C1771083074143345888660584968,,
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjJjYmJlZjItYjRlOS02ZDM2LTU2MWEtZDc5MGZlOTFkZDZj
0
0
218945
search.spotxchange.com/vast/2.0/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=https%3A%2F%2Fask.fm%2Fspadebook33&cb=442198985&player_width=400&player_height=225&regs[gdpr]=&user[consent]=&device[geo][lat]=&device[geo][lon]=&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C1771083074143345888207423468%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:04 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000263
X-SpotX-Timing-SpotMarket
0.009114
X-SpotX-Timing-Page-Mux
0.000851
X-SpotX-Timing-Page-Require
0.000293
X-fe
023
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000027
Content-Length
77
X-SpotX-Timing-Page
0.013294
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000290
Last-Modified
Fri, 10 Sep 2021 00:41:04 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.009114
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://ask.fm
X-SpotX-Timing-Page-Misc
0.002446
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000010
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
adx.adform.net/adx/ 		65 B
643 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&url=https%3A%2F%2Fask.fm%2Fspadebook33&t=2
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:04 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=
ads.adaptv.advertising.com/a/h/ 		249 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1543302188&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.69.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-69-184.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=
ads.adaptv.advertising.com/a/h/ 		249 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=780480543&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.69.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-69-184.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=
ads.adaptv.advertising.com/a/h/ 		249 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=991456658&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov&pi.width=400&pi.height=225&pi.viewable=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.69.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-69-184.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
vadtag.html
vpaid.pubmatic.com/ads/video/ 		990 B
861 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fspadebook33&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C20268939301771083074143345888%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.149.47 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-149-47.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c021026b21c068ec735ea2490b26866537cb0203fc5b031998d08e47fb94f203

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:04 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5b82218517c94"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
610
expires
Fri, 10 Sep 2021 00:41:04 GMT
hls.js
cdn.viadata.store/static/js/ 		235 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viadata.store/static/js/hls.js
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.111.115.92 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
edb48f47d769a51a21230739ab84880f5d7b12367a72f636e33cb178b0b3d746

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:04 GMT
content-encoding
gzip
last-modified
Tue, 12 Jan 2021 14:39:05 GMT
server
nginx/1.17.6
etag
W/"5ffdb489-3ab3e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
code.js
viadata.store/tag/ 		30 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://viadata.store/tag/code.js
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.211.20 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
94aedf74ee9c2f40bc8d5b8e9dd891946d0f843b7cfbd6d86f6343067ecd9528

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:03 GMT
cache-control
public
content-type
application/javascript
server
nginx/1.19.5
content-encoding
br
vary
Accept-Encoding
expires
Sat, 11 Sep 2021 00:41:03 GMT
site
logs.viadata.store/req/ 		43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logs.viadata.store/req/site?sid=102415&cid=0&uid=c2acdbca-6d63-4dcc-bef8-e53f751fb959&event=playerLoaded&cb=1631234463947
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:04 GMT
x-content-type-options
nosniff
last-modified
Fri, 10 Sep 2021 00:41:04 GMT
server
nginx
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1&lsw=1
Protocol
H2
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://ask.fm
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1368
date
Fri, 10 Sep 2021 00:41:03 GMT
content-encoding
gzip
vary
Accept-Encoding
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210910
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f217209876e61d74a3304e84b36ac1fe67d5c617bb325bc97f3979c883eb4d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
33244
x-jsd-version
1.0.1095
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
952
etag
W/"6a2-ksr0kWxxQtAsEj12/+/ZDGZX6uc"
x-served-by
cache-fra19128-FRA, cache-mxp6958-MXP
x-jsd-version-type
version
date
Fri, 10 Sep 2021 00:41:04 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
localstore.js
script.4dex.io/ 		483 B
710 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fa1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:04 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 09 Sep 2021 12:35:55 GMT
server
cloudflare
age
43490
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
68c49bc83fca0d6b-VIE
x-amz-request-id
TD3DS9YZ8440AKDY
x-amz-id-2
M2Q7mY6rdpzXw/sL0fa+n0BFIJ9kCQCZ5Pu3Nfv1fXbLplIOJnLEBWCmKKKxSvug0l8dkcZHDP0=
expires
Fri, 10 Sep 2021 01:11:04 GMT
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=_Ehe8HxPa2tkbXJsR3pKTnNjNUlvY2h2SG94d2hLV1REUitMWGsrUGZnTW1scGRuOXYrbXg1VUsrblFzYnVwNDlqc2lpY0pyREVJeDI5WU80WlgwcW9YbHJwdGJIZFVaWkpndlcwaWZtLy93dU9LYUttNlJjTWd5SUJBUm...
315 B
585 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=_Ehe8HxPa2tkbXJsR3pKTnNjNUlvY2h2SG94d2hLV1REUitMWGsrUGZnTW1scGRuOXYrbXg1VUsrblFzYnVwNDlqc2lpY0pyREVJeDI5WU80WlgwcW9YbHJwdGJIZFVaWkpndlcwaWZtLy93dU9LYUttNlJjTWd5SUJBUmc1dUxqMUtacEdSR0lLR1NaQzI4dHNLemI0VFRLWXRyakJnNmgzTXdHVXBaOG9LUWM4MmR5V0dFSXJUU1JubG9pQUo3dUdlVU9YVGdLMjlhWWNyd3R3ZTR2WVpRc21OMVc1b01sMzdXelUyRXlqVHFoUjdVPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
dec65ae20813f5625ebf8ea27d5d111bc467dfe026382180f3c71e373bfad0b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Fri, 10 Sep 2021 00:41:03 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2128
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 10 Sep 2021 00:41:03 GMT
location
https://mug.criteo.com/sid?cpp=_Ehe8HxPa2tkbXJsR3pKTnNjNUlvY2h2SG94d2hLV1REUitMWGsrUGZnTW1scGRuOXYrbXg1VUsrblFzYnVwNDlqc2lpY0pyREVJeDI5WU80WlgwcW9YbHJwdGJIZFVaWkpndlcwaWZtLy93dU9LYUttNlJjTWd5SUJBUmc1dUxqMUtacEdSR0lLR1NaQzI4dHNLemI0VFRLWXRyakJnNmgzTXdHVXBaOG9LUWM4MmR5V0dFSXJUU1JubG9pQUo3dUdlVU9YVGdLMjlhWWNyd3R3ZTR2WVpRc21OMVc1b01sMzdXelUyRXlqVHFoUjdVPXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4185
content-length
482
expires
0
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
27775f7a06cebb0e5a8e6e3ea7d38b28b6387605145af0dc1ace0a96493fd5a7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:04 GMT
X-Proxy-Origin
194.36.108.19; 194.36.108.19; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
836c46be-2c4b-48cb-ae58-4ed5625602b6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v2
i.connectad.io/api/ 		0
0
v1
prg.smartadserver.com/prebid/ 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
215e2b4701a87a55009174d5c4ef468509d3a8031ea80c161444e2a80b5e5ba0

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:03 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
6%3b18%3b75
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://ask.fm
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
c
prebid.a-mo.net/a/ 		861 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
9ce3c4d55c55b23a838e9f252ab8adc47c3dcfdd10564d72b21022be10449978

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 10 Sep 2021 00:41:04 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
132
content-length
355
prebid
ib.adnxs.com/ut/v3/ 		11 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
d70fab24817458d426ab9788b936599f7dbbd26a550c45f6e97a8179554742cf
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 10 Sep 2021 00:41:04 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
194.36.108.19; 194.36.108.19; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ce2df028-5eaf-4552-9fc7-2894e9f03fe8
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
apacdex
useast.quantumdex.io/auction/ 		0
0
cygnus
htlb.casalemedia.com/ 		25 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=425272&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2213a97be2f0df474%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fask.fm%2Fspadebook33%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.39.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A2%2C%22msi%22%3A2%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221422c915ba0f85b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221422c915ba0f85b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22750x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A750%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221422c915ba0f85b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.120.60.249 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-120-60-249.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3abbe3ba6aa549ad35dacfab1732c3ec1c662909a6d6449e7e965db74ac4cce2

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:04 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[194.36.108.19], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ask.fm
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Fri, 10 Sep 2021 00:41:04 GMT
prebid-request
onetag-sys.com/ 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://ask.fm
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
/
adx.adform.net/adx/ 		5 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTg2NTI1MyZ0cmFuc2FjdGlvbklkPTQzMjEyMGM1LTE4NjQtNGMwMi04Yzg3LTFjMjM1NDVhZTNkYSZyY3VyPVBMTg%3D%3D&pt=gross&stid=2509bb20-592b-4f5c-9e3e-25d1281483c6&gdpr=0&gdpr_consent=undefined&fd=1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:04 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
210830.js
cdn.viadata.store/js/player/ Frame 57AE 		180 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viadata.store/js/player/210830.js
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.111.115.92 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
a8d9b7d4230d33c693d11ebca3f0a5caaa527ba7718cf6fc761dd14b595bb84c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:04 GMT
content-encoding
gzip
last-modified
Fri, 03 Sep 2021 13:15:02 GMT
server
nginx/1.17.6
etag
W/"61321fd6-2cf94"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
adagio.js
script.4dex.io/ 		71 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fa1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d13b828524033b9a73c68df3bf063d050d264b970d6292f5a177f885a27e6792

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:04 GMT
content-encoding
gzip
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
age
43439
x-amz-request-id
4EJZWQSPYJN0KPZG
x-amz-id-2
YC9klwmqqfwQDVFSMHtow4Ja5sHZlojW2QWsGiGTWvJc04JtRiK3mdot7Og40EhxdWPEzb01nLQ=
last-modified
Thu, 09 Sep 2021 12:35:54 GMT
server
cloudflare
etag
W/"80a6d470c029b1acfca7d8abeb00b240"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
cf-ray
68c49bc89e930f9a-VIE
expires
Fri, 10 Sep 2021 01:11:04 GMT
av
vidoomy-d.openx.net/v/1.0/
Redirect Chain
  • https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fask.fm%2Fspadebook33&cb=1508583271&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C1771083074143345888660584968,,
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fask.fm%2Fspadebook33&cb=1508583271&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C1771083074143345888660584968,,
48 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fask.fm%2Fspadebook33&cb=1508583271&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C1771083074143345888660584968,,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.215.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:04 GMT
content-encoding
gzip
server
OXGW/16.215.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ask.fm
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Fri, 10 Sep 2021 00:41:04 GMT
via
1.1 google
server
OXGW/16.215.0
location
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fask.fm%2Fspadebook33&cb=1508583271&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C1771083074143345888660584968,,
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ask.fm
access-control-allow-credentials
true
alt-svc
clear
content-length
0
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=_Ehe8HxPa2tkbXJsR3pKTnNjNUlvY2h2SG94d2hLV1REUitMWGsrUGZnTW1scGRuOXYrbXg1VUsrblFzYnVwNDlqc2lpY0pyREVJeDI5WU80WlgwcW9YbHJwdGJIZFVaWkpndlcwaWZtLy93dU9LYUttNlJjTWd5SUJBUmc1dUxqMUtacEdSR0lLR1NaQzI4dHNLemI0VFRLWXRyakJnNmgzTXdHVXBaOG9LUWM4MmR5V0dFSXJUU1JubG9pQUo3dUdlVU9YVGdLMjlhWWNyd3R3ZTR2WVpRc21OMVc1b01sMzdXelUyRXlqVHFoUjdVPXw&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1977
date
Fri, 10 Sep 2021 00:41:03 GMT
content-encoding
gzip
vary
Accept-Encoding
promo.m3u8
cdn.viadata.store/media/ 		413 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.viadata.store/media/promo.m3u8
Requested by
Host: cdn.viadata.store
URL: https://cdn.viadata.store/static/js/hls.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.111.115.92 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
78311911d14b21b090d929eaf97df372e3bf1c3d94109a39d017acb54e478265

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:04 GMT
last-modified
Wed, 13 Jan 2021 10:13:55 GMT
server
nginx/1.17.6
etag
"5ffec7e3-19d"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
413
truncated
/ 		331 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		740 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		384 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		782 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		395 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		449 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		480 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		371 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f32ab7d466ee99b7e292e7b830b4c2ae03c2f959a0555264a01ceb892a15392

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
756b9209561d2a2a4a54f2198bf8e6ebd9b8982452f3a7607026acc259211c81

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
viads-player-logo-50.png
cdn.viadata.store/static/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.viadata.store/static/viads-player-logo-50.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.111.115.92 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
c3f11ffbaaba9768b1b5b86613b1dfe237de5257be4ac0a8d477ec497e38a20c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:04 GMT
last-modified
Wed, 26 Feb 2020 10:23:58 GMT
server
nginx/1.17.6
etag
"5e56473e-26d1"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
9937
/
pl.viadata.store/export/102415/ Frame 57AE 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pl.viadata.store/export/102415/?secured=1&language=en&page_url=https%3A%2F%2Fask.fm%2Fspadebook33&pub_sid=102415&pub_sub=0&format=json&tgt=0&VIA_SUBID=&VIA_ABT=&pce=1&npx=1&VIA_DNT=0&page_domain=ask.fm&trackdomain=logs.viadata.store&VIA_DADPOS=3&avtoken=464332&VIA_WIDTH=432&VIA_HEIGHT=243&imp=false&rc=1&cb=1631234464375
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.119.12 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
9e4cf8184a53a511f692ffa16b3907b732abbc7aebe73ea0cf5bb6011595a546

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:04 GMT
content-encoding
br
server
nginx/1.19.5
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
access-control-allow-credentials
true
access-control-allow-headers
sentry-trace
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 00:41:04 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame E483 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 00:41:04 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame BE33 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fspadebook33&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C20268939301771083074143345888%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.149.47 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-149-47.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:04 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
truncated
/ 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
showad.js
ads.pubmatic.com/AdServer/js/ Frame 1452 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fspadebook33&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C20268939301771083074143345888%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.149.47 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-149-47.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=119653
expires
Sat, 11 Sep 2021 09:55:17 GMT
date
Fri, 10 Sep 2021 00:41:04 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame BE33 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fspadebook33&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C20268939301771083074143345888%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.149.47 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-149-47.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:04 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:07:52 GMT
server
Apache/2.2.15 (CentOS)
etag
"13006b6-974e-5c4c7cb53d8cb"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=119653
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13946
expires
Sat, 11 Sep 2021 09:55:17 GMT
t
t.lkqd.net/ Frame E483 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 00:41:04 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 00:41:04 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
PugMaster
image6.pubmatic.com/AdServer/ Frame 1452 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=86965808&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e83c114ccaf1c9f0870c4932e61054bdc28779e912a91923bbcb6cb70112910e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:04 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame 660D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=99B50716-645B-4619-885E-FF6900806EF8
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=99B50716-645B-4619-885E-FF6900806EF8
35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=99B50716-645B-4619-885E-FF6900806EF8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?CC=1&party=14&cid=99B50716-645B-4619-885E-FF6900806EF8
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 10 Sep 2021 00:41:04 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=848437375888688714; expires=Tue, 09 Nov 2021 00:41:04 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Fri, 10 Sep 2021 00:41:04 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=99B50716-645B-4619-885E-FF6900806EF8
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
C=1; expires=Sun, 10 Oct 2021 00:41:04 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame F54D
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9109962894328357128
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9109962894328357128
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9109962894328357128
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=99B50716-645B-4619-885E-FF6900806EF8; chkChromeAb67Sec=1; DPSync3=1632441600%3A201_197_219%7C1631318400%3A174; SyncRTB3=1632441600%3A234_204_189_231_56_99_176_21_3_8_55_165_88_7_81_230_161_22_166_220_71_222_13_54%7C1632528000%3A35%7C1632096000%3A63%7C1633824000%3A203%7C1631836800%3A223_15_2; KRTBCOOKIE_57=22776-8753280251054543738; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESENTIr-0_0qIBssK1GrxVwuA&KRTB&16514-CAESENTIr-0_0qIBssK1GrxVwuA&KRTB&23025-CAESENTIr-0_0qIBssK1GrxVwuA; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_409=22966-mP6c8yWZTjRovg8LPKj3XdLp; KRTBCOOKIE_153=19420-wWHgSZZpshjaMeMdlmT-GZVl4UzaMuUYxGcZA9CR&KRTB&22979-wWHgSZZpshjaMeMdlmT-GZVl4UzaMuUYxGcZA9CR; KRTBCOOKIE_1101=23040-7006098674996082839; PugT=1631234464; KRTBCOOKIE_22=14911-8632571902530157938; KRTBCOOKIE_377=6810-be919faa-1a75-4dee-97fe-3f0e168429c9&KRTB&22918-be919faa-1a75-4dee-97fe-3f0e168429c9&KRTB&23031-be919faa-1a75-4dee-97fe-3f0e168429c9; KRTBCOOKIE_27=16735-uid:ec47613a-a9a0-4400-88c3-4f3971a0b5d2&KRTB&16736-uid:ec47613a-a9a0-4400-88c3-4f3971a0b5d2&KRTB&23019-uid:ec47613a-a9a0-4400-88c3-4f3971a0b5d2&KRTB&23114-uid:ec47613a-a9a0-4400-88c3-4f3971a0b5d2; SPugT=1631234463; KRTBCOOKIE_391=22924-5802539667209419446&KRTB&23263-5802539667209419446
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 10 Sep 2021 00:41:03 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-9109962894328357128; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 10-Oct-2021 00:41:03 GMT; path=/ PugT=1631234463; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 10-Oct-2021 00:41:03 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 09-Dec-2021 00:41:03 GMT; path=/
x-lat
amspug018:0:394
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9109962894328357128
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame B4CC 		43 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 10 Sep 2021 00:41:03 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Fri, 10 Sep 2021 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
548856
Pug
simage2.pubmatic.com/AdServer/ Frame 8AE5
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7006098674996082839
42 B
384 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7006098674996082839
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7006098674996082839
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=99B50716-645B-4619-885E-FF6900806EF8; chkChromeAb67Sec=1; DPSync3=1632441600%3A201_197_219%7C1631318400%3A174; SyncRTB3=1632441600%3A234_204_189_231_56_99_176_21_3_8_55_165_88_7_81_230_161_22_166_220_71_222_13_54%7C1632528000%3A35%7C1632096000%3A63%7C1633824000%3A203%7C1631836800%3A223_15_2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 10 Sep 2021 00:41:04 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_1101=23040-7006098674996082839; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 10-Oct-2021 00:41:04 GMT; path=/ PugT=1631234464; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 10-Oct-2021 00:41:04 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 09-Dec-2021 00:41:04 GMT; path=/
x-lat
lhrpug009:0:389
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Fri, 10 Sep 2021 00:41:04 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=7006098674996082839; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7006098674996082839
redir
rtb-csync.smartadserver.com/ Frame FD83
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCdE4wN0NkVk1BQUJSRXpMbXE4QQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABtN07CdVMAABREzLmq8A&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AABtN07CdVMAABREzLmq8A&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABtN07CdVMAABREzLmq8A&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_part...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABtN07CdVMAABREzLmq8A&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.142 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Host
rtb-csync.smartadserver.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Cookie
pbw=%24b%3d16890%3b%24o%3d11100; vs=259837=4570601; TestIfCookie=ok; TestIfCookieP=ok; sasd2=q=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D60311%3B%24qt%3D25_1045_42811t%3B%24dma%3D0&c=1&l=1881784456&lo=-721590141&lt=637668384640425470&o=1; sasd=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D60311%3B%24qt%3D25_1045_42811t%3B%24dma%3D0; Trk0=Value=1438277&Creation=10%2f09%2f2021+02%3a41%3a05
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 10 Sep 2021 00:41:05 GMT
content-type
image/gif
transfer-encoding
chunked

Redirect headers

Date
Fri, 10 Sep 2021 00:41:05 GMT
location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABtN07CdVMAABREzLmq8A&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 7E82
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=99B50716-645B-4619-885E-FF6900806EF8; chkChromeAb67Sec=1; DPSync3=1632441600%3A201_197_219%7C1631318400%3A174; SyncRTB3=1632441600%3A234_204_189_231_56_99_176_21_3_8_55_165_88_7_81_230_161_22_166_220_71_222_13_54%7C1632528000%3A35%7C1632096000%3A63%7C1633824000%3A203%7C1631836800%3A223_15_2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 10 Sep 2021 00:41:04 GMT
content-type
text/html; charset=utf-8
x-lat
lhrpug011:2:267
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

set-cookie
viewer_token=edb43742-023c-4069-b7b1-845d0fcbff28; path=/; domain=csync.loopme.me; Expires=Sun, 10-Oct-2021 00:41:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length
0
date
Fri, 10 Sep 2021 00:41:04 GMT
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame 49D9
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-b002ce4b-af79-4b56-b8be-e8737ddf4673-003&rndcb=2398106540
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=adconductor
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=1871597498117090967&expires=30&ssp=adconductor
  • https://sync.1rx.io/usersync/bidswitch/fdbbf0d3-14c9-4e18-beb2-1f263514daae?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-b002ce4b-af79-4b56-b8be-e8737ddf4673-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b002ce4b-af79-4b56-b8be-e8737ddf4673-003
42 B
271 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b002ce4b-af79-4b56-b8be-e8737ddf4673-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b002ce4b-af79-4b56-b8be-e8737ddf4673-003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=99B50716-645B-4619-885E-FF6900806EF8; chkChromeAb67Sec=1; DPSync3=1632441600%3A201_197_219%7C1631318400%3A174; SyncRTB3=1632441600%3A234_204_189_231_56_99_176_21_3_8_55_165_88_7_81_230_161_22_166_220_71_222_13_54%7C1632528000%3A35%7C1632096000%3A63%7C1633824000%3A203%7C1631836800%3A223_15_2; KRTBCOOKIE_57=22776-8753280251054543738; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESENTIr-0_0qIBssK1GrxVwuA&KRTB&16514-CAESENTIr-0_0qIBssK1GrxVwuA&KRTB&23025-CAESENTIr-0_0qIBssK1GrxVwuA; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_409=22966-mP6c8yWZTjRovg8LPKj3XdLp; KRTBCOOKIE_153=19420-wWHgSZZpshjaMeMdlmT-GZVl4UzaMuUYxGcZA9CR&KRTB&22979-wWHgSZZpshjaMeMdlmT-GZVl4UzaMuUYxGcZA9CR; KRTBCOOKIE_1101=23040-7006098674996082839; PugT=1631234464; KRTBCOOKIE_22=14911-8632571902530157938; KRTBCOOKIE_377=6810-be919faa-1a75-4dee-97fe-3f0e168429c9&KRTB&22918-be919faa-1a75-4dee-97fe-3f0e168429c9&KRTB&23031-be919faa-1a75-4dee-97fe-3f0e168429c9; KRTBCOOKIE_27=16735-uid:ec47613a-a9a0-4400-88c3-4f3971a0b5d2&KRTB&16736-uid:ec47613a-a9a0-4400-88c3-4f3971a0b5d2&KRTB&23019-uid:ec47613a-a9a0-4400-88c3-4f3971a0b5d2&KRTB&23114-uid:ec47613a-a9a0-4400-88c3-4f3971a0b5d2; SPugT=1631234463; KRTBCOOKIE_391=22924-5802539667209419446&KRTB&23263-5802539667209419446
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 10 Sep 2021 00:41:04 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_594=17105-RX-b002ce4b-af79-4b56-b8be-e8737ddf4673-003&KRTB&17107-RX-b002ce4b-af79-4b56-b8be-e8737ddf4673-003; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 09-Dec-2021 00:41:04 GMT; path=/ PugT=1631234464; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 10-Oct-2021 00:41:04 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 09-Dec-2021 00:41:04 GMT; path=/
x-lat
lhrpug005:0:479
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Fri, 10 Sep 2021 00:41:04 GMT
content-type
text/html
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-b002ce4b-af79-4b56-b8be-e8737ddf4673-003%22%7D; path=/; expires=Sat, 10 Sep 2022 00:41:04 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b002ce4b-af79-4b56-b8be-e8737ddf4673-003
etag
RXb002ce4baf794b56b8bee8737ddf4673003
bridge
cm.adgrx.com/ Frame DCAA 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.180.197 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Date
Fri, 10 Sep 2021 00:41:04 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-1
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Pug
image2.pubmatic.com/AdServer/ Frame 5107
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=mP6c8yWZTjRovg8LPKj3XdLp
42 B
216 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=mP6c8yWZTjRovg8LPKj3XdLp
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=mP6c8yWZTjRovg8LPKj3XdLp
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=99B50716-645B-4619-885E-FF6900806EF8; chkChromeAb67Sec=1; DPSync3=1632441600%3A201_197_219%7C1631318400%3A174; SyncRTB3=1632441600%3A234_204_189_231_56_99_176_21_3_8_55_165_88_7_81_230_161_22_166_220_71_222_13_54%7C1632528000%3A35%7C1632096000%3A63%7C1633824000%3A203%7C1631836800%3A223_15_2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 10 Sep 2021 00:41:04 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_409=22966-mP6c8yWZTjRovg8LPKj3XdLp; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 10-Oct-2021 00:41:04 GMT; path=/ PugT=1631234464; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 10-Oct-2021 00:41:04 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 09-Dec-2021 00:41:04 GMT; path=/
x-lat
amspug020:0:414
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Fri, 10 Sep 2021 00:41:04 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=mP6c8yWZTjRovg8LPKj3XdLp; Max-Age=31536000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=mP6c8yWZTjRovg8LPKj3XdLp
strict-transport-security
max-age=0; includeSubDomains;
dpe
ad4m.at/ad/ Frame E27F 		42 B
974 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 10 Sep 2021 00:41:04 GMT
content-type
image/gif
content-length
42
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-wmp3
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
68c49bcc48f739e1-CDG
i.match
s.tribalfusion.com/z/ Frame 3016
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
440 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
ANON_ID=aOnoeUSyZaRVRT8vtRLPcoXW8mrMGuUVUowBrMKxZd
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 10 Sep 2021 00:41:05 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=aVns6EpyXagbqiVREF6qfLZdtMyB8G0j4Jp6sd4Jd1636nEvAZa2XcOWJAvu6E4Zc6JHfdtZbpKH30jT79wZbfOVr; path=/; domain=.tribalfusion.com; expires=Thu, 09-Dec-2021 00:41:04 GMT; SameSite=None; Secure; ANON_ID_old=aVns6EpyXagbqiVREF6qfLZdtMyB8G0j4Jp6sd4Jd1636nEvAZa2XcOWJAvu6E4Zc6JHfdtZbpKH30jT79wZbfOVr; path=/; domain=.tribalfusion.com; expires=Thu, 09-Dec-2021 00:41:04 GMT;
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
68c49bcd9f360fa2-VIE
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Fri, 10 Sep 2021 00:41:04 GMT
content-type
text/html
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
215
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=aOnoeUSyZaRVRT8vtRLPcoXW8mrMGuUVUowBrMKxZd; path=/; domain=.tribalfusion.com; expires=Thu, 09-Dec-2021 00:41:04 GMT; SameSite=None; Secure; ANON_ID_old=aOnoeUSyZaRVRT8vtRLPcoXW8mrMGuUVUowBrMKxZd; path=/; domain=.tribalfusion.com; expires=Thu, 09-Dec-2021 00:41:04 GMT;
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
68c49bcc4ddb0fa2-VIE
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 97A6
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=222df056-1e86-4e45-92cb-a33e42b109cf-tuct8342f20&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=222df056-1e86-4e45-92cb-a33e42b109cf-tuct8342f20&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=222df056-1e86-4e45-92cb-a33e42b109cf-tuct8342f20&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
t_gid=222df056-1e86-4e45-92cb-a33e42b109cf-tuct8342f20
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Fri, 10 Sep 2021 00:41:04 GMT
via
1.1 varnish
x-served-by
cache-hhn4058-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1631234465.754835,VS0,VE8
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=222df056-1e86-4e45-92cb-a33e42b109cf-tuct8342f20;Version=1;Path=/;Domain=.taboola.com;Expires=Sat, 10-Sep-2022 00:41:04 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=222df056-1e86-4e45-92cb-a33e42b109cf-tuct8342f20&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Fri, 10 Sep 2021 00:41:04 GMT
via
1.1 varnish
x-served-by
cache-mxp6970-MXP
x-cache
MISS
x-cache-hits
0
x-timer
S1631234465.688053,VS0,VE17
x-vcl-time-ms
17
content-length
0
141
match.deepintent.com/usersync/ Frame 6725 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.deepintent.com
:scheme
https
:path
/usersync/141?gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Fri, 10 Sep 2021 00:41:04 GMT
server
a
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1452
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mbUHFmRbRhmIXv9pAIBu-A%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.149.47 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-149-47.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:04 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=22104
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Fri, 10 Sep 2021 06:49:28 GMT

Redirect headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 1452
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c3a1613a-a9a0-4400-901c-beee312d150c
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c3a1613a-a9a0-4400-901c-beee312d150c
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:03 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 10 Sep 2021 00:41:04 GMT
Server
MT3 3944 2bcb57b master cdg-pixel-x12 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c3a1613a-a9a0-4400-901c-beee312d150c
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 10 Sep 2021 00:41:03 GMT
/
pixel.onaudience.com/ Frame 1452
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=99B50716-645B-4619-885E-FF6900806EF8
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=be919faa-1a75-4dee-97fe-3f0e168429c9&icm
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=40956236ede3ea41e75673ce27359298
0
0
Pug
image2.pubmatic.com/AdServer/ Frame 1452
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTlCNTA3MTYtNjQ1Qi00NjE5LTg4NUUtRkY2OTAwODA2RUY4&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:03 GMT
cache-control
no-store, no-cache, private
x-lat
amspug012:0:368
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1452
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENTIr-0_0qIBssK1GrxVwuA&google_cver=1
42 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENTIr-0_0qIBssK1GrxVwuA&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:03 GMT
cache-control
no-store, no-cache, private
x-lat
amspug010:0:407
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENTIr-0_0qIBssK1GrxVwuA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 1452 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:04 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 09 Sep 2021 00:41:04 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1452
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5802539667209419446
42 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5802539667209419446
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:04 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug015:0:445
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:04 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5802539667209419446
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 1452
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:ec47613a-a9a0-4400-88c3-4f3971a0b5d2&gdpr=0&gdpr_consent=
42 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:ec47613a-a9a0-4400-88c3-4f3971a0b5d2&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:04 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug013:0:406
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 10 Sep 2021 00:41:04 GMT
Server
MT3 3944 2bcb57b master cdg-pixel-x28 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:ec47613a-a9a0-4400-88c3-4f3971a0b5d2&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 10 Sep 2021 00:41:03 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1452
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=be919faa-1a75-4dee-97fe-3f0e168429c9
42 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=be919faa-1a75-4dee-97fe-3f0e168429c9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:04 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug018:0:379
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:04 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=be919faa-1a75-4dee-97fe-3f0e168429c9
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 1452
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8753280251054543738&gdpr=0&gdpr_consent=
42 B
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8753280251054543738&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:04 GMT
cache-control
no-store, no-cache, private
x-lat
amspug014:0:412
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:04 GMT
X-Proxy-Origin
194.36.108.19; 194.36.108.19; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
40c62824-bcb6-4569-9ad4-a689cbfb55cc
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8753280251054543738&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 1452
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=99B50716-645B-4619-885E-FF6900806EF8&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-2QhM9SlE2uXevawqPSzVPuVyUmhhJ1Y-~A&gdpr=0&gdpr_consent=
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-2QhM9SlE2uXevawqPSzVPuVyUmhhJ1Y-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:03 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 10 Sep 2021 00:41:04 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-2QhM9SlE2uXevawqPSzVPuVyUmhhJ1Y-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
99B50716-645B-4619-885E-FF6900806EF8
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 1452 		43 B
202 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/99B50716-645B-4619-885E-FF6900806EF8?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:04 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1452
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=wWHgSZZpshjaMeMdlmT-GZVl4UzaMuUYxGcZA9CR
42 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=wWHgSZZpshjaMeMdlmT-GZVl4UzaMuUYxGcZA9CR
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:03 GMT
cache-control
no-store, no-cache, private
x-lat
amspug016:0:462
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:04 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=wWHgSZZpshjaMeMdlmT-GZVl4UzaMuUYxGcZA9CR
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1452
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=pubmatic
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=2460156151415142363&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=fdbbf0d3-14c9-4e18-beb2-1f263514daae&gdpr=&gdpr_consent=&gdpr_pd=
1 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=fdbbf0d3-14c9-4e18-beb2-1f263514daae&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:04 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug014:0:386
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=fdbbf0d3-14c9-4e18-beb2-1f263514daae&gdpr=&gdpr_consent=&gdpr_pd=
date
Fri, 10 Sep 2021 00:41:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 1452
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YTqpoAAAVIlJPAAT&gdpr=0&gdpr_consent=&_test=YTqpoAAAVIlJPAAT
1 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YTqpoAAAVIlJPAAT&gdpr=0&gdpr_consent=&_test=YTqpoAAAVIlJPAAT
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:04 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug007:0:449
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:04 GMT
via
1.1 varnish
server
Varnish
x-timer
S1631234465.798890,VS0,VE0
x-served-by
cache-cdg20732-CDG
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YTqpoAAAVIlJPAAT&gdpr=0&gdpr_consent=&_test=YTqpoAAAVIlJPAAT
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame 1452
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8632571902530157938&gdpr=0&gdpr_consent=&us_privacy=
1 B
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8632571902530157938&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:04 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug020:0:298
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8632571902530157938&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 10 Sep 2021 00:41:04 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 1452 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=99B50716-645B-4619-885E-FF6900806EF8&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:04 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame 1452
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:03 GMT
cache-control
no-store, no-cache, private
x-lat
amspug011:0:361
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:03 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
pubmaticmatch
match.adsby.bidtheatre.com/ Frame 1452 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 1452
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8753280251054543738
42 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8753280251054543738
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:04 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug009:0:334
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:04 GMT
X-Proxy-Origin
194.36.108.19; 194.36.108.19; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
8b9ecc3a-ef15-481c-a4e5-881c3e8c0b5f
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8753280251054543738
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1452
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_41fcf18c-4708-488e-894a-d8c42b5365c8
42 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_41fcf18c-4708-488e-894a-d8c42b5365c8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:04 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug010:0:491
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_41fcf18c-4708-488e-894a-d8c42b5365c8
date
Fri, 10 Sep 2021 00:41:04 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
de-DE
bid
clientside-video-bidder.rutarget.ru/ Frame 57AE 		27 B
687 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://clientside-video-bidder.rutarget.ru/bid?url=https%3A%2F%2Fask.fm%2Fspadebook33&request_id=1234464821&placement_id=109&mimes=video%2Fmp4&placement=1&protocols=2&protocols=3&protocols=5&protocols=6&mimes=application/javascript&vd_api_0=VPAID_2_0
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.64.106.152 , Russian Federation, ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU),
Reverse DNS
s-fr7.rutarget.ru
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:05 GMT
Server
nginx
Access-Control-Allow-Methods
OPTIONS
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Access-Control-Allow-Origin
https://ask.fm
Rutarget-SameSite-Cookie
true
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/xml
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Ssp-Name
Content-Length
27
cs
rtb-msk-2.viadata.store/vast/ Frame 57AE 		71 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb-msk-2.viadata.store/vast/cs?zone=102415&w=432&h=243&site=https%3A%2F%2Fask.fm%2Fspadebook33&vp=2&cbb=1234464824
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.236 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
ea8c11136a7433434705f93ac9b944267b1e5b18cb713fe9817c7ca09c730cf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
age
0
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/xml; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-store
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
access-control-allow-headers
Content-Type, Accept
rle.cgi
ad.adriver.ru/cgi-bin/ Frame 57AE 		5 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=222536&bn=1&bt=61&pz=0&w=400&h=220&vp=5&target=top&vmindn=5&vmaxdn=180&vminbtr=30&vmaxbtr=3000&tuid=1&rnd=1234464825&tail256=https%3A%2F%2Fask.fm%2F
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.108.39 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
45d16e2150b963fe5a16969a2326ec15144964742430a85938ceaa833f0d8aaa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:04 GMT
Transfer-Encoding
chunked
P3P
policyref="https://adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Access-Control-Allow-Origin
https://ask.fm
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/xml
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
ads.viralize.tv/vast/ Frame 57AE 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.viralize.tv/vast/?zid=AADPh4dFgdgbKwgH&u=ask.fm&cbb=1234464826
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e4edb4e0f2e8073b70bc48439796d4d5e5ea39ee130ad94463c13b0f356ffe83

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:04 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding, Origin
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
expires
0
vast
moevideo.biz/ Frame 57AE 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/vast?ref=viads-ask.fm&impressionAfterPaid=1&es=1&vl=1&mvis=1&referrer=https%3A%2F%2Fask.fm%2Fspadebook33&cbb=1234464826
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.105 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f12.moevideo.net
Software
nginx / PHP/5.5.38
Resource Hash
6cb73a9f3984133a1b10d788ef4ad389be140c6bb03e74bf9edca176299890a5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:05 GMT
Content-Encoding
gzip
X-Mv-Embed-Version
1373
X-Powered-By
PHP/5.5.38
Transfer-Encoding
chunked
Connection
keep-alive
X-My-Reqtime
0.088
Pragma
no-cache
Last-Modified
Fri, 10 Sep 2021 00:41:05 GMT
Server
nginx
X-My-Name
s31
Access-Control-Allow-Methods
GET, POST
Content-Type
application/xml
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
X-Mv-TryCache
0
X-My-App-Time
0.001
Access-Control-Allow-Headers
Content-Type, Accept
Expires
Thu, 19 Feb 1998 13:24:18 GMT
viads-vast
adx.com.ru/ Frame 57AE
Redirect Chain
  • https://adx.com.ru/viads-vast?vpaid=true&rolltype=outstream&referer=https%3A%2F%2Fask.fm%2Fspadebook33&uid=c2acdbca-6d63-4dcc-bef8-e53f751fb959&cbb=1234464826
  • https://adx.com.ru/viads-vast?confirm=1&referer=https%3A%2F%2Fask.fm%2Fspadebook33&rolltype=content-roll&uid=c2acdbca-6d63-4dcc-bef8-e53f751fb959&vpaid=false
0
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.com.ru/viads-vast?confirm=1&referer=https%3A%2F%2Fask.fm%2Fspadebook33&rolltype=content-roll&uid=c2acdbca-6d63-4dcc-bef8-e53f751fb959&vpaid=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.34.131.130 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.130.131.34.188.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 00:41:04 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
server
nginx/1.18.0
p3p
CP="adx.com.ru does not have a P3P policy"

Redirect headers

date
Fri, 10 Sep 2021 00:41:04 GMT
server
nginx/1.18.0
access-control-allow-origin
https://ask.fm
p3p
CP="adx.com.ru does not have a P3P policy"
location
/viads-vast?confirm=1&referer=https%3A%2F%2Fask.fm%2Fspadebook33&rolltype=content-roll&uid=c2acdbca-6d63-4dcc-bef8-e53f751fb959&vpaid=false
cache-control
max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
content-length
238
ad_request
ads.aralego.com/ Frame 57AE 		0
514 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?host=ask.fm&ver=UCX_WEB-20200113&adid=ad-8A29B9A43D442E8EFEE379B36E7ED89&atype=2&u=https%3A%2F%2Fask.fm%2Fspadebook33&gdpr=0&euconsent-v2=&w=432&h=243&je=1&cbb=1234464826
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:05 GMT
X-Width
432
X-Height
243
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
https://ask.fm
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Access-Control-Allow-Credentials
true
X-Adtype
vast
Connection
close
i
dmg.digitaltarget.ru/awg/custom/7205/i/ Frame 57AE
Redirect Chain
  • https://dmg.digitaltarget.ru/1/7205/i/i?a=945&e=c2acdbca-6d63-4dcc-bef8-e53f751fb959&i=1631234464
  • https://dmg.digitaltarget.ru/awg/custom/7205/i/i?call_source=awg&a=945&e=c2acdbca-6d63-4dcc-bef8-e53f751fb959&i=1631234464
49 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmg.digitaltarget.ru/awg/custom/7205/i/i?call_source=awg&a=945&e=c2acdbca-6d63-4dcc-bef8-e53f751fb959&i=1631234464
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.15.175.132 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:05 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Request-Time
7
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
64
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Credentials
true

Redirect headers

Date
Fri, 10 Sep 2021 00:41:05 GMT
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Allow-Methods
GET, POST, OPTIONS
Location
https://dmg.digitaltarget.ru/awg/custom/7205/i/i?call_source=awg&a=945&e=c2acdbca-6d63-4dcc-bef8-e53f751fb959&i=1631234464
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
master-only
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
86400
Connection
keep-alive
Request-Time
0
Content-Length
0
X-Content-Type-Options
nosniff
sync
rtb-msk-2.viadata.store/tools/ Frame 57AE
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Frtb-msk-2.viadata.store%2Ftools%2Fsync%3Fdsp%3D30%26uid%3D%24UID
  • https://rtb-msk-2.viadata.store/tools/sync?dsp=30&uid=2460156151415142363
43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-msk-2.viadata.store/tools/sync?dsp=30&uid=2460156151415142363
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.236 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:04 GMT
x-content-type-options
nosniff
last-modified
Fri, 10 Sep 2021 00:41:05 GMT
server
nginx
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://rtb-msk-2.viadata.store/tools/sync?dsp=30&uid=2460156151415142363
date
Fri, 10 Sep 2021 00:41:04 GMT
server
nginx
content-length
0
content-type
text/plain
partner
sync.search.spotxchange.com/ Frame 57AE 		43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=273596&uid=c2acdbca-6d63-4dcc-bef8-e53f751fb959
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:04 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
143
Connection
keep-alive
Content-Length
43
dsp
logs.viadata.store/event/ Frame 57AE 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logs.viadata.store/event/dsp?sid=102415&event=rtb&event2=request&cb=1631234464827&tids=2107,2110,2106,2552,4760,2111,2555,2109,7323,7378
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:04 GMT
x-content-type-options
nosniff
last-modified
Fri, 10 Sep 2021 00:41:04 GMT
server
nginx
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame BE33 		27 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fspadebook33&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C20268939301771083074143345888%2C%2C&us_privacy=&cb=1631234464467&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fask.fm%252Fspadebook33&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fask.fm%252Fspadebook33&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-9-10%200:41:4&ranreq=0.5849485640957599&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Fspadebook33&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C20268939301771083074143345888%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:05 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://ask.fm
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
sas-banner-1.2.js
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame 36A9 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:d9::58dd:3012 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
96bf34be96152a1e9b30121f463904332e2ee264399170c25749b5ba8a562443

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:05 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Sep 2021 13:05:57 GMT
Server
AkamaiNetStorage
ETag
"88d30f421fe92800cd38b52870556b28:1631106480.782098"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10406
st.min.html
apps.sascdn.com/rtb/transparency/handler/ Frame AAB6 		531 B
811 B 		Document
General
Check archive.org
Download Go to
Full URL
https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22453563092062709631%22%2c%22adomain%22%3a%22betway.de%22%2c%22page%22%3a%221438277%22%2c%22format%22%3a%2289189%22%2c%22crid%22%3a%22409_19636%22%2c%22dsp%22%3a%2231%22%2c%22buyer%22%3a%22137327%22%2c%22cid%22%3a%221347%22%2c%22adid%22%3a%22409_19636%22%2c%22hash%22%3a%22-3175275454855945423%22%7d
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:d9::58dd:3049 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1

Request headers

Host
apps.sascdn.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ask.fm/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

Accept-Ranges
bytes
Content-Type
text/html
ETag
"cf77ec65ee9c36afad6942d47dda53fb:1613657530.934096"
Last-Modified
Thu, 18 Feb 2021 14:12:04 GMT
Server
AkamaiNetStorage
Content-Length
531
Date
Fri, 10 Sep 2021 00:41:05 GMT
Connection
keep-alive
Cookie set /
eu.sportradarserving.com/ul_cb/content/prUAFVTiRfGELjzXPvVd1nm_NJ9lJY-Qji31nqAANQvuKfhg9qR-BWo6retaFCxiS2PosVvayCLeO0JcX0T9XyCWOcDhGZontQwJg8Uq2K0xcBmgxYT61m7MSItrCpS8f4gAFq-2aVtvd-ArJ0-w7VCMWf85dx... Frame 163E
Redirect Chain
  • https://eu.sportradarserving.com/content/prUAFVTiRfGELjzXPvVd1nm_NJ9lJY-Qji31nqAANQvuKfhg9qR-BWo6retaFCxiS2PosVvayCLeO0JcX0T9XyCWOcDhGZontQwJg8Uq2K0xcBmgxYT61m7MSItrCpS8f4gAFq-2aVtvd-ArJ0-w7VCMWf85...
  • https://eu.sportradarserving.com/ul_cb/content/prUAFVTiRfGELjzXPvVd1nm_NJ9lJY-Qji31nqAANQvuKfhg9qR-BWo6retaFCxiS2PosVvayCLeO0JcX0T9XyCWOcDhGZontQwJg8Uq2K0xcBmgxYT61m7MSItrCpS8f4gAFq-2aVtvd-ArJ0-w7V...
13 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eu.sportradarserving.com/ul_cb/content/prUAFVTiRfGELjzXPvVd1nm_NJ9lJY-Qji31nqAANQvuKfhg9qR-BWo6retaFCxiS2PosVvayCLeO0JcX0T9XyCWOcDhGZontQwJg8Uq2K0xcBmgxYT61m7MSItrCpS8f4gAFq-2aVtvd-ArJ0-w7VCMWf85dxGQhlEeRPy5LkHb7WytMPCie5ztcSOw43Crpcp4e5bUG_yzQChlWPCIsSM1wBgvfmqahrOJMlMty7r26MYf1HG4aWbxBrXd4YE3Qvmt-rPZtTQcU2vgtPYxgO6_D8wmW_tjbQDd2g-3LihdMcITlVCVvub4m_SB40WdfmsKgXUKZ_rmSFCICAG3rBxoyTtRyy91IxOa5Vgg7EB5LkqaYk7t2RmW51AoDM1126lvB7x0Ckhdw9i8EMTC5TjLDrZ-dGvnfaByy6_tmYVndEeSLNO4nH1_DTZH5YsMEfGUhFRZwsZ-HuBNfR1UUO4O2EmCjrg1amSdCrSUCtZd_aeT0YMwnJm3Yp9PRWc6MryymkS0ZuBxvKAcjRIMNiUsUjUztP5Nuk3yZUTEMLwOzul6SIiqc1g2eUhWjU1VhBj59xC3bMndphkEmYOCHhGx1Bh17D0mQDJkFHS71msjDsZwXadQPntGh-eMPoCaxPLG5IiViFJDYn1GTwoh85SWwQdSjuiAWboONERjJLlVSDfv6_yBT-udS1B4_pE8hRDkVkx-bU-mfIW4XBfqidoqWApL6LO7eNyFOTlzrWHy3VzEtY1bj9-Ge2Jwsv1CrwVTRxpH0BBBIyt1yAYqTOUYYom8xlFWHYhJXaLCoPYdUDnryTRMRQI0T2BRev9GCaU7ScH_y7LwfHgBnaYpfGJ4h1dyZ48AbbOels5po8s9FkeqF_FbJWqSlNw78QI0rHhsy1JTIAv845tcKsgB0bRaHTNixfuFsNw0Gj4iee29Ooz2Zba51M0jJE6d5P744mPDe5hKvzbtGgYXljZc3Jn9sjY2MCLogil7hCDWLY23J7qwpiAmkODAqcqEyMhd2Fi2_VyacMSijjBLYeI7S7-096N1svS0WEpOixPA0Teg1AQIevwY76fddz9YLWmgrvVqCXbgpxAWNZkY3mSgoDUK6pgZkX3XwtF1GlsltCM-m_5AtneaCEqMIvF6bGWhFI7t42Dyf2_9/
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.205.93 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-205-93.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
eb1d5511ef604362f28c28f05823cb1c8faa5198907793f1a5d1b0195310557e

Request headers

Host
eu.sportradarserving.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ask.fm/
Accept-Encoding
gzip, deflate, br
Cookie
zuuid=d96529e4-0670-4342-a8bb-9b602b67ced8; c=1631234465; zuuid_lu=1631234465
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 10 Sep 2021 00:41:05 GMT
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie
zuuid=d96529e4-0670-4342-a8bb-9b602b67ced8; path=/; expires=Sat, 10-Sep-2022 00:41:05 GMT; domain=sportradarserving.com; samesite=none; secure zuuid_lu=1631234465; path=/; expires=Sat, 10-Sep-2022 00:41:05 GMT; domain=sportradarserving.com; samesite=none; secure zuuid_k=1; path=/; expires=Sat, 10-Sep-2022 00:41:05 GMT; domain=sportradarserving.com; samesite=none; secure zuuid_k_lu=1631234465; path=/; expires=Sat, 10-Sep-2022 00:41:05 GMT; domain=sportradarserving.com; samesite=none; secure pvc2=prUAFVTiRfGELjzXPvVd1nm_NJ9lJY-Qji31nqAANQvuKfhg9qR-BWo6retaFCxiS2PosVvayCLeO0JcX0T9XyCWOcDhGZontQwJg8Uq2K0xcBmgxYT61m7MSItrCpS8f4gAFq-2aVtvd-ArJ0-w7VCMWf85dxGQhlEeRPy5LkHb7WytMPCie5ztcSOw43Crpcp4e5bUG_yzQChlWPCIsSM1wBgvfmqahrOJMlMty7r26MYf1HG4aWbxBrXd4YE3Qvmt-rPZtTQcU2vgtPYxgO6_D8wmW_tjbQDd2g-3LihdMcITlVCVvub4m_SB40WdfmsKgXUKZ_rmSFCICAG3rBxoyTtRyy91IxOa5Vgg7EB5LkqaYk7t2RmW51AoDM1126lvB7x0Ckhdw9i8EMTC5TjLDrZ-dGvnfaByy6_tmYVndEeSLNO4nH1_DTZH5YsMEfGUhFRZwsZ-HuBNfR1UUO4O2EmCjrg1amSdCrSUCtZd_aeT0YMwnJm3Yp9PRWc6MryymkS0ZuBxvKAcjRIMNiUsUjUztP5Nuk3yZUTEMLwOzul6SIiqc1g2eUhWjU1VhBj59xC3bMndphkEmYOCHhGx1Bh17D0mQDJkFHS71msjDsZwXadQPntGh-eMPoCaxPLG5IiViFJDYn1GTwoh85SWwQdSjuiAWboONERjJLlVSDfv6_yBT-udS1B4_pE8hRDkVkx-bU-mfIW4XBfqidoqWApL6LO7eNyFOTlzrWHy3VzEtY1bj9-Ge2Jwsv1CrwVTRxpH0BBBIyt1yAYqTOUYYom8xlFWHYhJXaLCoPYdUDnryTRMRQI0T2BRev9GCaU7ScH_y7LwfHgBnaYpfGJ4h1dyZ48AbbOels5po8s9FkeqF_FbJWqSlNw78QI0rHhsy1JTIAv845tcKsgB0bRaHTNixfuFsNw0Gj4iee29Ooz2Zba51M0jJE6d5P744mPDe5hKvzbtGgYXljZc3Jn9sjY2MCLogil7hCDWLY23J7qwpiAmkODAqcqEyMhd2Fi2_VyacMSijjBLYeI7S7-096N1svS0WEpOixPA0Teg1AQIevwY76fddz9YLWmgrvVqCXbgpxAWNZkY3mSgoDUK6pgZkX3XwtF1GlsltCM-m_5AtneaCEqMIvF6bGWhFI7t42Dyf2_9,ojE4Xe9--p0e6jWuZ3FXug,KVFBbOCyxcmhBVvRmxkpcw,WPmWukykxPIP5dHUIZplhg,KVFBbOCyxcmhBVvRmxkpcw,kvHnb6J8Cc4FRKr7knZHXg,KVFBbOCyxcmhBVvRmxkpcw,pEAUKGC6nhT7wCnM4wpMfQ,KVFBbOCyxcmhBVvRmxkpcw,U6jq-n_6rENBinJDVjKfvw,KVFBbOCyxcmhBVvRmxkpcw,iRFxMMc6WnFCJdw8MWRx4Q,KVFBbOCyxcmhBVvRmxkpcw,GC2YtHodDZYicqOLK8mnyQ,KVFBbOCyxcmhBVvRmxkpcw,MNjmGSind2a1B1A5UtXktg,KVFBbOCyxcmhBVvRmxkpcw; path=/; expires=Sat, 10-Sep-2022 00:41:05 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length
4853
Connection
keep-alive

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Date
Fri, 10 Sep 2021 00:41:05 GMT
Location
https://eu.sportradarserving.com/ul_cb/content/prUAFVTiRfGELjzXPvVd1nm_NJ9lJY-Qji31nqAANQvuKfhg9qR-BWo6retaFCxiS2PosVvayCLeO0JcX0T9XyCWOcDhGZontQwJg8Uq2K0xcBmgxYT61m7MSItrCpS8f4gAFq-2aVtvd-ArJ0-w7VCMWf85dxGQhlEeRPy5LkHb7WytMPCie5ztcSOw43Crpcp4e5bUG_yzQChlWPCIsSM1wBgvfmqahrOJMlMty7r26MYf1HG4aWbxBrXd4YE3Qvmt-rPZtTQcU2vgtPYxgO6_D8wmW_tjbQDd2g-3LihdMcITlVCVvub4m_SB40WdfmsKgXUKZ_rmSFCICAG3rBxoyTtRyy91IxOa5Vgg7EB5LkqaYk7t2RmW51AoDM1126lvB7x0Ckhdw9i8EMTC5TjLDrZ-dGvnfaByy6_tmYVndEeSLNO4nH1_DTZH5YsMEfGUhFRZwsZ-HuBNfR1UUO4O2EmCjrg1amSdCrSUCtZd_aeT0YMwnJm3Yp9PRWc6MryymkS0ZuBxvKAcjRIMNiUsUjUztP5Nuk3yZUTEMLwOzul6SIiqc1g2eUhWjU1VhBj59xC3bMndphkEmYOCHhGx1Bh17D0mQDJkFHS71msjDsZwXadQPntGh-eMPoCaxPLG5IiViFJDYn1GTwoh85SWwQdSjuiAWboONERjJLlVSDfv6_yBT-udS1B4_pE8hRDkVkx-bU-mfIW4XBfqidoqWApL6LO7eNyFOTlzrWHy3VzEtY1bj9-Ge2Jwsv1CrwVTRxpH0BBBIyt1yAYqTOUYYom8xlFWHYhJXaLCoPYdUDnryTRMRQI0T2BRev9GCaU7ScH_y7LwfHgBnaYpfGJ4h1dyZ48AbbOels5po8s9FkeqF_FbJWqSlNw78QI0rHhsy1JTIAv845tcKsgB0bRaHTNixfuFsNw0Gj4iee29Ooz2Zba51M0jJE6d5P744mPDe5hKvzbtGgYXljZc3Jn9sjY2MCLogil7hCDWLY23J7qwpiAmkODAqcqEyMhd2Fi2_VyacMSijjBLYeI7S7-096N1svS0WEpOixPA0Teg1AQIevwY76fddz9YLWmgrvVqCXbgpxAWNZkY3mSgoDUK6pgZkX3XwtF1GlsltCM-m_5AtneaCEqMIvF6bGWhFI7t42Dyf2_9/
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie
zuuid=d96529e4-0670-4342-a8bb-9b602b67ced8; path=/; expires=Sat, 10-Sep-2022 00:41:05 GMT; domain=sportradarserving.com; samesite=none; secure c=1631234465; path=/; expires=Sat, 10-Sep-2022 00:41:05 GMT; domain=sportradarserving.com; samesite=none; secure zuuid_lu=1631234465; path=/; expires=Sat, 10-Sep-2022 00:41:05 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length
0
Connection
keep-alive
aip
itx4.smartadserver.com/h/ Frame A863 		43 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://itx4.smartadserver.com/h/aip?uii=453563092062721022&tmstp=3651565068&ckid=4680613590851676424&pubid=18&systgt=%24qc%3d1311284246%3b%24ql%3dUnknown%3b%24qpc%3d60311%3b%24qt%3d25_1045_42811t%3b%24dma%3d0%3b%24b%3d16890%3b%24o%3d11100&acd=1631234464041&envtype=0&opid=71319850-d663-4554-b53d-84a3f446b4dc&opdt=1631234464040&siteid=259837&tgt=%24dt%3d1t&gdpr=0&visit=S&statid=3&imptype=0&pgDomain=https%3a%2f%2fask.fm%2fspadebook33&cappid=4680613590851676424&capp=1&mcrdbt=1&insid=10104881&imgid=0&pgid=1438277&fmtid=89189&isLazy=0&rtb=1&rtbnid=2079&rtbbid=453563092062709631&rtbh=0d280d76a75038fca6f8d83b169fc16e858a325d&rtblt=637668312640431845&rtbet=0&rtbptnid=31&cftgid=7c452d5c7363
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:04 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/ Frame A863
Redirect Chain
  • https://aws-fr-sync.bidswitch.net/sync?ssp=smartadserver&dsp_id=409&imp=1
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=smartadserver
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=d96529e4-0670-4342-a8bb-9b602b67ced8&ssp=smartadserver
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=fdbbf0d3-14c9-4e18-beb2-1f263514daae&gdpr=&gdpr_consent=
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=fdbbf0d3-14c9-4e18-beb2-1f263514daae&gdpr=&gdpr_consent=
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.142 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:04 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

location
//rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=fdbbf0d3-14c9-4e18-beb2-1f263514daae&gdpr=&gdpr_consent=
date
Fri, 10 Sep 2021 00:41:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 00:41:05 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame E483 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 00:41:05 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
track
aktrack.pubmatic.com/ Frame BE33 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1631234465&wa=0&e=95&vc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.40.112.228 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-112-228.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:05 GMT
content-length
0
content-type
text/html
usersyncs
tags.feedad.com/1/ Frame 163E 		42 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.feedad.com/1/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=d96529e4-0670-4342-a8bb-9b602b67ced8
Requested by
Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/prUAFVTiRfGELjzXPvVd1nm_NJ9lJY-Qji31nqAANQvuKfhg9qR-BWo6retaFCxiS2PosVvayCLeO0JcX0T9XyCWOcDhGZontQwJg8Uq2K0xcBmgxYT61m7MSItrCpS8f4gAFq-2aVtvd-ArJ0-w7VCMWf85dxGQhlEeRPy5LkHb7WytMPCie5ztcSOw43Crpcp4e5bUG_yzQChlWPCIsSM1wBgvfmqahrOJMlMty7r26MYf1HG4aWbxBrXd4YE3Qvmt-rPZtTQcU2vgtPYxgO6_D8wmW_tjbQDd2g-3LihdMcITlVCVvub4m_SB40WdfmsKgXUKZ_rmSFCICAG3rBxoyTtRyy91IxOa5Vgg7EB5LkqaYk7t2RmW51AoDM1126lvB7x0Ckhdw9i8EMTC5TjLDrZ-dGvnfaByy6_tmYVndEeSLNO4nH1_DTZH5YsMEfGUhFRZwsZ-HuBNfR1UUO4O2EmCjrg1amSdCrSUCtZd_aeT0YMwnJm3Yp9PRWc6MryymkS0ZuBxvKAcjRIMNiUsUjUztP5Nuk3yZUTEMLwOzul6SIiqc1g2eUhWjU1VhBj59xC3bMndphkEmYOCHhGx1Bh17D0mQDJkFHS71msjDsZwXadQPntGh-eMPoCaxPLG5IiViFJDYn1GTwoh85SWwQdSjuiAWboONERjJLlVSDfv6_yBT-udS1B4_pE8hRDkVkx-bU-mfIW4XBfqidoqWApL6LO7eNyFOTlzrWHy3VzEtY1bj9-Ge2Jwsv1CrwVTRxpH0BBBIyt1yAYqTOUYYom8xlFWHYhJXaLCoPYdUDnryTRMRQI0T2BRev9GCaU7ScH_y7LwfHgBnaYpfGJ4h1dyZ48AbbOels5po8s9FkeqF_FbJWqSlNw78QI0rHhsy1JTIAv845tcKsgB0bRaHTNixfuFsNw0Gj4iee29Ooz2Zba51M0jJE6d5P744mPDe5hKvzbtGgYXljZc3Jn9sjY2MCLogil7hCDWLY23J7qwpiAmkODAqcqEyMhd2Fi2_VyacMSijjBLYeI7S7-096N1svS0WEpOixPA0Teg1AQIevwY76fddz9YLWmgrvVqCXbgpxAWNZkY3mSgoDUK6pgZkX3XwtF1GlsltCM-m_5AtneaCEqMIvF6bGWhFI7t42Dyf2_9/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2215.1e100.net
Software
Google Frontend /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cloud-trace-context
413fb328c49f131cfa433f09c13da58a
cache-control
private
server
Google Frontend
content-type
image/gif
date
Fri, 10 Sep 2021 00:41:05 GMT
content-length
42
expires
Fri, 10 Sep 2021 00:41:05 GMT
dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame 163E
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=d96529e4-0670-4342-a8bb-9b602b67ced8
  • https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=25&dspUserId=fdbbf0d3-14c9-4e18-beb2-1f263514daae
  • https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=25&dspUserId=fdbbf0d3-14c9-4e18-beb2-1f263514daae&cookieRequired=true
0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=25&dspUserId=fdbbf0d3-14c9-4e18-beb2-1f263514daae&cookieRequired=true
Requested by
Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/prUAFVTiRfGELjzXPvVd1nm_NJ9lJY-Qji31nqAANQvuKfhg9qR-BWo6retaFCxiS2PosVvayCLeO0JcX0T9XyCWOcDhGZontQwJg8Uq2K0xcBmgxYT61m7MSItrCpS8f4gAFq-2aVtvd-ArJ0-w7VCMWf85dxGQhlEeRPy5LkHb7WytMPCie5ztcSOw43Crpcp4e5bUG_yzQChlWPCIsSM1wBgvfmqahrOJMlMty7r26MYf1HG4aWbxBrXd4YE3Qvmt-rPZtTQcU2vgtPYxgO6_D8wmW_tjbQDd2g-3LihdMcITlVCVvub4m_SB40WdfmsKgXUKZ_rmSFCICAG3rBxoyTtRyy91IxOa5Vgg7EB5LkqaYk7t2RmW51AoDM1126lvB7x0Ckhdw9i8EMTC5TjLDrZ-dGvnfaByy6_tmYVndEeSLNO4nH1_DTZH5YsMEfGUhFRZwsZ-HuBNfR1UUO4O2EmCjrg1amSdCrSUCtZd_aeT0YMwnJm3Yp9PRWc6MryymkS0ZuBxvKAcjRIMNiUsUjUztP5Nuk3yZUTEMLwOzul6SIiqc1g2eUhWjU1VhBj59xC3bMndphkEmYOCHhGx1Bh17D0mQDJkFHS71msjDsZwXadQPntGh-eMPoCaxPLG5IiViFJDYn1GTwoh85SWwQdSjuiAWboONERjJLlVSDfv6_yBT-udS1B4_pE8hRDkVkx-bU-mfIW4XBfqidoqWApL6LO7eNyFOTlzrWHy3VzEtY1bj9-Ge2Jwsv1CrwVTRxpH0BBBIyt1yAYqTOUYYom8xlFWHYhJXaLCoPYdUDnryTRMRQI0T2BRev9GCaU7ScH_y7LwfHgBnaYpfGJ4h1dyZ48AbbOels5po8s9FkeqF_FbJWqSlNw78QI0rHhsy1JTIAv845tcKsgB0bRaHTNixfuFsNw0Gj4iee29Ooz2Zba51M0jJE6d5P744mPDe5hKvzbtGgYXljZc3Jn9sjY2MCLogil7hCDWLY23J7qwpiAmkODAqcqEyMhd2Fi2_VyacMSijjBLYeI7S7-096N1svS0WEpOixPA0Teg1AQIevwY76fddz9YLWmgrvVqCXbgpxAWNZkY3mSgoDUK6pgZkX3XwtF1GlsltCM-m_5AtneaCEqMIvF6bGWhFI7t42Dyf2_9/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.25.144 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
144.25.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:05 GMT
via
1.1 google
alt-svc
clear
content-length
0

Redirect headers

location
/dspreply?dspId=25&dspUserId=fdbbf0d3-14c9-4e18-beb2-1f263514daae&cookieRequired=true
date
Fri, 10 Sep 2021 00:41:05 GMT
via
1.1 google
alt-svc
clear
content-length
129
content-type
text/html; charset=utf-8
usersyncs
api.feedad.com/1.1/web/ Frame 163E 		42 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.feedad.com/1.1/web/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=d96529e4-0670-4342-a8bb-9b602b67ced8
Requested by
Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/prUAFVTiRfGELjzXPvVd1nm_NJ9lJY-Qji31nqAANQvuKfhg9qR-BWo6retaFCxiS2PosVvayCLeO0JcX0T9XyCWOcDhGZontQwJg8Uq2K0xcBmgxYT61m7MSItrCpS8f4gAFq-2aVtvd-ArJ0-w7VCMWf85dxGQhlEeRPy5LkHb7WytMPCie5ztcSOw43Crpcp4e5bUG_yzQChlWPCIsSM1wBgvfmqahrOJMlMty7r26MYf1HG4aWbxBrXd4YE3Qvmt-rPZtTQcU2vgtPYxgO6_D8wmW_tjbQDd2g-3LihdMcITlVCVvub4m_SB40WdfmsKgXUKZ_rmSFCICAG3rBxoyTtRyy91IxOa5Vgg7EB5LkqaYk7t2RmW51AoDM1126lvB7x0Ckhdw9i8EMTC5TjLDrZ-dGvnfaByy6_tmYVndEeSLNO4nH1_DTZH5YsMEfGUhFRZwsZ-HuBNfR1UUO4O2EmCjrg1amSdCrSUCtZd_aeT0YMwnJm3Yp9PRWc6MryymkS0ZuBxvKAcjRIMNiUsUjUztP5Nuk3yZUTEMLwOzul6SIiqc1g2eUhWjU1VhBj59xC3bMndphkEmYOCHhGx1Bh17D0mQDJkFHS71msjDsZwXadQPntGh-eMPoCaxPLG5IiViFJDYn1GTwoh85SWwQdSjuiAWboONERjJLlVSDfv6_yBT-udS1B4_pE8hRDkVkx-bU-mfIW4XBfqidoqWApL6LO7eNyFOTlzrWHy3VzEtY1bj9-Ge2Jwsv1CrwVTRxpH0BBBIyt1yAYqTOUYYom8xlFWHYhJXaLCoPYdUDnryTRMRQI0T2BRev9GCaU7ScH_y7LwfHgBnaYpfGJ4h1dyZ48AbbOels5po8s9FkeqF_FbJWqSlNw78QI0rHhsy1JTIAv845tcKsgB0bRaHTNixfuFsNw0Gj4iee29Ooz2Zba51M0jJE6d5P744mPDe5hKvzbtGgYXljZc3Jn9sjY2MCLogil7hCDWLY23J7qwpiAmkODAqcqEyMhd2Fi2_VyacMSijjBLYeI7S7-096N1svS0WEpOixPA0Teg1AQIevwY76fddz9YLWmgrvVqCXbgpxAWNZkY3mSgoDUK6pgZkX3XwtF1GlsltCM-m_5AtneaCEqMIvF6bGWhFI7t42Dyf2_9/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2015.1e100.net
Software
Google Frontend /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cloud-trace-context
9c4b3cf219ea1db8fc231815adf14aa5
cache-control
private
server
Google Frontend
content-type
image/gif
date
Fri, 10 Sep 2021 00:41:05 GMT
content-length
42
expires
Fri, 10 Sep 2021 00:41:05 GMT
youronlinechoices_icon.png
eu.sportradarserving.com/ Frame 163E 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.sportradarserving.com/youronlinechoices_icon.png
Requested by
Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/prUAFVTiRfGELjzXPvVd1nm_NJ9lJY-Qji31nqAANQvuKfhg9qR-BWo6retaFCxiS2PosVvayCLeO0JcX0T9XyCWOcDhGZontQwJg8Uq2K0xcBmgxYT61m7MSItrCpS8f4gAFq-2aVtvd-ArJ0-w7VCMWf85dxGQhlEeRPy5LkHb7WytMPCie5ztcSOw43Crpcp4e5bUG_yzQChlWPCIsSM1wBgvfmqahrOJMlMty7r26MYf1HG4aWbxBrXd4YE3Qvmt-rPZtTQcU2vgtPYxgO6_D8wmW_tjbQDd2g-3LihdMcITlVCVvub4m_SB40WdfmsKgXUKZ_rmSFCICAG3rBxoyTtRyy91IxOa5Vgg7EB5LkqaYk7t2RmW51AoDM1126lvB7x0Ckhdw9i8EMTC5TjLDrZ-dGvnfaByy6_tmYVndEeSLNO4nH1_DTZH5YsMEfGUhFRZwsZ-HuBNfR1UUO4O2EmCjrg1amSdCrSUCtZd_aeT0YMwnJm3Yp9PRWc6MryymkS0ZuBxvKAcjRIMNiUsUjUztP5Nuk3yZUTEMLwOzul6SIiqc1g2eUhWjU1VhBj59xC3bMndphkEmYOCHhGx1Bh17D0mQDJkFHS71msjDsZwXadQPntGh-eMPoCaxPLG5IiViFJDYn1GTwoh85SWwQdSjuiAWboONERjJLlVSDfv6_yBT-udS1B4_pE8hRDkVkx-bU-mfIW4XBfqidoqWApL6LO7eNyFOTlzrWHy3VzEtY1bj9-Ge2Jwsv1CrwVTRxpH0BBBIyt1yAYqTOUYYom8xlFWHYhJXaLCoPYdUDnryTRMRQI0T2BRev9GCaU7ScH_y7LwfHgBnaYpfGJ4h1dyZ48AbbOels5po8s9FkeqF_FbJWqSlNw78QI0rHhsy1JTIAv845tcKsgB0bRaHTNixfuFsNw0Gj4iee29Ooz2Zba51M0jJE6d5P744mPDe5hKvzbtGgYXljZc3Jn9sjY2MCLogil7hCDWLY23J7qwpiAmkODAqcqEyMhd2Fi2_VyacMSijjBLYeI7S7-096N1svS0WEpOixPA0Teg1AQIevwY76fddz9YLWmgrvVqCXbgpxAWNZkY3mSgoDUK6pgZkX3XwtF1GlsltCM-m_5AtneaCEqMIvF6bGWhFI7t42Dyf2_9/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.205.93 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-205-93.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
30c065c5189582302f1fc91edd7f8c99956f6f8bd6c4b242081f41ab1c772b08

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/ul_cb/content/prUAFVTiRfGELjzXPvVd1nm_NJ9lJY-Qji31nqAANQvuKfhg9qR-BWo6retaFCxiS2PosVvayCLeO0JcX0T9XyCWOcDhGZontQwJg8Uq2K0xcBmgxYT61m7MSItrCpS8f4gAFq-2aVtvd-ArJ0-w7VCMWf85dxGQhlEeRPy5LkHb7WytMPCie5ztcSOw43Crpcp4e5bUG_yzQChlWPCIsSM1wBgvfmqahrOJMlMty7r26MYf1HG4aWbxBrXd4YE3Qvmt-rPZtTQcU2vgtPYxgO6_D8wmW_tjbQDd2g-3LihdMcITlVCVvub4m_SB40WdfmsKgXUKZ_rmSFCICAG3rBxoyTtRyy91IxOa5Vgg7EB5LkqaYk7t2RmW51AoDM1126lvB7x0Ckhdw9i8EMTC5TjLDrZ-dGvnfaByy6_tmYVndEeSLNO4nH1_DTZH5YsMEfGUhFRZwsZ-HuBNfR1UUO4O2EmCjrg1amSdCrSUCtZd_aeT0YMwnJm3Yp9PRWc6MryymkS0ZuBxvKAcjRIMNiUsUjUztP5Nuk3yZUTEMLwOzul6SIiqc1g2eUhWjU1VhBj59xC3bMndphkEmYOCHhGx1Bh17D0mQDJkFHS71msjDsZwXadQPntGh-eMPoCaxPLG5IiViFJDYn1GTwoh85SWwQdSjuiAWboONERjJLlVSDfv6_yBT-udS1B4_pE8hRDkVkx-bU-mfIW4XBfqidoqWApL6LO7eNyFOTlzrWHy3VzEtY1bj9-Ge2Jwsv1CrwVTRxpH0BBBIyt1yAYqTOUYYom8xlFWHYhJXaLCoPYdUDnryTRMRQI0T2BRev9GCaU7ScH_y7LwfHgBnaYpfGJ4h1dyZ48AbbOels5po8s9FkeqF_FbJWqSlNw78QI0rHhsy1JTIAv845tcKsgB0bRaHTNixfuFsNw0Gj4iee29Ooz2Zba51M0jJE6d5P744mPDe5hKvzbtGgYXljZc3Jn9sjY2MCLogil7hCDWLY23J7qwpiAmkODAqcqEyMhd2Fi2_VyacMSijjBLYeI7S7-096N1svS0WEpOixPA0Teg1AQIevwY76fddz9YLWmgrvVqCXbgpxAWNZkY3mSgoDUK6pgZkX3XwtF1GlsltCM-m_5AtneaCEqMIvF6bGWhFI7t42Dyf2_9/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:05 GMT
Last-Modified
Wed, 08 Sep 2021 09:22:51 GMT
ETag
16310929711319
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
max-age=86400
Connection
keep-alive
Content-Type
image/png
Content-Length
1319
prUAFVTiRfGELjzXPvVd1nm_NJ9lJY-Qji31nqAANQvuKfhg9qR-BWo6retaFCxiS2PosVvayCLeO0JcX0T9XyCWOcDhGZontQwJg8Uq2K0xcBmgxYT61m7MSItrCpS8f4gAFq-2aVtvd-ArJ0-w7VCMWf85dxGQhlEeRPy5LkHb7WytMPCie5ztcSOw43Crpcp4e...
eu.sportradarserving.com/mimp/ Frame 163E 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.sportradarserving.com/mimp/prUAFVTiRfGELjzXPvVd1nm_NJ9lJY-Qji31nqAANQvuKfhg9qR-BWo6retaFCxiS2PosVvayCLeO0JcX0T9XyCWOcDhGZontQwJg8Uq2K0xcBmgxYT61m7MSItrCpS8f4gAFq-2aVtvd-ArJ0-w7VCMWf85dxGQhlEeRPy5LkHb7WytMPCie5ztcSOw43Crpcp4e5bUG_yzQChlWPCIsSM1wBgvfmqahrOJMlMty7r26MYf1HG4aWbxBrXd4YE3Qvmt-rPZtTQcU2vgtPYxgO6_D8wmW_tjbQDd2g-3LihdMcITlVCVvub4m_SB40WdfmsKgXUKZ_rmSFCICAG3rBxoyTtRyy91IxOa5Vgg7EB5LkqaYk7t2RmW51AoDM1126lvB7x0Ckhdw9i8EMTC5TjLDrZ-dGvnfaByy6_tmYVndEeSLNO4nH1_DTZH5YsMEfGUhFRZwsZ-HuBNfR1UUO4O2EmCjrg1amSdCrSUCtZd_aeT0YMwnJm3Yp9PRWc6MryymkS0ZuBxvKAcjRIMNiUsUjUztP5Nuk3yZUTEMLwOzul6SIiqc1g2eUhWjU1VhBj59xC3bMndphkEmYOCHhGx1Bh17D0mQDJkFHS71msjDsZwXadQPntGh-eMPoCaxPLG5IiViFJDYn1GTwoh85SWwQdSjuiAWboONERjJLlVSDfv6_yBT-udS1B4_pE8hRDkVkx-bU-mfIW4XBfqidoqWApL6LO7eNyFOTlzrWHy3VzEtY1bj9-Ge2Jwsv1CrwVTRxpH0BBBIyt1yAYqTOUYYom8xlFWHYhJXaLCoPYdUDnryTRMRQI0T2BRev9GCaU7ScH_y7LwfHgBnaYpfGJ4h1dyZ48AbbOels5po8s9FkeqF_FbJWqSlNw78QI0rHhsy1JTIAv845tcKsgB0bRaHTNixfuFsNw0Gj4iee29Ooz2Zba51M0jJE6d5P744mPDe5hKvzbtGgYXljZc3Jn9sjY2MCLogil7hCDWLY23J7qwpiAmkODAqcqEyMhd2Fi2_VyacMSijjBLYeI7S7-096N1svS0WEpOixPA0Teg1AQIevwY76fddz9YLWmgrvVqCXbgpxAWNZkY3mSgoDUK6pgZkX3XwtF1GlsltCM-m_5AtneaCEqMIvF6bGWhFI7t42Dyf2_9
Requested by
Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/prUAFVTiRfGELjzXPvVd1nm_NJ9lJY-Qji31nqAANQvuKfhg9qR-BWo6retaFCxiS2PosVvayCLeO0JcX0T9XyCWOcDhGZontQwJg8Uq2K0xcBmgxYT61m7MSItrCpS8f4gAFq-2aVtvd-ArJ0-w7VCMWf85dxGQhlEeRPy5LkHb7WytMPCie5ztcSOw43Crpcp4e5bUG_yzQChlWPCIsSM1wBgvfmqahrOJMlMty7r26MYf1HG4aWbxBrXd4YE3Qvmt-rPZtTQcU2vgtPYxgO6_D8wmW_tjbQDd2g-3LihdMcITlVCVvub4m_SB40WdfmsKgXUKZ_rmSFCICAG3rBxoyTtRyy91IxOa5Vgg7EB5LkqaYk7t2RmW51AoDM1126lvB7x0Ckhdw9i8EMTC5TjLDrZ-dGvnfaByy6_tmYVndEeSLNO4nH1_DTZH5YsMEfGUhFRZwsZ-HuBNfR1UUO4O2EmCjrg1amSdCrSUCtZd_aeT0YMwnJm3Yp9PRWc6MryymkS0ZuBxvKAcjRIMNiUsUjUztP5Nuk3yZUTEMLwOzul6SIiqc1g2eUhWjU1VhBj59xC3bMndphkEmYOCHhGx1Bh17D0mQDJkFHS71msjDsZwXadQPntGh-eMPoCaxPLG5IiViFJDYn1GTwoh85SWwQdSjuiAWboONERjJLlVSDfv6_yBT-udS1B4_pE8hRDkVkx-bU-mfIW4XBfqidoqWApL6LO7eNyFOTlzrWHy3VzEtY1bj9-Ge2Jwsv1CrwVTRxpH0BBBIyt1yAYqTOUYYom8xlFWHYhJXaLCoPYdUDnryTRMRQI0T2BRev9GCaU7ScH_y7LwfHgBnaYpfGJ4h1dyZ48AbbOels5po8s9FkeqF_FbJWqSlNw78QI0rHhsy1JTIAv845tcKsgB0bRaHTNixfuFsNw0Gj4iee29Ooz2Zba51M0jJE6d5P744mPDe5hKvzbtGgYXljZc3Jn9sjY2MCLogil7hCDWLY23J7qwpiAmkODAqcqEyMhd2Fi2_VyacMSijjBLYeI7S7-096N1svS0WEpOixPA0Teg1AQIevwY76fddz9YLWmgrvVqCXbgpxAWNZkY3mSgoDUK6pgZkX3XwtF1GlsltCM-m_5AtneaCEqMIvF6bGWhFI7t42Dyf2_9/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.205.93 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-205-93.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/ul_cb/content/prUAFVTiRfGELjzXPvVd1nm_NJ9lJY-Qji31nqAANQvuKfhg9qR-BWo6retaFCxiS2PosVvayCLeO0JcX0T9XyCWOcDhGZontQwJg8Uq2K0xcBmgxYT61m7MSItrCpS8f4gAFq-2aVtvd-ArJ0-w7VCMWf85dxGQhlEeRPy5LkHb7WytMPCie5ztcSOw43Crpcp4e5bUG_yzQChlWPCIsSM1wBgvfmqahrOJMlMty7r26MYf1HG4aWbxBrXd4YE3Qvmt-rPZtTQcU2vgtPYxgO6_D8wmW_tjbQDd2g-3LihdMcITlVCVvub4m_SB40WdfmsKgXUKZ_rmSFCICAG3rBxoyTtRyy91IxOa5Vgg7EB5LkqaYk7t2RmW51AoDM1126lvB7x0Ckhdw9i8EMTC5TjLDrZ-dGvnfaByy6_tmYVndEeSLNO4nH1_DTZH5YsMEfGUhFRZwsZ-HuBNfR1UUO4O2EmCjrg1amSdCrSUCtZd_aeT0YMwnJm3Yp9PRWc6MryymkS0ZuBxvKAcjRIMNiUsUjUztP5Nuk3yZUTEMLwOzul6SIiqc1g2eUhWjU1VhBj59xC3bMndphkEmYOCHhGx1Bh17D0mQDJkFHS71msjDsZwXadQPntGh-eMPoCaxPLG5IiViFJDYn1GTwoh85SWwQdSjuiAWboONERjJLlVSDfv6_yBT-udS1B4_pE8hRDkVkx-bU-mfIW4XBfqidoqWApL6LO7eNyFOTlzrWHy3VzEtY1bj9-Ge2Jwsv1CrwVTRxpH0BBBIyt1yAYqTOUYYom8xlFWHYhJXaLCoPYdUDnryTRMRQI0T2BRev9GCaU7ScH_y7LwfHgBnaYpfGJ4h1dyZ48AbbOels5po8s9FkeqF_FbJWqSlNw78QI0rHhsy1JTIAv845tcKsgB0bRaHTNixfuFsNw0Gj4iee29Ooz2Zba51M0jJE6d5P744mPDe5hKvzbtGgYXljZc3Jn9sjY2MCLogil7hCDWLY23J7qwpiAmkODAqcqEyMhd2Fi2_VyacMSijjBLYeI7S7-096N1svS0WEpOixPA0Teg1AQIevwY76fddz9YLWmgrvVqCXbgpxAWNZkY3mSgoDUK6pgZkX3XwtF1GlsltCM-m_5AtneaCEqMIvF6bGWhFI7t42Dyf2_9/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length
43
Content-Type
image/gif
/
servedby.flashtalking.com/imp/1/152991;5602466;201;jsappend;Sportradar;DESportsFeedSportradarAudienceBuy728x90/ Frame 163E 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servedby.flashtalking.com/imp/1/152991;5602466;201;jsappend;Sportradar;DESportsFeedSportradarAudienceBuy728x90/?ft_c1=&ftOBA=1&ft_domain=ask.fm&ft_ifb=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fask.fm%2F&gdpr=0&gdpr_consent=${GDPR_CONSENT_78}&us_privacy=${US_PRIVACY}&cachebuster=333521.16256112873
Requested by
Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/prUAFVTiRfGELjzXPvVd1nm_NJ9lJY-Qji31nqAANQvuKfhg9qR-BWo6retaFCxiS2PosVvayCLeO0JcX0T9XyCWOcDhGZontQwJg8Uq2K0xcBmgxYT61m7MSItrCpS8f4gAFq-2aVtvd-ArJ0-w7VCMWf85dxGQhlEeRPy5LkHb7WytMPCie5ztcSOw43Crpcp4e5bUG_yzQChlWPCIsSM1wBgvfmqahrOJMlMty7r26MYf1HG4aWbxBrXd4YE3Qvmt-rPZtTQcU2vgtPYxgO6_D8wmW_tjbQDd2g-3LihdMcITlVCVvub4m_SB40WdfmsKgXUKZ_rmSFCICAG3rBxoyTtRyy91IxOa5Vgg7EB5LkqaYk7t2RmW51AoDM1126lvB7x0Ckhdw9i8EMTC5TjLDrZ-dGvnfaByy6_tmYVndEeSLNO4nH1_DTZH5YsMEfGUhFRZwsZ-HuBNfR1UUO4O2EmCjrg1amSdCrSUCtZd_aeT0YMwnJm3Yp9PRWc6MryymkS0ZuBxvKAcjRIMNiUsUjUztP5Nuk3yZUTEMLwOzul6SIiqc1g2eUhWjU1VhBj59xC3bMndphkEmYOCHhGx1Bh17D0mQDJkFHS71msjDsZwXadQPntGh-eMPoCaxPLG5IiViFJDYn1GTwoh85SWwQdSjuiAWboONERjJLlVSDfv6_yBT-udS1B4_pE8hRDkVkx-bU-mfIW4XBfqidoqWApL6LO7eNyFOTlzrWHy3VzEtY1bj9-Ge2Jwsv1CrwVTRxpH0BBBIyt1yAYqTOUYYom8xlFWHYhJXaLCoPYdUDnryTRMRQI0T2BRev9GCaU7ScH_y7LwfHgBnaYpfGJ4h1dyZ48AbbOels5po8s9FkeqF_FbJWqSlNw78QI0rHhsy1JTIAv845tcKsgB0bRaHTNixfuFsNw0Gj4iee29Ooz2Zba51M0jJE6d5P744mPDe5hKvzbtGgYXljZc3Jn9sjY2MCLogil7hCDWLY23J7qwpiAmkODAqcqEyMhd2Fi2_VyacMSijjBLYeI7S7-096N1svS0WEpOixPA0Teg1AQIevwY76fddz9YLWmgrvVqCXbgpxAWNZkY3mSgoDUK6pgZkX3XwtF1GlsltCM-m_5AtneaCEqMIvF6bGWhFI7t42Dyf2_9/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip0x013.map2.ssl.hwcdn.net
Software
prod-xre-app32.frk11 /
Resource Hash
f14dd8a84efc98592912889b23bc66cb60ee4a89071aeb7263d0a4edfec61bec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:05 GMT
Server
prod-xre-app32.frk11
X-HW
1631234465.dop223.fr8.t,1631234465.cds109.fr8.shn,1631234465.dop223.fr8.t,1631234465.cds257.fr8.sc,1631234465.cds257.fr8.p
Content-Type
text/javascript
Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Length
1711
Expires
Fri, 01 Jan 1990 00:00:00 GMT
j-5602466-3529837.js
cdn.flashtalking.com/xre/560/5602466/3529837/js/ Frame 163E 		92 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/xre/560/5602466/3529837/js/j-5602466-3529837.js
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/1/152991;5602466;201;jsappend;Sportradar;DESportsFeedSportradarAudienceBuy728x90/?ft_c1=&ftOBA=1&ft_domain=ask.fm&ft_ifb=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fask.fm%2F&gdpr=0&gdpr_consent=${GDPR_CONSENT_78}&us_privacy=${US_PRIVACY}&cachebuster=333521.16256112873
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
82ecd5f710510012e5abc98124339e8b65444c993cce3a3f5875dba1c781610e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:05 GMT
Content-Encoding
gzip
x-amz-request-id
EWY6K6AAVP09X0NN
X-HW
1631234465.dop230.fr8.t,1631234465.cds234.fr8.shn,1631234465.dop230.fr8.t,1631234465.cds236.fr8.pr
Connection
Keep-Alive
Content-Length
23961
x-amz-id-2
4NdCHEFoHxUdqapEVWb2ZdMoWWsaSDczRI8HEoH72q/95/zt9qeBzqhoEWa5rEOMIZe6gLqhZw0=
Last-Modified
Thu, 02 Sep 2021 05:04:04 GMT
ETag
W/"6fb5990641cba5e4066a9982941fc8de"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Accept-Ranges
bytes
vpaid.min.js
moevideo.biz/embed/player/1707/vpaid/ Frame 8882 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/player/1707/vpaid/vpaid.min.js
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.105 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f12.moevideo.net
Software
nginx /
Resource Hash
3c50e9629fa1a0f26d8a6a017db615c5fc46af69bf4f2e28f6f5e6b05336289e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:05 GMT
Last-Modified
Mon, 30 Aug 2021 11:41:37 GMT
Server
nginx
X-My-Name
s41
ETag
"612cc3f1-1c64"
Content-Type
application/javascript
Content-Length
7268
Connection
keep-alive
Accept-Ranges
bytes
X-My-Reqtime
0.302
viralize_vpaid.min.9026482f.js
static.viralize.tv/ Frame 9DD3 		61 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.viralize.tv/viralize_vpaid.min.9026482f.js?e=ops
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a10d306265feb9fd46afe61797ff3eb234550e49d93624d80212d4761296ce1b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:05 GMT
content-encoding
br
cf-cache-status
HIT
age
42101
x-guploader-uploadid
ADPycds_kHIqwdOjqEwZ4rIFoG7EeJVo3htiCnEgUUJUqhz2aYxFa0TOR1ob0hufW2fJdC9O2EWZNgLP9T7TLM-b
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 09 Sep 2021 12:54:55 GMT
server
cloudflare
etag
W/"9026482feeb11a8d20ff2d42d0817333"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=rErZ1Q==, md5=kCZIL+6xGo0g/y1C0IFzMw==
x-goog-generation
1631192095681511
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=2592000
x-goog-stored-content-length
62513
cf-ray
68c49bd0b81838b0-VIE
expires
Sun, 10 Oct 2021 00:41:05 GMT
context.js
an.yandex.ru/system/ 		287 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/system/context.js
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
4046d0906f726ed383a2da2d75a660b940d2a70f65f99c8d0877ef2d0e2d48af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
strict-transport-security
max-age=31536000
content-encoding
br
etag
1794643862
x-yandex-req-id
1631234465505624-296371763758485873900275-production-app-host-sas-pcode-196
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Fri, 10 Sep 2021 01:41:05 GMT
d9core
d9.flashtalking.com/ Frame 163E 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d9.flashtalking.com/d9core
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/560/5602466/3529837/js/j-5602466-3529837.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.65.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-65-165.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash
713bfb822396c55c3a18ac888f3419ba46f0fae3adf7dc774495e7d8b1a2be61

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:04 GMT
Content-Encoding
gzip
Server
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips
ETag
5bc31bf7d4a298e1bef9d35fce222bfc
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin
d9.flashtalking.com
Cache-Control
private, must-revalidate, proxy-revalidate, max-age=172800
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript;charset=utf-8
Content-Length
3603
iframe
c.bannerflow.net/scripts/ Frame C50E 		1 KB
985 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc57&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602466%3B3529837%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/560/5602466/3529837/js/j-5602466-3529837.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
334b0a97ec6bd9277f5e2e9ccee5c95026a43510900d2b3b3ac8d448c8bdf903

Request headers

:method
GET
:authority
c.bannerflow.net
:scheme
https
:path
/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc57&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602466%3B3529837%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://eu.sportradarserving.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/

Response headers

date
Fri, 10 Sep 2021 00:41:05 GMT
content-type
text/html
content-md5
O1ygtjalgtxvBklW+VAa0A==
last-modified
Tue, 12 May 2020 17:45:55 GMT
x-ms-request-id
7abb2f09-101e-0041-16dc-a5b5c2000000
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin
*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
68c49bd13cbffcad-VIE
content-encoding
br
score.min.js
js.ad-score.com/ Frame 163E 		430 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.ad-score.com/score.min.js?pid=1000791&tt=g
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/560/5602466/3529837/js/j-5602466-3529837.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:6800:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
690ffda50762909fb778e25be1d99cd8e908476dfb993c3ecee01f25c4de2236

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 09 Sep 2021 21:25:40 GMT
Content-Encoding
gzip
Age
11725
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Thu, 09 Sep 2021 21:25:40 GMT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Via
1.1 6b4e2529be13169ec5ee4214df435dab.cloudfront.net (CloudFront)
Cache-Control
public, max-age=86400
Access-Control-Allow-Credentials
true
X-Amz-Cf-Pop
CDG50-P2
Access-Control-Allow-Headers
Cache-Control
X-Amz-Cf-Id
jQnWJqog55I3cAXYKarL-ZN08GMPcwqzDQDdzrdEZBSv5TCigQjI6Q==
Expires
Fri, 10 Sep 2021 21:25:40 GMT
moatad.js
z.moatads.com/betwayglobalftdisplay906661272790/ Frame 163E 		297 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/betwayglobalftdisplay906661272790/moatad.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/560/5602466/3529837/js/j-5602466-3529837.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.122.150.58 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-150-58.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b813529904299f779a45fa707fdc40c9e883fc265bc18e93f7924281398a4d11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:05 GMT
content-encoding
gzip
last-modified
Tue, 31 Aug 2021 14:32:14 GMT
server
AmazonS3
x-amz-request-id
AFGF720JK61W0K5W
etag
"70a7cb2647fea7905e9e4ca0a7358d18"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=28174
accept-ranges
bytes
content-length
102973
x-amz-id-2
SNmzAgOlu5DhxC89LwKAR24BKkzsPQOtqBX/VweUFtof0ofdURacp40QZHKvK9bQfRact1RdLFQ=
iconc.png
secure.flashtalking.com/oba/icon/ Frame 163E 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.flashtalking.com/oba/icon/iconc.png?EDAA_icon=y
Requested by
Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/prUAFVTiRfGELjzXPvVd1nm_NJ9lJY-Qji31nqAANQvuKfhg9qR-BWo6retaFCxiS2PosVvayCLeO0JcX0T9XyCWOcDhGZontQwJg8Uq2K0xcBmgxYT61m7MSItrCpS8f4gAFq-2aVtvd-ArJ0-w7VCMWf85dxGQhlEeRPy5LkHb7WytMPCie5ztcSOw43Crpcp4e5bUG_yzQChlWPCIsSM1wBgvfmqahrOJMlMty7r26MYf1HG4aWbxBrXd4YE3Qvmt-rPZtTQcU2vgtPYxgO6_D8wmW_tjbQDd2g-3LihdMcITlVCVvub4m_SB40WdfmsKgXUKZ_rmSFCICAG3rBxoyTtRyy91IxOa5Vgg7EB5LkqaYk7t2RmW51AoDM1126lvB7x0Ckhdw9i8EMTC5TjLDrZ-dGvnfaByy6_tmYVndEeSLNO4nH1_DTZH5YsMEfGUhFRZwsZ-HuBNfR1UUO4O2EmCjrg1amSdCrSUCtZd_aeT0YMwnJm3Yp9PRWc6MryymkS0ZuBxvKAcjRIMNiUsUjUztP5Nuk3yZUTEMLwOzul6SIiqc1g2eUhWjU1VhBj59xC3bMndphkEmYOCHhGx1Bh17D0mQDJkFHS71msjDsZwXadQPntGh-eMPoCaxPLG5IiViFJDYn1GTwoh85SWwQdSjuiAWboONERjJLlVSDfv6_yBT-udS1B4_pE8hRDkVkx-bU-mfIW4XBfqidoqWApL6LO7eNyFOTlzrWHy3VzEtY1bj9-Ge2Jwsv1CrwVTRxpH0BBBIyt1yAYqTOUYYom8xlFWHYhJXaLCoPYdUDnryTRMRQI0T2BRev9GCaU7ScH_y7LwfHgBnaYpfGJ4h1dyZ48AbbOels5po8s9FkeqF_FbJWqSlNw78QI0rHhsy1JTIAv845tcKsgB0bRaHTNixfuFsNw0Gj4iee29Ooz2Zba51M0jJE6d5P744mPDe5hKvzbtGgYXljZc3Jn9sjY2MCLogil7hCDWLY23J7qwpiAmkODAqcqEyMhd2Fi2_VyacMSijjBLYeI7S7-096N1svS0WEpOixPA0Teg1AQIevwY76fddz9YLWmgrvVqCXbgpxAWNZkY3mSgoDUK6pgZkX3XwtF1GlsltCM-m_5AtneaCEqMIvF6bGWhFI7t42Dyf2_9/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.40.112.51 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-112-51.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:05 GMT
Last-Modified
Sat, 12 Apr 2014 19:14:32 GMT
Server
Flashtalking (AKA)
ETag
W/"db320ef6f3c45ab5c90887ef618de2bb"
X-Varnish
48488781
Cache-Control
max-age=2134725
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
1308
Expires
Mon, 04 Oct 2021 17:39:50 GMT
/
sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/js/ 		2 KB
826 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/js/?r=23546366123
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.233.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.28.233.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
c81d385094258a16ed73e19cfef6b5ddd91ffcd692474281cc7b73b95f71a545

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:05 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
ac
www8.smartadserver.com/ 		16 B
320 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www8.smartadserver.com/ac?pgid=692816&insid=5733718&tmstp=9459299238&out=js
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
efded6408c7e64cd48c00b10bdd63b79539c5bb13a396b9f3773f71fe2d5a606

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:04 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
transfer-encoding
chunked
content-type
application/javascript; charset=UTF-8
/
c1.adform.net/serving/cookie/match/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=dce92ee15bffc23d8e31137e73f8f28&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l1e52_7006098679283637919
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZGNlOTJlZTE1YmZmYzIzZDhlMzExMzdlNzNmOGYyOA==&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEDnGf47Q2X-YrRDKC3yWJZE&google_cver=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=be919faa-1a75-4dee-97fe-3f0e168429c9
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=8753280251054543738
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/dce92ee15bffc23d8e31137e73f8f28&gdpr=0&gdpr_consent=?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-n74x9YJE2oNAagO6byHyribXCrd.MEpyvbhOOoIL~A
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=c3a1613a-a9a0-4400-901c-beee312d150c&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AABtN07CdVMAABREzLmq8A&gdpr=0
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=kVIHXRy11MouBk5&gdpr=0
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YTqpoAAAVIlJPAAT&gdpr=0
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0
0
0
/
loadus.exelator.com/load/
Redirect Chain
  • https://loadus.exelator.com/load/?p=204&g=119&buid=
  • https://loadus.exelator.com/load/?p=204&g=119&buid=&xl8blockcheck=1
56 B
865 B 		Script
General
Check archive.org
Download Go to
Full URL
https://loadus.exelator.com/load/?p=204&g=119&buid=&xl8blockcheck=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.126.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
cb0bdfc5baf5bf92d8f4dff9bdeeec29aeb38034efad11e1bda6caab7f778e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:05 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
content-type
application/x-javascript;charset=UTF-8
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Fri, 10 Sep 2021 00:41:05 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadus.exelator.com/load/?p=204&g=119&buid=&xl8blockcheck=1
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
pandg-sdk.js
pghub.io/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pghub.io/js/pandg-sdk.js
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
217.45.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
443d41c905362e5073c79212ec86c5f69ddcfbc38f5530c6409b73c604e74259

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 23:44:36 GMT
content-encoding
gzip
age
3389
x-guploader-uploadid
ADPycds8rdZneI-JJhQFzXgOI5DMjQw39_TuKaFPfQmU0R0I-BU8adcVqa8KKLEN3NYboTWmAH3Un9ThJleUHHAHZoU
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1482
last-modified
Wed, 07 Apr 2021 18:40:01 GMT
server
UploadServer
etag
"dd7e4933d35d1a7cb610442e9bea8b94"
vary
Accept-Encoding
x-goog-hash
crc32c=dtXWGA==, md5=3X5JM9NdGny2EEQum+qLlA==
x-goog-generation
1617820801121016
cache-control
public,max-age=3600
x-goog-stored-content-length
1482
accept-ranges
bytes
content-type
application/javascript
/
ads.viralize.tv/player/ Frame 9DD3 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.viralize.tv/player/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fask.fm&cbb=1234464826&sid=01ec11cfc7be8e90ba4b575b63621e31&experiment=ops.v&ahd=1&enable_branding=0&player_session=%7B%22page_id%22%3A%22017bcd269e918cf6853531fb407c70f0%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1217%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22width%22%3A432%2C%22height%22%3A243%7D%7D&pub_platform=&dd=ask.fm&sc=1&gdpr=1&cs=&cmp=unavailable
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.9026482f.js?e=ops
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
87d08823c19a3215335a08273e2cb1fdee011bbbf0a035d3311d07ce4b1ea008

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:05 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
raven.min.js
cdn.ravenjs.com/3.17.0/ Frame 5D21 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ravenjs.com/3.17.0/raven.min.js
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.9026482f.js?e=ops
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:05 GMT
content-encoding
gzip
last-modified
Thu, 13 Jul 2017 16:58:06 GMT
server
Fastly
age
1493
etag
"51d6eff0ea5151f41fa0e2f3310fc7c7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
9634
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.1/ Frame 5D21 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.1/jquery.min.js
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.9026482f.js?e=ops
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 09:35:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
572713
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34056
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Sep 2022 09:35:52 GMT
polyfill.min.js
polyfill.io/v3/ Frame 5D21 		101 B
580 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es5,es6,es7&flags=gated
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.9026482f.js?e=ops
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
069a660398be8db8f9b6d8dad3f052d9a061b697b5354c24784c62d3df0a82f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
1616476
detected-user-agent
Chrome Mobile/89.0.4389
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length
89
referrer-policy
origin-when-cross-origin
last-modified
Sun, 22 Aug 2021 00:24:10 GMT
date
Fri, 10 Sep 2021 00:41:05 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/89.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 5D21 		346 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.9026482f.js?e=ops
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:805::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe08c3a5fd2d4a0c5a4f33864bbb3bddc095f87d1aba54a588163f3370b33ff4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121963
x-xss-protection
0
expires
Fri, 10 Sep 2021 00:41:05 GMT
viralize_player.min.b9da9260.js
static.viralize.tv/ Frame 5D21 		732 KB
214 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.viralize.tv/viralize_player.min.b9da9260.js?e=ops
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.9026482f.js?e=ops
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69d4c25c29aa07240210f0578e668297b07d637e6bfc3639e936efbbb371f23c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:05 GMT
content-encoding
br
cf-cache-status
HIT
age
309750
x-guploader-uploadid
ADPycdt_ASeU9Stb2C6TXbuOTHTTgLT53qMzAiHgUHfIbzRY9FiFDzqWtb1nyBAiRB69iCjEGdop1fwTZPFFmlu-kk4
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 06 Sep 2021 10:34:14 GMT
server
cloudflare
etag
W/"b9da9260e532ebe8904933e626177f7a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=pH/jzg==, md5=udqSYOUy6+iQSTPmJhd/eg==
x-goog-generation
1630924454229137
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=2592000
x-goog-stored-content-length
750059
cf-ray
68c49bd2e94d38b0-VIE
expires
Sun, 10 Oct 2021 00:41:05 GMT
tag
pandg.tapad.com/ Frame 91AD 		174 B
667 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pandg.tapad.com/tag?gdpr=0&gdpr_consent=&referrer_url=&page_url=https%3A%2F%2Fask.fm%2Fspadebook33&owner=P%26G&bp_id=showheroes&data=%7B%7D
Requested by
Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
be86139dc8dd1befd1ef3cfd42a52739c63ec7106c67545cc512438363a8aeec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pandg.tapad.com
:scheme
https
:path
/tag?gdpr=0&gdpr_consent=&referrer_url=&page_url=https%3A%2F%2Fask.fm%2Fspadebook33&owner=P%26G&bp_id=showheroes&data=%7B%7D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ask.fm/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

date
Fri, 10 Sep 2021 00:41:05 GMT
strict-transport-security
max-age=31536000
content-security-policy-report-only
default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
content-type
text/html;charset=utf-8
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie
TapAd_TS=1631234465515;Expires=Tue, 09 Nov 2021 00:41:05 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=38521a83-bb43-4d48-86fd-e836d6e7a4cd;Expires=Tue, 09 Nov 2021 00:41:05 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
content-length
174
via
1.1 google
alt-svc
clear
cors
data.ad-score.com/data/ Frame 163E 		60 B
615 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=RSQGGJYfEXmupzWoXrNmEpEveIZlFxPQ-FE7fPshldVrqKDwc0HLJEULAPg==-E0zCPc9laVXmNg==&pm_ct=2448487b1d18d01420f59fef&pm_pl=1631234465576&pm_td=5&pid=1000791&en=1.1&callback=__pm_glbl_1APuPk7JtD4qMlOwJOnEbDbV._gc1&tt=g&v=01ec985
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000791&tt=g
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
84d3aaf3356d655241bb1a9a8d4219ea5fba1e0af707e3d64b34fb48531a9786

Request headers

Referer
https://eu.sportradarserving.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:06 GMT
Age
0
Access-Control-Allow-Methods
POST
P3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin
https://eu.sportradarserving.com
Cache-Control
post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
60
truncated
/ Frame D707 		266 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 163E 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
dcaecb12-4b4c-4bf1-9bad-78ee053d6ac0
https://eu.sportradarserving.com/ Frame 163E 		720 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://eu.sportradarserving.com/dcaecb12-4b4c-4bf1-9bad-78ee053d6ac0
Requested by
Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/prUAFVTiRfGELjzXPvVd1nm_NJ9lJY-Qji31nqAANQvuKfhg9qR-BWo6retaFCxiS2PosVvayCLeO0JcX0T9XyCWOcDhGZontQwJg8Uq2K0xcBmgxYT61m7MSItrCpS8f4gAFq-2aVtvd-ArJ0-w7VCMWf85dxGQhlEeRPy5LkHb7WytMPCie5ztcSOw43Crpcp4e5bUG_yzQChlWPCIsSM1wBgvfmqahrOJMlMty7r26MYf1HG4aWbxBrXd4YE3Qvmt-rPZtTQcU2vgtPYxgO6_D8wmW_tjbQDd2g-3LihdMcITlVCVvub4m_SB40WdfmsKgXUKZ_rmSFCICAG3rBxoyTtRyy91IxOa5Vgg7EB5LkqaYk7t2RmW51AoDM1126lvB7x0Ckhdw9i8EMTC5TjLDrZ-dGvnfaByy6_tmYVndEeSLNO4nH1_DTZH5YsMEfGUhFRZwsZ-HuBNfR1UUO4O2EmCjrg1amSdCrSUCtZd_aeT0YMwnJm3Yp9PRWc6MryymkS0ZuBxvKAcjRIMNiUsUjUztP5Nuk3yZUTEMLwOzul6SIiqc1g2eUhWjU1VhBj59xC3bMndphkEmYOCHhGx1Bh17D0mQDJkFHS71msjDsZwXadQPntGh-eMPoCaxPLG5IiViFJDYn1GTwoh85SWwQdSjuiAWboONERjJLlVSDfv6_yBT-udS1B4_pE8hRDkVkx-bU-mfIW4XBfqidoqWApL6LO7eNyFOTlzrWHy3VzEtY1bj9-Ge2Jwsv1CrwVTRxpH0BBBIyt1yAYqTOUYYom8xlFWHYhJXaLCoPYdUDnryTRMRQI0T2BRev9GCaU7ScH_y7LwfHgBnaYpfGJ4h1dyZ48AbbOels5po8s9FkeqF_FbJWqSlNw78QI0rHhsy1JTIAv845tcKsgB0bRaHTNixfuFsNw0Gj4iee29Ooz2Zba51M0jJE6d5P744mPDe5hKvzbtGgYXljZc3Jn9sjY2MCLogil7hCDWLY23J7qwpiAmkODAqcqEyMhd2Fi2_VyacMSijjBLYeI7S7-096N1svS0WEpOixPA0Teg1AQIevwY76fddz9YLWmgrvVqCXbgpxAWNZkY3mSgoDUK6pgZkX3XwtF1GlsltCM-m_5AtneaCEqMIvF6bGWhFI7t42Dyf2_9/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
720
Content-Type
application/javascript
cors
data.ad-score.com/data/ Frame 163E 		1 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=RSQGGJYfEXmupzWoXrNmEpEveIZlFxPQ-FE7fPshldVrqKDwc0HLJEULAPg==-E0zCPc9laVXmNg==&pm_ct=2448487b1d18d01420f59fef&pm_pl=1631234465576&pm_td=196&pid=1000791&en=1.1&callback=__pm_glbl_1APuPk7JtD4qMlOwJOnEbDbV._gc2&tt=g&v=01ec985
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000791&tt=g
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://eu.sportradarserving.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://eu.sportradarserving.com
Date
Fri, 10 Sep 2021 00:41:06 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
truncated
/ Frame 163E 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
consumer-privacy-logo.png
secure.flashtalking.com/oba/icon/ Frame 163E 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
Requested by
Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/prUAFVTiRfGELjzXPvVd1nm_NJ9lJY-Qji31nqAANQvuKfhg9qR-BWo6retaFCxiS2PosVvayCLeO0JcX0T9XyCWOcDhGZontQwJg8Uq2K0xcBmgxYT61m7MSItrCpS8f4gAFq-2aVtvd-ArJ0-w7VCMWf85dxGQhlEeRPy5LkHb7WytMPCie5ztcSOw43Crpcp4e5bUG_yzQChlWPCIsSM1wBgvfmqahrOJMlMty7r26MYf1HG4aWbxBrXd4YE3Qvmt-rPZtTQcU2vgtPYxgO6_D8wmW_tjbQDd2g-3LihdMcITlVCVvub4m_SB40WdfmsKgXUKZ_rmSFCICAG3rBxoyTtRyy91IxOa5Vgg7EB5LkqaYk7t2RmW51AoDM1126lvB7x0Ckhdw9i8EMTC5TjLDrZ-dGvnfaByy6_tmYVndEeSLNO4nH1_DTZH5YsMEfGUhFRZwsZ-HuBNfR1UUO4O2EmCjrg1amSdCrSUCtZd_aeT0YMwnJm3Yp9PRWc6MryymkS0ZuBxvKAcjRIMNiUsUjUztP5Nuk3yZUTEMLwOzul6SIiqc1g2eUhWjU1VhBj59xC3bMndphkEmYOCHhGx1Bh17D0mQDJkFHS71msjDsZwXadQPntGh-eMPoCaxPLG5IiViFJDYn1GTwoh85SWwQdSjuiAWboONERjJLlVSDfv6_yBT-udS1B4_pE8hRDkVkx-bU-mfIW4XBfqidoqWApL6LO7eNyFOTlzrWHy3VzEtY1bj9-Ge2Jwsv1CrwVTRxpH0BBBIyt1yAYqTOUYYom8xlFWHYhJXaLCoPYdUDnryTRMRQI0T2BRev9GCaU7ScH_y7LwfHgBnaYpfGJ4h1dyZ48AbbOels5po8s9FkeqF_FbJWqSlNw78QI0rHhsy1JTIAv845tcKsgB0bRaHTNixfuFsNw0Gj4iee29Ooz2Zba51M0jJE6d5P744mPDe5hKvzbtGgYXljZc3Jn9sjY2MCLogil7hCDWLY23J7qwpiAmkODAqcqEyMhd2Fi2_VyacMSijjBLYeI7S7-096N1svS0WEpOixPA0Teg1AQIevwY76fddz9YLWmgrvVqCXbgpxAWNZkY3mSgoDUK6pgZkX3XwtF1GlsltCM-m_5AtneaCEqMIvF6bGWhFI7t42Dyf2_9/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.40.112.51 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-112-51.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:05 GMT
Last-Modified
Thu, 11 Feb 2021 15:39:51 GMT
Server
Flashtalking (AKA)
ETag
W/"d675694ab4d4d2eb56cca854c25d9c36"
X-Varnish
902212630 901748470
Cache-Control
max-age=824
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
5953
Expires
Fri, 10 Sep 2021 00:54:49 GMT
pixel.gif
px.moatads.com/ Frame 163E 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=BETWAY_GLOBAL_FT_DISPLAY1&hp=1&ra=1&pxm=&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fask.fm&lp=https%3A%2F%2Fask.fm&t=1631234465813&de=65749779014&m=0&ar=503c7d4-clean&iw=85d6c64&q=2&cb=0&ym=0&cu=1631234465813&ll=2&lm=3&ln=1&em=0&en=0&d=152991%3A17602%3A5602466%3A3529837&zMoatMMStrategy=-&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fask.fm%2F&id=0&ii=9&bo=ask.fm&bd=ask.fm&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=betwayglobalftdisplay906661272790&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A331%3A331%3A0%3A121&fs=194337&na=770875277&cs=0
Requested by
Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/prUAFVTiRfGELjzXPvVd1nm_NJ9lJY-Qji31nqAANQvuKfhg9qR-BWo6retaFCxiS2PosVvayCLeO0JcX0T9XyCWOcDhGZontQwJg8Uq2K0xcBmgxYT61m7MSItrCpS8f4gAFq-2aVtvd-ArJ0-w7VCMWf85dxGQhlEeRPy5LkHb7WytMPCie5ztcSOw43Crpcp4e5bUG_yzQChlWPCIsSM1wBgvfmqahrOJMlMty7r26MYf1HG4aWbxBrXd4YE3Qvmt-rPZtTQcU2vgtPYxgO6_D8wmW_tjbQDd2g-3LihdMcITlVCVvub4m_SB40WdfmsKgXUKZ_rmSFCICAG3rBxoyTtRyy91IxOa5Vgg7EB5LkqaYk7t2RmW51AoDM1126lvB7x0Ckhdw9i8EMTC5TjLDrZ-dGvnfaByy6_tmYVndEeSLNO4nH1_DTZH5YsMEfGUhFRZwsZ-HuBNfR1UUO4O2EmCjrg1amSdCrSUCtZd_aeT0YMwnJm3Yp9PRWc6MryymkS0ZuBxvKAcjRIMNiUsUjUztP5Nuk3yZUTEMLwOzul6SIiqc1g2eUhWjU1VhBj59xC3bMndphkEmYOCHhGx1Bh17D0mQDJkFHS71msjDsZwXadQPntGh-eMPoCaxPLG5IiViFJDYn1GTwoh85SWwQdSjuiAWboONERjJLlVSDfv6_yBT-udS1B4_pE8hRDkVkx-bU-mfIW4XBfqidoqWApL6LO7eNyFOTlzrWHy3VzEtY1bj9-Ge2Jwsv1CrwVTRxpH0BBBIyt1yAYqTOUYYom8xlFWHYhJXaLCoPYdUDnryTRMRQI0T2BRev9GCaU7ScH_y7LwfHgBnaYpfGJ4h1dyZ48AbbOels5po8s9FkeqF_FbJWqSlNw78QI0rHhsy1JTIAv845tcKsgB0bRaHTNixfuFsNw0Gj4iee29Ooz2Zba51M0jJE6d5P744mPDe5hKvzbtGgYXljZc3Jn9sjY2MCLogil7hCDWLY23J7qwpiAmkODAqcqEyMhd2Fi2_VyacMSijjBLYeI7S7-096N1svS0WEpOixPA0Teg1AQIevwY76fddz9YLWmgrvVqCXbgpxAWNZkY3mSgoDUK6pgZkX3XwtF1GlsltCM-m_5AtneaCEqMIvF6bGWhFI7t42Dyf2_9/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.122.150.58 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-150-58.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:05 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 10 Sep 2021 00:41:05 GMT
48953915
mc.yandex.com/webvisor/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=1&wv-hit=511849672&page-url=https%3A%2F%2Fask.fm%2Fspadebook33&rn=438327892&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1631234466%3Aw%3A1600x1200%3Av%3A631%3Az%3A0%3Ai%3A202109010004105%3Au%3A1631234463427757091%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1631234466
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:06 GMT
last-modified
Fri, 10-Sep-2021 00:41:06 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 10-Sep-2021 00:41:06 GMT
48953915
mc.yandex.com/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=1&wv-hit=511849672&page-url=https%3A%2F%2Fask.fm%2Fspadebook33&rn=380620256&wv-type=5&browser-info=gdpr%3A14%3Aet%3A1631234466%3Aw%3A1600x1200%3Av%3A631%3Az%3A0%3Ai%3A202109010004105%3Au%3A1631234463427757091%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1631234466
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:06 GMT
last-modified
Fri, 10-Sep-2021 00:41:06 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 10-Sep-2021 00:41:06 GMT
ad
v.lkqd.net/ Frame CE53 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fspadebook33&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=71276815&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.184 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
67b67c308cca71eeecb17ae844691a10ed6ebf67f0513c9b236966e60321cc43

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:05 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1357
cors
data.ad-score.com/data/ Frame 163E 		1 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=RSQGGJYfEXmupzWoXrNmEpEveIZlFxPQ-FE7fPshldVrqKDwc0HLJEULAPg==-E0zCPc9laVXmNg==&pm_ct=2448487b1d18d01420f59fef&pm_pl=1631234465576&pm_td=355&pid=1000791&en=1.1&callback=__pm_glbl_1APuPk7JtD4qMlOwJOnEbDbV._gc3&tt=g&v=01ec985
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000791&tt=g
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://eu.sportradarserving.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://eu.sportradarserving.com
Date
Fri, 10 Sep 2021 00:41:06 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
lgc
d9.flashtalking.com/ Frame 163E 		118 B
758 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d9.flashtalking.com/lgc
Requested by
Host: d9.flashtalking.com
URL: https://d9.flashtalking.com/d9core
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.65.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-65-165.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash
4d1fe7d30a7c259a06e15aa44ddbe612a87c267f745c0e2ddcee32de07a85693

Request headers

Referer
https://eu.sportradarserving.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Fri, 10 Sep 2021 00:41:05 GMT
Content-Encoding
gzip
Server
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin
https://eu.sportradarserving.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=ISO-8859-1
Content-Length
90
polyfill.min.js
polyfill.io/v3/ Frame 5D21 		101 B
131 B 		Other
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es5,es6,es7&flags=gated
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
069a660398be8db8f9b6d8dad3f052d9a061b697b5354c24784c62d3df0a82f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
1616476
detected-user-agent
Chrome Mobile/89.0.4389
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length
89
referrer-policy
origin-when-cross-origin
last-modified
Sun, 22 Aug 2021 00:24:10 GMT
date
Fri, 10 Sep 2021 00:41:05 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/89.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
4dd8cea16765ff9a3c9c.js
yastatic.net/partner-code-bundles/43442/ 		80 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/43442/4dd8cea16765ff9a3c9c.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
67c1459c2f23ce9133cb834183097830b53cd77882c1c99f3aa534474d3e4418
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:06 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
17372
last-modified
Thu, 09 Sep 2021 15:27:20 GMT
server
nginx/1.17.9
etag
"7f963f423e020bbfdb6983784cc6e561"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Sep 2051 07:14:43 GMT
host.js
yastatic.net/safeframe-bundles/0.82/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.82/host.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
10c861bc88c25be1f3ee98f7652bc7fbb35857f42f923e00c6037b757c77685e
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:06 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8879
last-modified
Mon, 28 Jun 2021 10:29:24 GMT
server
nginx/1.17.9
etag
"e4627697ff619d2b610d2b2fee975531"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Sep 2051 07:17:04 GMT
04f8883d2ef1fb21fc50.js
yastatic.net/partner-code-bundles/43442/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/43442/04f8883d2ef1fb21fc50.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
e0184a4839655dec0e4a0181d6bdfb7fd2aced502374b119df9e8ca2c76b6963
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:06 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
4460
last-modified
Thu, 09 Sep 2021 15:27:20 GMT
server
nginx/1.17.9
etag
"7a07a793f6cf73c597b1c1bc21bd46a0"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Sep 2051 07:14:45 GMT
0e97121b852e2b197333.js
yastatic.net/partner-code-bundles/43442/ 		1 MB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/43442/0e97121b852e2b197333.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
9d2130e177e7ae2959936d6bef93f21447088f7fd2ba50fa6f5a4b9a3a419230
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:06 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
206252
last-modified
Thu, 09 Sep 2021 15:27:20 GMT
server
nginx/1.17.9
etag
"fe2a2f95081e98e99cca25f037850b0f"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Sep 2051 07:14:43 GMT
6ce7133f8c4cfb4a2d40.js
yastatic.net/partner-code-bundles/43442/ 		337 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/43442/6ce7133f8c4cfb4a2d40.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
c23cf317cdb03cea9157a5682b6490615ef2a402270f287c3a333413d956696f
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:06 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
62684
last-modified
Thu, 09 Sep 2021 15:27:20 GMT
server
nginx/1.17.9
etag
"0ac87beeb696f7ab4906a1271a07c3dd"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Sep 2051 07:14:50 GMT
Cookie set vpaid
moevideo.biz/embed/ Frame 87C7 		32 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/vpaid?token=BgKKYfpisL2DMd60%2Brsy9hRFCVVeHrUxvTQR747gOTh62fsQrHV4Nibe3I84mXOk&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fspadebook33&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/vpaid/vpaid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.105 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f12.moevideo.net
Software
nginx / PHP/5.5.38
Resource Hash
0136ca6ff50b5be05c9f666ba8e0718021cc7d12b24a5c327f7dc0d9e117010d

Request headers

Host
moevideo.biz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ask.fm/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

Server
nginx
Date
Fri, 10 Sep 2021 00:41:06 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.5.38
Set-Cookie
mvuid=186662e8883042b41dc9;expires=Sat, 10-Sep-2022 03:41:06 GMT;Max-Age=31536000;path=/;SameSite=None mvsid=09cb98f4-8b75-4da8-9ce4-569945c2eec1;path=/;SameSite=None
X-My-Adv-Time
0.00189900398254
Expires
Thu, 19 Feb 1998 13:24:18 GMT
Last-Modified
Fri, 10 Sep 2021 00:41:06 GMT
Cache-Control
max-age=0
Pragma
no-cache
X-Mv-TryCache
0
X-My-App-Time
0.011
X-Mv-Embed-Version
1373
X-My-Name
s46
X-My-Reqtime
0.122
Content-Encoding
gzip
receive
pixel.tapad.com/idsync/ex/ Frame 91AD
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=38521a83-bb43-4d48-86fd-e836d6e7a4cd&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=be919faa-1a75-4dee-97fe-3f0e168429c9&ttd_puid=38521a83-bb43-4d48-86fd-e836d6e7a4cd
95 B
431 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=be919faa-1a75-4dee-97fe-3f0e168429c9&ttd_puid=38521a83-bb43-4d48-86fd-e836d6e7a4cd
Requested by
Host: pandg.tapad.com
URL: https://pandg.tapad.com/tag?gdpr=0&gdpr_consent=&referrer_url=&page_url=https%3A%2F%2Fask.fm%2Fspadebook33&owner=P%26G&bp_id=showheroes&data=%7B%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pandg.tapad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:06 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:05 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=be919faa-1a75-4dee-97fe-3f0e168429c9&ttd_puid=38521a83-bb43-4d48-86fd-e836d6e7a4cd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
347
advast
ice.360yield.com/ Frame 5D21 		27 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/advast?p=22297302&w=16&h=9&minduration=1&maxduration=60&player_width=432&player_height=243&referrer=https%3A%2F%2Fask.fm&gdpr=&vast_version=3&vpaid_version=2&video_format_type=instream&schain=1.0,1!viralize.com,4704,1,,,
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.92.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-92-25.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 00:41:06 GMT
access-control-allow-credentials
true
content-type
application/xml; charset=UTF-8
content-length
27
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
ads.viralize.tv/t-bid-opportunity/ Frame 5D21 		0
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ec11cfc7be8e90ba4b575b63621e31&item=YWRuXzUyMDIP-NsyYWGvDw%3D%3D.1.wp1sc1
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:06 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
610a76f4256010b5f790cc57
c.bannerflow.net/a/ Frame C50E 		58 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/a/610a76f4256010b5f790cc57?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc57&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602466%3B3529837%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc57&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602466%3B3529837%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4666fb7662bbaeb57ed79a337d496e0d12ddd9e882623ab2c3b2c2680c60c5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc57&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602466%3B3529837%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:06 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cf-ray
68c49bd49ed6fcad-VIE
link
<https://c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/published/966808/1214684/preload.jpg>; rel=preload; as=image
request-context
appId=cid-v1:8ccc0d93-c9cf-4965-a9de-1823f9df557e
pixel.gif
px.moatads.com/ Frame 163E 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fc.bannerflow.net%2Fscripts%2Fiframe%3Fdid%3D5dc013805badb900016a47c1%26deeplink%3Don%26a%3D610a76f4256010b5f790cc57%26redirecturl%3Dhttp%253A%252F%252Fservedby.flashtalking.com%252Fclick%252F1%252F152991%253B5602466%253B3529837%253B211%253B0%253Furl%253Dhttps%253A%252F%252Fbetway.de%252Fbwp%252Fsports-welcome-mr-instinkt-soccer-de%252Fde-de%252F%253Fs%253Dbw213892%2526a%253DDDR3259481681987463%2526utm_medium%253Ddisplay%2526utm_source%253DSportradar%2526utm_campaign%253DFeed%2526utm_content%253DAlwaysOn&i=BETWAY_GLOBAL_FT_DISPLAY1&ol=1058780619&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%3AxkrG%3D01%60%3CY%24d!K%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-SRU9GJ%2BZ4ONI7%2BlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&sc=1&os=1-AA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fask.fm%2F&id=0&ii=9&f=1&j=https%3A%2F%2Fask.fm&lp=https%3A%2F%2Fask.fm&t=1631234465813&de=65749779014&cu=1631234465813&m=52&ar=503c7d4-clean&iw=85d6c64&cb=0&ym=0&ll=2&lm=3&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A331%3A331%3A0%3A121&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=35&cd=0&ah=35&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=152991%3A17602%3A5602466%3A3529837&bo=ask.fm&bd=ask.fm&gw=betwayglobalftdisplay906661272790&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMMStrategy=-&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=194337&na=1079225462&cs=0
Requested by
Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/prUAFVTiRfGELjzXPvVd1nm_NJ9lJY-Qji31nqAANQvuKfhg9qR-BWo6retaFCxiS2PosVvayCLeO0JcX0T9XyCWOcDhGZontQwJg8Uq2K0xcBmgxYT61m7MSItrCpS8f4gAFq-2aVtvd-ArJ0-w7VCMWf85dxGQhlEeRPy5LkHb7WytMPCie5ztcSOw43Crpcp4e5bUG_yzQChlWPCIsSM1wBgvfmqahrOJMlMty7r26MYf1HG4aWbxBrXd4YE3Qvmt-rPZtTQcU2vgtPYxgO6_D8wmW_tjbQDd2g-3LihdMcITlVCVvub4m_SB40WdfmsKgXUKZ_rmSFCICAG3rBxoyTtRyy91IxOa5Vgg7EB5LkqaYk7t2RmW51AoDM1126lvB7x0Ckhdw9i8EMTC5TjLDrZ-dGvnfaByy6_tmYVndEeSLNO4nH1_DTZH5YsMEfGUhFRZwsZ-HuBNfR1UUO4O2EmCjrg1amSdCrSUCtZd_aeT0YMwnJm3Yp9PRWc6MryymkS0ZuBxvKAcjRIMNiUsUjUztP5Nuk3yZUTEMLwOzul6SIiqc1g2eUhWjU1VhBj59xC3bMndphkEmYOCHhGx1Bh17D0mQDJkFHS71msjDsZwXadQPntGh-eMPoCaxPLG5IiViFJDYn1GTwoh85SWwQdSjuiAWboONERjJLlVSDfv6_yBT-udS1B4_pE8hRDkVkx-bU-mfIW4XBfqidoqWApL6LO7eNyFOTlzrWHy3VzEtY1bj9-Ge2Jwsv1CrwVTRxpH0BBBIyt1yAYqTOUYYom8xlFWHYhJXaLCoPYdUDnryTRMRQI0T2BRev9GCaU7ScH_y7LwfHgBnaYpfGJ4h1dyZ48AbbOels5po8s9FkeqF_FbJWqSlNw78QI0rHhsy1JTIAv845tcKsgB0bRaHTNixfuFsNw0Gj4iee29Ooz2Zba51M0jJE6d5P744mPDe5hKvzbtGgYXljZc3Jn9sjY2MCLogil7hCDWLY23J7qwpiAmkODAqcqEyMhd2Fi2_VyacMSijjBLYeI7S7-096N1svS0WEpOixPA0Teg1AQIevwY76fddz9YLWmgrvVqCXbgpxAWNZkY3mSgoDUK6pgZkX3XwtF1GlsltCM-m_5AtneaCEqMIvF6bGWhFI7t42Dyf2_9/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.122.150.58 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-150-58.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:06 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 10 Sep 2021 00:41:06 GMT
1
mc.yandex.com/watch/48953915/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/48953915/1?page-url=https%3A%2F%2Fask.fm%2Fspadebook33&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A1%3Adp%3A1%3Als%3A420019176269%3Ahid%3A511849672%3Az%3A0%3Ai%3A202109010004106%3Aet%3A1631234466%3Ac%3A1%3Arn%3A95559479%3Arqn%3A2%3Au%3A1631234463427757091%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1631234461948%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1526%2C1526%2C6%2C%3Adsn%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1526%2C1526%2C6%2C%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1631234466
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:06 GMT
last-modified
Fri, 10-Sep-2021 00:41:06 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 10-Sep-2021 00:41:06 GMT
652294
an.yandex.ru/meta/ 		219 B
788 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/meta/652294?grab=dEFjY291bnQgU3VzcGVuZGVkIC0gQXNrLmZtCjFUaA%3D%3D&target-ref=https%3A%2F%2Fask.fm%2Fspadebook33&charset=utf-8&pcode-test-ids=412925%2C0%2C21%3B411838%2C0%2C42%3B403366%2C0%2C25%3B416579%2C0%2C67%3B400735%2C0%2C83%3B415944%2C0%2C55%3B204304%2C0%2C53&pcode-flags-map=%7B%22FEATURE_TOGGLE_FLAG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22386182%22%7D%5D%2C%22UNILOADER_BLACKLIST_RE%22%3A%5B%7B%22value%22%3A%5B%22secretmag.ru%22%2C%22passion.ru%22%2C%22rambler.ru%22%2C%22moslenta.ru%22%2C%22lenta.ru%22%2C%22letidor.ru%22%2C%22gazeta.ru%22%2C%22eda.ru%22%2C%22championat.com%22%2C%22motor.ru%22%2C%22afisha.ru%22%2C%22wmj.ru%22%2C%22quto.ru%22%2C%22livejournal.com%22%2C%22ferra.ru%22%5D%2C%22testId%22%3A%22391067%22%7D%2C%7B%22value%22%3A%5B%5D%2C%22testId%22%3A%22416579%22%7D%5D%2C%22ADAPTIVE_NO_RESIZE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22412925%22%7D%5D%2C%22ADSDK_FIXED_VER%22%3A%5B%7B%22value%22%3A408118%2C%22testId%22%3A%22411838%22%7D%5D%2C%22COMBO_NEW_DESIGN%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22411838%22%7D%5D%2C%22CONSTRUCTOR_TOWER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22403366%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22416579%22%7D%5D%2C%22ZEN_FORMAT_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416579%22%7D%5D%2C%22USE_PUNY_DOMAIN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416579%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22416579%22%7D%5D%2C%22USE_POSTER_CAROUSEL%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416579%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22416579%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416579%22%7D%5D%2C%22ZEN_REDESIGN_TOUCH_CARD%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416579%22%7D%5D%2C%22FIX_IMAGES_CALCULATIONS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416579%22%7D%5D%2C%22GLOBAL_SIZE_INFO%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22400735%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2243393%22%2C%22testId%22%3A%22415944%22%7D%5D%7D&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=847772291631234465&duid=MTYzMTIzNDQ2MzQyNzc1NzA5MQ%3D%3D&imp-id=2&enable-flat-highlight=1&test-tag=238594023227394&ad-session-id=97361631234466015&target-id=44752535&tga-with-creatives=1&pcode-version=43442&pcodever=43442&flash-ver=0&available-width=432&available-height=243&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A432%2C%22h%22%3A243%2C%22width%22%3A432%2C%22height%22%3A243%2C%22visible%22%3A0%2C%22left%22%3A584%2C%22top%22%3A1217%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&uniformat=true&callback=Ya%5B2186121070061%5D
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
07a55793d265536e1d343432f595703d05f954abb11ee0cd2e15764e0d54a69f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:06 GMT
content-encoding
gzip
last-modified
Fri, 10 Sep 2021 00:41:06 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1631234466060383-433613314793117488400281-production-app-host-man-pcode-127
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 10 Sep 2021 00:41:06 GMT
img.png
d9.flashtalking.com/img/ Frame 163E 		70 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9.flashtalking.com/img/img.png?cnx=c66f6ad71f528c4615dd945fd4b95707
Requested by
Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/prUAFVTiRfGELjzXPvVd1nm_NJ9lJY-Qji31nqAANQvuKfhg9qR-BWo6retaFCxiS2PosVvayCLeO0JcX0T9XyCWOcDhGZontQwJg8Uq2K0xcBmgxYT61m7MSItrCpS8f4gAFq-2aVtvd-ArJ0-w7VCMWf85dxGQhlEeRPy5LkHb7WytMPCie5ztcSOw43Crpcp4e5bUG_yzQChlWPCIsSM1wBgvfmqahrOJMlMty7r26MYf1HG4aWbxBrXd4YE3Qvmt-rPZtTQcU2vgtPYxgO6_D8wmW_tjbQDd2g-3LihdMcITlVCVvub4m_SB40WdfmsKgXUKZ_rmSFCICAG3rBxoyTtRyy91IxOa5Vgg7EB5LkqaYk7t2RmW51AoDM1126lvB7x0Ckhdw9i8EMTC5TjLDrZ-dGvnfaByy6_tmYVndEeSLNO4nH1_DTZH5YsMEfGUhFRZwsZ-HuBNfR1UUO4O2EmCjrg1amSdCrSUCtZd_aeT0YMwnJm3Yp9PRWc6MryymkS0ZuBxvKAcjRIMNiUsUjUztP5Nuk3yZUTEMLwOzul6SIiqc1g2eUhWjU1VhBj59xC3bMndphkEmYOCHhGx1Bh17D0mQDJkFHS71msjDsZwXadQPntGh-eMPoCaxPLG5IiViFJDYn1GTwoh85SWwQdSjuiAWboONERjJLlVSDfv6_yBT-udS1B4_pE8hRDkVkx-bU-mfIW4XBfqidoqWApL6LO7eNyFOTlzrWHy3VzEtY1bj9-Ge2Jwsv1CrwVTRxpH0BBBIyt1yAYqTOUYYom8xlFWHYhJXaLCoPYdUDnryTRMRQI0T2BRev9GCaU7ScH_y7LwfHgBnaYpfGJ4h1dyZ48AbbOels5po8s9FkeqF_FbJWqSlNw78QI0rHhsy1JTIAv845tcKsgB0bRaHTNixfuFsNw0Gj4iee29Ooz2Zba51M0jJE6d5P744mPDe5hKvzbtGgYXljZc3Jn9sjY2MCLogil7hCDWLY23J7qwpiAmkODAqcqEyMhd2Fi2_VyacMSijjBLYeI7S7-096N1svS0WEpOixPA0Teg1AQIevwY76fddz9YLWmgrvVqCXbgpxAWNZkY3mSgoDUK6pgZkX3XwtF1GlsltCM-m_5AtneaCEqMIvF6bGWhFI7t42Dyf2_9/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.65.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-65-165.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:05 GMT
Access-Control-Allow-Credentials
true
Server
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips
Connection
keep-alive
Content-Length
70
Access-Control-Allow-Methods
GET,POST,SERVER
Content-Type
image/png
/
servedby.flashtalking.com/state/5602466;3529837;0;401;35301D57-2DE7-7E5B-B984-74366DBC638D/ Frame 163E 		42 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servedby.flashtalking.com/state/5602466;3529837;0;401;35301D57-2DE7-7E5B-B984-74366DBC638D/?ft_data=d9:33c93db3172f4aa28946ae2358f73b00;d9s:33c93db3172f4aa28946ae2358f73b00&cachebuster=537359419
Requested by
Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/prUAFVTiRfGELjzXPvVd1nm_NJ9lJY-Qji31nqAANQvuKfhg9qR-BWo6retaFCxiS2PosVvayCLeO0JcX0T9XyCWOcDhGZontQwJg8Uq2K0xcBmgxYT61m7MSItrCpS8f4gAFq-2aVtvd-ArJ0-w7VCMWf85dxGQhlEeRPy5LkHb7WytMPCie5ztcSOw43Crpcp4e5bUG_yzQChlWPCIsSM1wBgvfmqahrOJMlMty7r26MYf1HG4aWbxBrXd4YE3Qvmt-rPZtTQcU2vgtPYxgO6_D8wmW_tjbQDd2g-3LihdMcITlVCVvub4m_SB40WdfmsKgXUKZ_rmSFCICAG3rBxoyTtRyy91IxOa5Vgg7EB5LkqaYk7t2RmW51AoDM1126lvB7x0Ckhdw9i8EMTC5TjLDrZ-dGvnfaByy6_tmYVndEeSLNO4nH1_DTZH5YsMEfGUhFRZwsZ-HuBNfR1UUO4O2EmCjrg1amSdCrSUCtZd_aeT0YMwnJm3Yp9PRWc6MryymkS0ZuBxvKAcjRIMNiUsUjUztP5Nuk3yZUTEMLwOzul6SIiqc1g2eUhWjU1VhBj59xC3bMndphkEmYOCHhGx1Bh17D0mQDJkFHS71msjDsZwXadQPntGh-eMPoCaxPLG5IiViFJDYn1GTwoh85SWwQdSjuiAWboONERjJLlVSDfv6_yBT-udS1B4_pE8hRDkVkx-bU-mfIW4XBfqidoqWApL6LO7eNyFOTlzrWHy3VzEtY1bj9-Ge2Jwsv1CrwVTRxpH0BBBIyt1yAYqTOUYYom8xlFWHYhJXaLCoPYdUDnryTRMRQI0T2BRev9GCaU7ScH_y7LwfHgBnaYpfGJ4h1dyZ48AbbOels5po8s9FkeqF_FbJWqSlNw78QI0rHhsy1JTIAv845tcKsgB0bRaHTNixfuFsNw0Gj4iee29Ooz2Zba51M0jJE6d5P744mPDe5hKvzbtGgYXljZc3Jn9sjY2MCLogil7hCDWLY23J7qwpiAmkODAqcqEyMhd2Fi2_VyacMSijjBLYeI7S7-096N1svS0WEpOixPA0Teg1AQIevwY76fddz9YLWmgrvVqCXbgpxAWNZkY3mSgoDUK6pgZkX3XwtF1GlsltCM-m_5AtneaCEqMIvF6bGWhFI7t42Dyf2_9/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip0x013.map2.ssl.hwcdn.net
Software
prod-xre-app43.frk11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:06 GMT
Server
prod-xre-app43.frk11
X-HW
1631234465.dop223.fr8.t,1631234465.cds109.fr8.shn,1631234465.dop223.fr8.t,1631234466.cds257.fr8.sc,1631234466.cds257.fr8.p
Content-Type
image/gif
Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Length
42
Expires
Fri, 01 Jan 1990 00:00:00 GMT
vpaid.js
ad.lkqd.net/vpaid/ Frame AE7A 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:06 GMT
content-encoding
gzip
last-modified
Mon, 10 May 2021 16:09:54 GMT
etag
"18431b5d583ab7507824ab63424fc76a"
x-hw
1631234466.cds017.fr8.hn,1631234466.cds107.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62012
cors
data.ad-score.com/data/ Frame 163E 		1 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=RSQGGJYfEXmupzWoXrNmEpEveIZlFxPQ-FE7fPshldVrqKDwc0HLJEULAPg==-E0zCPc9laVXmNg==&pm_ct=2448487b1d18d01420f59fef&pm_pl=1631234465576&pm_td=476&pid=1000791&en=1.1&callback=__pm_glbl_1APuPk7JtD4qMlOwJOnEbDbV._gc4&tt=g&v=01ec985
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000791&tt=g
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://eu.sportradarserving.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://eu.sportradarserving.com
Date
Fri, 10 Sep 2021 00:41:06 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
preload.jpg
c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/published/966808/1214684/ Frame C50E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/published/966808/1214684/preload.jpg
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc57&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602466%3B3529837%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c17d261165ff9b6274adad01af4e5d49cfc9912747b84ac06beee55639cb3da

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc57&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602466%3B3529837%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 Sep 2021 00:41:06 GMT
cf-cache-status
HIT
age
1299
content-length
2848
x-ms-lease-status
unlocked
last-modified
Tue, 10 Aug 2021 11:20:07 GMT
server
cloudflare
etag
0x8D95BF0CEE089CE
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
3ae7326e-601e-005b-2ed9-a5d41d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
68c49bd4ff16fcad-VIE
cf-bgj
h2pri
pixel.gif
px.moatads.com/ Frame 163E 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&pxm=&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=BETWAY_GLOBAL_FT_DISPLAY1&ol=1058780619&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%3AxkrG%3D01%60%3CY%24d!K%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-SRU9GJ%2BZ4ONI7%2BlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&sc=1&os=1-AA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fask.fm%2F&id=0&ii=9&f=1&j=https%3A%2F%2Fask.fm&lp=https%3A%2F%2Fask.fm&t=1631234465813&de=65749779014&cu=1631234465813&m=237&ar=503c7d4-clean&iw=85d6c64&cb=0&ym=0&ll=2&lm=3&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A331%3A331%3A0%3A121&aa=0&ad=97&cn=0&gk=97&gl=0&ik=97&ic=97&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=35&cd=35&ah=35&am=35&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=152991%3A17602%3A5602466%3A3529837&bo=ask.fm&bd=ask.fm&gw=betwayglobalftdisplay906661272790&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMMStrategy=-&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=194337&na=1394887128&cs=0
Requested by
Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/prUAFVTiRfGELjzXPvVd1nm_NJ9lJY-Qji31nqAANQvuKfhg9qR-BWo6retaFCxiS2PosVvayCLeO0JcX0T9XyCWOcDhGZontQwJg8Uq2K0xcBmgxYT61m7MSItrCpS8f4gAFq-2aVtvd-ArJ0-w7VCMWf85dxGQhlEeRPy5LkHb7WytMPCie5ztcSOw43Crpcp4e5bUG_yzQChlWPCIsSM1wBgvfmqahrOJMlMty7r26MYf1HG4aWbxBrXd4YE3Qvmt-rPZtTQcU2vgtPYxgO6_D8wmW_tjbQDd2g-3LihdMcITlVCVvub4m_SB40WdfmsKgXUKZ_rmSFCICAG3rBxoyTtRyy91IxOa5Vgg7EB5LkqaYk7t2RmW51AoDM1126lvB7x0Ckhdw9i8EMTC5TjLDrZ-dGvnfaByy6_tmYVndEeSLNO4nH1_DTZH5YsMEfGUhFRZwsZ-HuBNfR1UUO4O2EmCjrg1amSdCrSUCtZd_aeT0YMwnJm3Yp9PRWc6MryymkS0ZuBxvKAcjRIMNiUsUjUztP5Nuk3yZUTEMLwOzul6SIiqc1g2eUhWjU1VhBj59xC3bMndphkEmYOCHhGx1Bh17D0mQDJkFHS71msjDsZwXadQPntGh-eMPoCaxPLG5IiViFJDYn1GTwoh85SWwQdSjuiAWboONERjJLlVSDfv6_yBT-udS1B4_pE8hRDkVkx-bU-mfIW4XBfqidoqWApL6LO7eNyFOTlzrWHy3VzEtY1bj9-Ge2Jwsv1CrwVTRxpH0BBBIyt1yAYqTOUYYom8xlFWHYhJXaLCoPYdUDnryTRMRQI0T2BRev9GCaU7ScH_y7LwfHgBnaYpfGJ4h1dyZ48AbbOels5po8s9FkeqF_FbJWqSlNw78QI0rHhsy1JTIAv845tcKsgB0bRaHTNixfuFsNw0Gj4iee29Ooz2Zba51M0jJE6d5P744mPDe5hKvzbtGgYXljZc3Jn9sjY2MCLogil7hCDWLY23J7qwpiAmkODAqcqEyMhd2Fi2_VyacMSijjBLYeI7S7-096N1svS0WEpOixPA0Teg1AQIevwY76fddz9YLWmgrvVqCXbgpxAWNZkY3mSgoDUK6pgZkX3XwtF1GlsltCM-m_5AtneaCEqMIvF6bGWhFI7t42Dyf2_9/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.122.150.58 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-150-58.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:06 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 10 Sep 2021 00:41:06 GMT
usync.html
ad.lkqd.net/cookie-sync/ Frame 217C 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 10 Sep 2021 00:41:06 GMT
content-encoding
gzip
content-length
1868
content-type
text/html
last-modified
Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges
bytes
etag
"81f08e6987a7c8675462207e3514d72e"
cache-control
public, max-age=1209600
x-hw
1631234466.cds017.fr8.hn,1631234466.cds226.fr8.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame AE7A 		77 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fspadebook33&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=71276815&m=&rtv=1&thost=ask.fm
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.184 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
60a205f7064af0688992f1986552f4c508d498edac40b689019786ff8c397027

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 10 Sep 2021 00:41:06 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
4747
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fspadebook33&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=71276815&m=&rtv=1&thost=ask.fm
Protocol
H2
Server
146.20.132.184 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 00:41:06 GMT
content-length
0
access-control-allow-origin
https://ask.fm
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
pixel
c.bannerflow.net/tr/v2/ Frame C50E 		0
74 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/tr/v2/pixel
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/610a76f4256010b5f790cc57?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc57&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602466%3B3529837%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc57&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602466%3B3529837%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 10 Sep 2021 00:41:06 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
68c49bd53f32fcad-VIE
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
request-context
appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e
cs
cs.lkqd.net/ Frame 217C 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:06 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 217C 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:06 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 217C 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:06 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 217C 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:06 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 217C
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8632571902530157938
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8632571902530157938
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:06 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8632571902530157938
pragma
no-cache
date
Fri, 10 Sep 2021 00:41:05 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
/
s.richaudience.com/vid/MP_Ua8BIWjxkR/1631234465/ Frame 5D21 		160 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/vid/MP_Ua8BIWjxkR/1631234465/?hasConsent=1&consentString=&mref=https%3A%2F%2Fask.fm&fp=130
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.0.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.13.0.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
21aa80733a2e64012e3f4f18beb996d922b2cbe4eb24fe383c556ee13baf1fd2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:06 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://ask.fm
access-control-max-age
86400
access-control-allow-credentials
true
/
ads.viralize.tv/t-bid-opportunity/ Frame 5D21 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ec11cfc7be8e90ba4b575b63621e31&item=YWRuXzU0MDa7VgRR7a8xUg%3D%3D.2.wp2sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:06 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
styles.css
moevideo.biz/embed/player/1707/skins/gray/ Frame 87C7 		54 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/player/1707/skins/gray/styles.css
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=BgKKYfpisL2DMd60%2Brsy9hRFCVVeHrUxvTQR747gOTh62fsQrHV4Nibe3I84mXOk&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fspadebook33&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.105 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f12.moevideo.net
Software
nginx /
Resource Hash
8981b7634262efb2ccddde3aaf691c544eb2e2a9f95fe7f7976d6574a14999e4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/embed/vpaid?token=BgKKYfpisL2DMd60%2Brsy9hRFCVVeHrUxvTQR747gOTh62fsQrHV4Nibe3I84mXOk&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fspadebook33&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:06 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Aug 2021 11:40:34 GMT
Server
nginx
X-My-Name
s11
ETag
W/"612cc3b2-d99f"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
X-My-Reqtime
0.096
mvplayer.min.js
moevideo.biz/embed/player/1707/ Frame 87C7 		580 KB
580 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/player/1707/mvplayer.min.js
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=BgKKYfpisL2DMd60%2Brsy9hRFCVVeHrUxvTQR747gOTh62fsQrHV4Nibe3I84mXOk&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fspadebook33&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.105 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f12.moevideo.net
Software
nginx /
Resource Hash
bd204debaaee1468075efbf39237f0e7e60da7ae5c1130a0eace92b59f578585

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/embed/vpaid?token=BgKKYfpisL2DMd60%2Brsy9hRFCVVeHrUxvTQR747gOTh62fsQrHV4Nibe3I84mXOk&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fspadebook33&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:06 GMT
Last-Modified
Mon, 30 Aug 2021 11:41:48 GMT
Server
nginx
X-My-Name
s40
ETag
"612cc3fc-90ecf"
Content-Type
application/javascript
Content-Length
593615
Connection
keep-alive
Accept-Ranges
bytes
X-My-Reqtime
0.081
set
playreplay.me/api/cookie/ Frame 87C7 		0
332 B 		Script
General
Check archive.org
Download Go to
Full URL
https://playreplay.me/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%22186662e8883042b41dc9%22},{%22key%22:%22mvsid%22,%22value%22:%2209cb98f4-8b75-4da8-9ce4-569945c2eec1%22}]
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=BgKKYfpisL2DMd60%2Brsy9hRFCVVeHrUxvTQR747gOTh62fsQrHV4Nibe3I84mXOk&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fspadebook33&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.106.12 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f41.moevideo.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:06 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
X-My-Reqtime
0.087
set
thesame.tv/api/cookie/ Frame 87C7 		0
332 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thesame.tv/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%22186662e8883042b41dc9%22},{%22key%22:%22mvsid%22,%22value%22:%2209cb98f4-8b75-4da8-9ce4-569945c2eec1%22}]
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=BgKKYfpisL2DMd60%2Brsy9hRFCVVeHrUxvTQR747gOTh62fsQrHV4Nibe3I84mXOk&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fspadebook33&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.67 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f52.moevideo.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:06 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
X-My-Reqtime
0.093
set
moevideo.biz/api/cookie/ Frame 87C7 		0
332 B 		Script
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%22186662e8883042b41dc9%22},{%22key%22:%22mvsid%22,%22value%22:%2209cb98f4-8b75-4da8-9ce4-569945c2eec1%22}]
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=BgKKYfpisL2DMd60%2Brsy9hRFCVVeHrUxvTQR747gOTh62fsQrHV4Nibe3I84mXOk&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fspadebook33&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.105 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f12.moevideo.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/embed/vpaid?token=BgKKYfpisL2DMd60%2Brsy9hRFCVVeHrUxvTQR747gOTh62fsQrHV4Nibe3I84mXOk&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fspadebook33&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:06 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
X-My-Reqtime
0.086
set
cs-0.moevideo.biz/api/cookie/ Frame 87C7 		0
332 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cs-0.moevideo.biz/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%22186662e8883042b41dc9%22},{%22key%22:%22mvsid%22,%22value%22:%2209cb98f4-8b75-4da8-9ce4-569945c2eec1%22}]
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=BgKKYfpisL2DMd60%2Brsy9hRFCVVeHrUxvTQR747gOTh62fsQrHV4Nibe3I84mXOk&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fspadebook33&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.145 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f49.moevideo.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:06 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
X-My-Reqtime
0.094
set
playreplay.net/api/cookie/ Frame 87C7 		0
332 B 		Script
General
Check archive.org
Download Go to
Full URL
https://playreplay.net/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%22186662e8883042b41dc9%22},{%22key%22:%22mvsid%22,%22value%22:%2209cb98f4-8b75-4da8-9ce4-569945c2eec1%22}]
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=BgKKYfpisL2DMd60%2Brsy9hRFCVVeHrUxvTQR747gOTh62fsQrHV4Nibe3I84mXOk&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fspadebook33&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.58 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f43.moevideo.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:06 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
X-My-Reqtime
0.087
/
ads.viralize.tv/track/ Frame 5D21 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec11cfc7be8e90ba4b575b63621e31%3A0%3AYWRuXzUyMDIP-NsyYWGvDw%3D%3D~wp1sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzUyMDIP-NsyYWGvDw%3D%3D~wp1sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:06 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
307362
search.spotxchange.com/vast/2.0/ Frame 5D21 		67 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/307362?VPAID=JS&content_page_url=https%3A%2F%2Fask.fm&cb=1631234465&player_width=432&player_height=243&gdpr=1&gdpr_consent=&custom[format]=instream&schain=1.0,1!viralize.com,4704,1,,,
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-spotx-Exception-RESULT
exception
Content-Encoding
gzip
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-spotx-Exception-Message
SpotMarket execution was halted.
X-spotx-Exception-global_blacklist-ID
SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require
0.000374
X-SpotX-Timing-SpotMarket-Secondary
0.000000
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000021
X-SpotX-Timing-Page
0.010260
Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:06 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://ask.fm
X-SpotX-Timing-Page-Exception
0.000017
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-URI
0.000011
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
X-SpotX-Timing-SpotMarket-Primary
0.005728
X-SpotX-Timing-Transform
0.000252
X-SpotX-Timing-SpotMarket
0.005728
X-fe
062
X-SpotX-Timing-Page-Misc
0.003276
Content-Length
77
X-SpotX-Timing-Page-Context
0.000340
Last-Modified
Fri, 10 Sep 2021 00:41:06 GMT
Server
nginx
X-spotx-Exception-global_blacklist-RESULT
failure
X-spotx-Exception-global_blacklist-Message
The referer 'ask.fm' is blacklisted.
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-Mux
0.000241
/
ads.viralize.tv/t-bid-opportunity/ Frame 5D21 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ec11cfc7be8e90ba4b575b63621e31&item=YWRuXzU5NDBR2c45QymL8Q%3D%3D.3.wp3sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:06 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
652294
mc.yandex.com/watch/ 		295 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/652294?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fspadebook33&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A2%3Adp%3A1%3Als%3A793831825007%3Ahid%3A511849672%3Az%3A0%3Ai%3A202109010004106%3Aet%3A1631234466%3Ac%3A1%3Arn%3A486455763%3Au%3A1631234463427757091%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1631234461948%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1631234466%3At%3AAccount%20Suspended%20-%20Ask.fm
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
5ebf83e1fdc9f7c5d8f1e638a031ea6de31a9cc0dd0b19fc172d34e6b2ddf911
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:06 GMT
x-content-type-options
nosniff
last-modified
Fri, 10-Sep-2021 00:41:06 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
295
x-xss-protection
1; mode=block
expires
Fri, 10-Sep-2021 00:41:06 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 5D21 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=11644593&domain=ask.fm&loc=ask.fm&_fw_gdpr=1&_fw_gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.40.113.157 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-113-157.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a6adcec4cc2425b32d1f497c9d01b2ea1f8c81656bdde0edc65ca94f00b4bbe6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:06 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1304
x-sticky-va
1
x-sticky-vk
1631234466230007-581
Expires
Fri, 10 Sep 2021 00:41:06 GMT
/
ads.viralize.tv/t-bid-opportunity/ Frame 5D21 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ec11cfc7be8e90ba4b575b63621e31&item=YWRuXzUwODCARic6oZNXgQ%3D%3D.4.wp4sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:06 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
action
www8.smartadserver.com/track/ Frame 36A9 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www8.smartadserver.com/track/action?sid=1631234464983&pid=1438277&iid=10104881&cid=0&key=viewcount&rtb=1&rtbbid=453563092062709631&rtbet=0&rtblt=637668312640431845&rtbnid=2079&rtbh=0d280d76a75038fca6f8d83b169fc16e858a325d&ts=1631234464983
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:05 GMT
transfer-encoding
chunked
content-type
image/gif
t
t.lkqd.net/ Frame 0766 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 00:41:06 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 00:41:06 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
/
ads.viralize.tv/track/ Frame 5D21 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec11cfc7be8e90ba4b575b63621e31%3A0%3AYWRuXzU0MDa7VgRR7a8xUg%3D%3D~wp2sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzU0MDa7VgRR7a8xUg%3D%3D~wp2sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec11cfc7be8e90ba4b575b63621e31%3A0%3AYWRuXzU5NDBR2c45QymL8Q%3D%3D~wp3sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzU5NDBR2c45QymL8Q%3D%3D~wp3sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:06 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
652294
an.yandex.ru/meta/ 		219 B
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/meta/652294?grab=dEFjY291bnQgU3VzcGVuZGVkIC0gQXNrLmZtCjFUaGk%3D&target-ref=https%3A%2F%2Fask.fm%2Fspadebook33&charset=utf-8&pcode-test-ids=412925%2C0%2C21%3B411838%2C0%2C42%3B403366%2C0%2C25%3B416579%2C0%2C67%3B400735%2C0%2C83%3B415944%2C0%2C55%3B204304%2C0%2C53&pcode-flags-map=%7B%22FEATURE_TOGGLE_FLAG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22386182%22%7D%5D%2C%22UNILOADER_BLACKLIST_RE%22%3A%5B%7B%22value%22%3A%5B%22secretmag.ru%22%2C%22passion.ru%22%2C%22rambler.ru%22%2C%22moslenta.ru%22%2C%22lenta.ru%22%2C%22letidor.ru%22%2C%22gazeta.ru%22%2C%22eda.ru%22%2C%22championat.com%22%2C%22motor.ru%22%2C%22afisha.ru%22%2C%22wmj.ru%22%2C%22quto.ru%22%2C%22livejournal.com%22%2C%22ferra.ru%22%5D%2C%22testId%22%3A%22391067%22%7D%2C%7B%22value%22%3A%5B%5D%2C%22testId%22%3A%22416579%22%7D%5D%2C%22ADAPTIVE_NO_RESIZE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22412925%22%7D%5D%2C%22ADSDK_FIXED_VER%22%3A%5B%7B%22value%22%3A408118%2C%22testId%22%3A%22411838%22%7D%5D%2C%22COMBO_NEW_DESIGN%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22411838%22%7D%5D%2C%22CONSTRUCTOR_TOWER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22403366%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22416579%22%7D%5D%2C%22ZEN_FORMAT_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416579%22%7D%5D%2C%22USE_PUNY_DOMAIN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416579%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22416579%22%7D%5D%2C%22USE_POSTER_CAROUSEL%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416579%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22416579%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416579%22%7D%5D%2C%22ZEN_REDESIGN_TOUCH_CARD%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416579%22%7D%5D%2C%22FIX_IMAGES_CALCULATIONS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22416579%22%7D%5D%2C%22GLOBAL_SIZE_INFO%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22400735%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2243393%22%2C%22testId%22%3A%22415944%22%7D%5D%7D&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=847772291631234465&duid=MTYzMTIzNDQ2MzQyNzc1NzA5MQ%3D%3D&imp-id=1&enable-flat-highlight=1&test-tag=238594023227394&ad-session-id=97361631234466015&target-id=2925160&tga-with-creatives=1&pcode-version=43442&pcodever=43442&flash-ver=0&available-width=432&available-height=243&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A432%2C%22h%22%3A243%2C%22width%22%3A432%2C%22height%22%3A243%2C%22visible%22%3A0%2C%22left%22%3A584%2C%22top%22%3A1217%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A0%2C%22req_no%22%3A1%7D&uniformat=true&callback=Ya%5B9036790915764%5D
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
e5b49ac13041c814364d57e83fc648293e8eaafede095d81259b15b2f0596a9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:06 GMT
content-encoding
gzip
last-modified
Fri, 10 Sep 2021 00:41:06 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1631234466342335-704696943009516690100281-production-app-host-man-pcode-112
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 10 Sep 2021 00:41:06 GMT
1
mc.yandex.com/watch/652294/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/652294/1?page-url=https%3A%2F%2Fask.fm%2Fspadebook33&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A785%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A2%3Adp%3A1%3Als%3A793831825007%3Ahid%3A511849672%3Az%3A0%3Ai%3A202109010004106%3Aet%3A1631234466%3Ac%3A1%3Arn%3A1028966667%3Arqn%3A1%3Au%3A1631234463427757091%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1631234461948%3Ads%3A20%2C296%2C151%2C1%2C0%2C0%2C%2C179%2C4%2C1526%2C1526%2C6%2C731%3Adsn%3A20%2C295%2C152%2C1%2C0%2C0%2C%2C262%2C4%2C1526%2C1526%2C6%2C731%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1631234466
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:06 GMT
last-modified
Fri, 10-Sep-2021 00:41:06 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 10-Sep-2021 00:41:06 GMT
652294
mc.yandex.com/watch/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/652294?page-url=https%3A%2F%2Fask.fm%2Fspadebook33&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A2%3Adp%3A1%3Als%3A793831825007%3Ahid%3A511849672%3Az%3A0%3Ai%3A202109010004106%3Aet%3A1631234466%3Ac%3A1%3Arn%3A226781537%3Arqn%3A2%3Au%3A1631234463427757091%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1631234461948%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1631234466%3At%3AAccount%20Suspended%20-%20Ask.fm
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:06 GMT
last-modified
Fri, 10-Sep-2021 00:41:06 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 10-Sep-2021 00:41:06 GMT
cors
data.ad-score.com/data/ Frame 163E 		1 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=RSQGGJYfEXmupzWoXrNmEpEveIZlFxPQ-FE7fPshldVrqKDwc0HLJEULAPg==-E0zCPc9laVXmNg==&pm_ct=2448487b1d18d01420f59fef&pm_pl=1631234465576&pm_td=759&pid=1000791&en=1.1&callback=__pm_glbl_1APuPk7JtD4qMlOwJOnEbDbV._gc5&tt=g&v=01ec985
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000791&tt=g
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://eu.sportradarserving.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://eu.sportradarserving.com
Date
Fri, 10 Sep 2021 00:41:06 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
/
ads.viralize.tv/t-bid-done/ Frame 5D21 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-done/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&item=YWRuXzUwODCARic6oZNXgQ%3D%3D&sc=wp4sc1&l=vpaid&as=stickyADStv&ct=application%2Fjavascript&sid=01ec11cfc7be8e90ba4b575b63621e31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:06 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 9188 		330 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_player.min.b9da9260.js?e=ops
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
5837176a5be205c861565cdec44ff713ed7874620fd4b2967a59a0d184477a48

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:06 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Jul 2021 02:54:23 GMT
ETag
"1625108063"
X-HW
1631234466.dop229.fr8.t,1631234466.cds238.fr8.shn,1631234466.cds238.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
113854
/
adx.adform.net/adx/ 		65 B
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fask.fm%2Fspadebook33
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:06 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
av
vidoomy-d.openx.net/v/1.0/ 		48 B
251 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fask.fm%2Fspadebook33&cb=1379480053&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C5660882933671977485354233499,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.215.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:06 GMT
content-encoding
gzip
server
OXGW/16.215.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ask.fm
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
88k_nHSg_6XSp1263gyM+iSSVC+nZNMH
ads.adaptv.advertising.com/a/h/ 		249 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1713034548&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.69.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-69-184.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
/
adx.adform.net/adx/ 		65 B
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&url=https%3A%2F%2Fask.fm%2Fspadebook33&t=2
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:06 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=
ads.adaptv.advertising.com/a/h/ 		249 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1713965191&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.69.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-69-184.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
88k_nHSg_6XSp1263gyM+iSSVC+nZNMH
ads.adaptv.advertising.com/a/h/ 		249 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=305889997&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.69.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-69-184.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=
ads.adaptv.advertising.com/a/h/ 		249 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=489401568&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.69.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-69-184.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_gdpr=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C5660882933671977485494752814,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.40.113.157 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-113-157.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:06 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1631234465483082-527
Expires
Fri, 10 Sep 2021 00:41:06 GMT
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=
ads.adaptv.advertising.com/a/h/ 		249 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=1236335480&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov&pi.width=400&pi.height=225&pi.viewable=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.69.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-69-184.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
vg8w_5FE244+r7CJB_4mkZ3_YehF4CBX
ads.adaptv.advertising.com/a/h/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/vg8w_5FE244+r7CJB_4mkZ3_YehF4CBX?cb=732906997&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.69.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-69-184.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e60ffd9dfa4f2a74b5e9fba9a72d5e77f3df3f4fa834b70f36fb818e224967f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
907
expires
0
/
ads.viralize.tv/track/ Frame 5D21 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_done%22%2C%22session_id%22%3A%2201ec11cfc7be8e90ba4b575b63621e31%3A0%3AYWRuXzUwODCARic6oZNXgQ%3D%3D~wp4sc1%3A0%22%2C%22bid_done_id%22%3A%220%22%2C%22label%22%3A%22bid_selected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:06 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 9188 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1631234466423
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:06 GMT
Last-Modified
Thu, 01 Jul 2021 02:54:23 GMT
ETag
"1625108063"
X-HW
1631234466.dop005.ml1.t,1631234466.cds026.ml1.shn,1631234466.cds026.ml1.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
/
c1.adform.net/serving/cookie/match/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=1&gdpr_consent=null
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=1&gdpr_consent=null
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:06 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1

Redirect headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:06 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=1&gdpr_consent=null
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1631234465367097-552
Expires
Fri, 10 Sep 2021 00:41:06 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame 9188 		301 B
846 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=11644593&loc=https%3A%2F%2Fask.fm%2Fspadebook33
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.40.113.157 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-113-157.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:06 GMT
Server
nginx
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1631234465594080-562
Expires
Fri, 10 Sep 2021 00:41:06 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 9188 		67 B
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=11644593&loc=https%3A%2F%2Fask.fm%2Fspadebook33&domain=ask.fm&reqType=AdsSetup&_fw_gdpr=1&protocolVersion=2.0&_fw_gdpr_consent=&schain=1.0%2C1!viralize.com%2C4704%2C1%2C%2C%2C&auction=1&vav=c6819c365dd8eaf65dd4e371c86830fa&vaviv=88f840d7b7e213a96c24b92230113d4e&mustangVersion=1.11.9.4&focus=true&percentViewable=100&componentId=vpaid-adapter&playerSize=432x243&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.40.113.157 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-113-157.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:06 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1631234465997039-548
Expires
Fri, 10 Sep 2021 00:41:06 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZGNlOTJlZTE1YmZmYzIzZDhlMzExMzdlNzNmOGYyOA==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZGNlOTJlZTE1YmZmYzIzZDhlMzExMzdlNzNmOGYyOA==&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.178.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
par21s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:06 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZGNlOTJlZTE1YmZmYzIzZDhlMzExMzdlNzNmOGYyOA==&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1631234466161035-592
Expires
Fri, 10 Sep 2021 00:41:06 GMT
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=dce92ee15bffc23d8e31137e73f8f28&ex=freewheel.tv&gdpr=0&gdpr_consent=
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=dce92ee15bffc23d8e31137e73f8f28&ex=freewheel.tv&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:07 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
4BMQEYSNPGRB1FWP44VX
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:06 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=dce92ee15bffc23d8e31137e73f8f28&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1631234465896078-589
Expires
Fri, 10 Sep 2021 00:41:06 GMT
prUAFVTiRfGELjzXPvVd1nm_NJ9lJY-Qji31nqAANQvuKfhg9qR-BWo6retaFCxiS2PosVvayCLeO0JcX0T9XyCWOcDhGZontQwJg8Uq2K0xcBmgxYT61m7MSItrCpS8f4gAFq-2aVtvd-ArJ0-w7VCMWf85dxGQhlEeRPy5LkHb7WytMPCie5ztcSOw43Crpcp4e...
eu.sportradarserving.com/vimp/ Frame 163E 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.sportradarserving.com/vimp/prUAFVTiRfGELjzXPvVd1nm_NJ9lJY-Qji31nqAANQvuKfhg9qR-BWo6retaFCxiS2PosVvayCLeO0JcX0T9XyCWOcDhGZontQwJg8Uq2K0xcBmgxYT61m7MSItrCpS8f4gAFq-2aVtvd-ArJ0-w7VCMWf85dxGQhlEeRPy5LkHb7WytMPCie5ztcSOw43Crpcp4e5bUG_yzQChlWPCIsSM1wBgvfmqahrOJMlMty7r26MYf1HG4aWbxBrXd4YE3Qvmt-rPZtTQcU2vgtPYxgO6_D8wmW_tjbQDd2g-3LihdMcITlVCVvub4m_SB40WdfmsKgXUKZ_rmSFCICAG3rBxoyTtRyy91IxOa5Vgg7EB5LkqaYk7t2RmW51AoDM1126lvB7x0Ckhdw9i8EMTC5TjLDrZ-dGvnfaByy6_tmYVndEeSLNO4nH1_DTZH5YsMEfGUhFRZwsZ-HuBNfR1UUO4O2EmCjrg1amSdCrSUCtZd_aeT0YMwnJm3Yp9PRWc6MryymkS0ZuBxvKAcjRIMNiUsUjUztP5Nuk3yZUTEMLwOzul6SIiqc1g2eUhWjU1VhBj59xC3bMndphkEmYOCHhGx1Bh17D0mQDJkFHS71msjDsZwXadQPntGh-eMPoCaxPLG5IiViFJDYn1GTwoh85SWwQdSjuiAWboONERjJLlVSDfv6_yBT-udS1B4_pE8hRDkVkx-bU-mfIW4XBfqidoqWApL6LO7eNyFOTlzrWHy3VzEtY1bj9-Ge2Jwsv1CrwVTRxpH0BBBIyt1yAYqTOUYYom8xlFWHYhJXaLCoPYdUDnryTRMRQI0T2BRev9GCaU7ScH_y7LwfHgBnaYpfGJ4h1dyZ48AbbOels5po8s9FkeqF_FbJWqSlNw78QI0rHhsy1JTIAv845tcKsgB0bRaHTNixfuFsNw0Gj4iee29Ooz2Zba51M0jJE6d5P744mPDe5hKvzbtGgYXljZc3Jn9sjY2MCLogil7hCDWLY23J7qwpiAmkODAqcqEyMhd2Fi2_VyacMSijjBLYeI7S7-096N1svS0WEpOixPA0Teg1AQIevwY76fddz9YLWmgrvVqCXbgpxAWNZkY3mSgoDUK6pgZkX3XwtF1GlsltCM-m_5AtneaCEqMIvF6bGWhFI7t42Dyf2_9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.205.93 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-205-93.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/ul_cb/content/prUAFVTiRfGELjzXPvVd1nm_NJ9lJY-Qji31nqAANQvuKfhg9qR-BWo6retaFCxiS2PosVvayCLeO0JcX0T9XyCWOcDhGZontQwJg8Uq2K0xcBmgxYT61m7MSItrCpS8f4gAFq-2aVtvd-ArJ0-w7VCMWf85dxGQhlEeRPy5LkHb7WytMPCie5ztcSOw43Crpcp4e5bUG_yzQChlWPCIsSM1wBgvfmqahrOJMlMty7r26MYf1HG4aWbxBrXd4YE3Qvmt-rPZtTQcU2vgtPYxgO6_D8wmW_tjbQDd2g-3LihdMcITlVCVvub4m_SB40WdfmsKgXUKZ_rmSFCICAG3rBxoyTtRyy91IxOa5Vgg7EB5LkqaYk7t2RmW51AoDM1126lvB7x0Ckhdw9i8EMTC5TjLDrZ-dGvnfaByy6_tmYVndEeSLNO4nH1_DTZH5YsMEfGUhFRZwsZ-HuBNfR1UUO4O2EmCjrg1amSdCrSUCtZd_aeT0YMwnJm3Yp9PRWc6MryymkS0ZuBxvKAcjRIMNiUsUjUztP5Nuk3yZUTEMLwOzul6SIiqc1g2eUhWjU1VhBj59xC3bMndphkEmYOCHhGx1Bh17D0mQDJkFHS71msjDsZwXadQPntGh-eMPoCaxPLG5IiViFJDYn1GTwoh85SWwQdSjuiAWboONERjJLlVSDfv6_yBT-udS1B4_pE8hRDkVkx-bU-mfIW4XBfqidoqWApL6LO7eNyFOTlzrWHy3VzEtY1bj9-Ge2Jwsv1CrwVTRxpH0BBBIyt1yAYqTOUYYom8xlFWHYhJXaLCoPYdUDnryTRMRQI0T2BRev9GCaU7ScH_y7LwfHgBnaYpfGJ4h1dyZ48AbbOels5po8s9FkeqF_FbJWqSlNw78QI0rHhsy1JTIAv845tcKsgB0bRaHTNixfuFsNw0Gj4iee29Ooz2Zba51M0jJE6d5P744mPDe5hKvzbtGgYXljZc3Jn9sjY2MCLogil7hCDWLY23J7qwpiAmkODAqcqEyMhd2Fi2_VyacMSijjBLYeI7S7-096N1svS0WEpOixPA0Teg1AQIevwY76fddz9YLWmgrvVqCXbgpxAWNZkY3mSgoDUK6pgZkX3XwtF1GlsltCM-m_5AtneaCEqMIvF6bGWhFI7t42Dyf2_9/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:06 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length
43
Content-Type
image/gif
ac
www8.smartadserver.com/ Frame 5D21 		129 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www8.smartadserver.com/ac?siteid=115779&pgid=1343580&fmtid=43957&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1631234465&vpw=432&vph=243&pgDomain=ask.fm&gdpr_consent=&gdpr=1&schain=1.0,1!viralize.com,4704,1,,,
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:06 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://ask.fm
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8
transfer-encoding
chunked
/
ads.viralize.tv/t-bid-opportunity/ Frame 5D21 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ec11cfc7be8e90ba4b575b63621e31&item=YWRuXzU5ODS-YIjxxk9_4Q%3D%3D.5.wp5sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:06 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
storage.html
moe.video/ Frame F09E 		18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moe.video/storage.html?v=08
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.106.12 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f41.moevideo.net
Software
nginx /
Resource Hash
55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Host
moe.video
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://moevideo.biz/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/

Response headers

Server
nginx
Date
Fri, 10 Sep 2021 00:41:06 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 30 Aug 2021 11:42:50 GMT
ETag
W/"612cc43a-4783"
X-My-Name
s13
X-My-Reqtime
0.100
X-B-Name
f41
Content-Encoding
gzip
truncated
/ Frame 87C7 		313 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6add357eb64adef558f956767816927de0b8be69dd7a8f50953a0f79ee20daee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
shim.gif
creatives.sascdn.com/ Frame 5D21 		43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creatives.sascdn.com/shim.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:d9::58dd:305b London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:07 GMT
Last-Modified
Fri, 17 Aug 2018 12:23:00 GMT
Server
Apache
ETag
"221d8352905f2c38b3cb2bd191d630b0:1534508580"
Content-Type
image/gif
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Sat, 10 Sep 2022 00:41:07 GMT
/
ads.viralize.tv/d-vast/ Frame 5D21 		71 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.viralize.tv/d-vast/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fask.fm&cbb=1234464826&sid=01ec11cfc7be8e90ba4b575b63621e31&experiment=ops.v&ahd=1&enable_branding=0&player_session=%7B%22page_id%22%3A%22017bcd269e918cf6853531fb407c70f0%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1217%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22width%22%3A432%2C%22height%22%3A243%7D%7D&dd=ask.fm&sc=1&gdpr=1&cmp=unavailable&wfp=6&rcx=460.a05dc8e3.1.12
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
3419057d4d0ea2416ad392eb797ded2ac1033896fc70df1dadd4eaad31862bf1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:06 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding, Origin
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://ask.fm
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
ptv
secure.adnxs.com/ Frame 5D21 		27 B
850 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/ptv?member=9986&id=19417490&vplaybackmethod=2&referrer=ask.fm&gdpr=1&gdpr_consent=&cb=1631234465
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:06 GMT
X-Proxy-Origin
194.36.108.19; 194.36.108.19; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
fb893541-1318-4047-a124-9a75f32cd4c6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
27
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
ads.viralize.tv/t-bid-opportunity/ Frame 5D21 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ec11cfc7be8e90ba4b575b63621e31&item=YWRuXzQ5OTY7qXte0KBA8w%3D%3D.7.wp7sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:06 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 00:41:06 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 00:41:06 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame 0766 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 00:41:06 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 0766 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 00:41:06 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
av
viralize-d.openx.net/v/1.0/ Frame 5D21 		48 B
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://viralize-d.openx.net/v/1.0/av?auid=543860668&url=ask.fm&cb=1631234465&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.215.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:06 GMT
content-encoding
gzip
server
OXGW/16.215.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ask.fm
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
ads.viralize.tv/t-bid-opportunity/ Frame 5D21 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ec11cfc7be8e90ba4b575b63621e31&item=YWRuXzU5Mzcbjd2pOTNLEQ%3D%3D.8.wp8sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:06 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
ads.viralize.tv/track/ Frame 5D21 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec11cfc7be8e90ba4b575b63621e31%3A0%3AYWRuXzU5ODS-YIjxxk9_4Q%3D%3D~wp5sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzU5ODS-YIjxxk9_4Q%3D%3D~wp5sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec11cfc7be8e90ba4b575b63621e31%3A0%3AYWRuXzQ5OTY7qXte0KBA8w%3D%3D~wp7sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzQ5OTY7qXte0KBA8w%3D%3D~wp7sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:06 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
cors
data.ad-score.com/data/ Frame 163E 		1 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=RSQGGJYfEXmupzWoXrNmEpEveIZlFxPQ-FE7fPshldVrqKDwc0HLJEULAPg==-E0zCPc9laVXmNg==&pm_ct=2448487b1d18d01420f59fef&pm_pl=1631234465576&pm_td=1283&pid=1000791&en=1.1&callback=__pm_glbl_1APuPk7JtD4qMlOwJOnEbDbV._gc6&tt=g&v=01ec985
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000791&tt=g
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://eu.sportradarserving.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://eu.sportradarserving.com
Date
Fri, 10 Sep 2021 00:41:06 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
/
adx.adform.net/adx/ Frame 5D21 		65 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=952584&t=2&url=https%3A%2F%2Fask.fm&gdpr=1&gdpr_consent=&w=432&h=243&t=1&random=1631234465
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:06 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
ads.viralize.tv/t-bid-opportunity/ Frame 5D21 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ec11cfc7be8e90ba4b575b63621e31&item=YWRuXzU5MDWV50jyfwo5FQ%3D%3D.9.wp9sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:06 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
optad360.js
serving.stat-rock.com/player/ 		307 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serving.stat-rock.com/player/optad360.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.217.114.174 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap10.adplayer.pro
Software
nginx /
Resource Hash
dec9b1658814521902f86d8ba736b2e32de4fc3642069815e0a7d852f0ca9383

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:07 GMT
content-encoding
gzip
last-modified
Mon, 06 Sep 2021 07:45:44 GMT
server
nginx
etag
W/"6135c728-4caf3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=600
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
1c24b5cb3859886782353296b2915ec18d08b329f9dbcc1737d31d2cf34a6ee6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:07 GMT
X-Proxy-Origin
194.36.108.19; 194.36.108.19; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
146287d6-b60a-4fef-82b2-8e5d5a6964d2
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
adx.adform.net/adx/ 		5 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTgwMjYyMCZ0cmFuc2FjdGlvbklkPWRkYWEzYzIzLWNjOTAtNGY1Ni04YTQzLWNmMGRmYjgyMzc0YyZyY3VyPVBMTg%3D%3D&pt=gross&stid=db028d3d-eb0b-439d-9fa3-c5e04f8afc6a&gdpr=0&gdpr_consent=undefined&fd=1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6910704cc567c1c523714285579136cc385037049ef3e7fb82744b12c12ad539
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:07 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://ask.fm
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
9946573522de9537cf41e48add3b595bbd8c74137ee32cf37b017ad2b2353a5b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:07 GMT
X-Proxy-Origin
194.36.108.19; 194.36.108.19; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
41d11cf5-8e72-40fb-ab17-d19153a048f3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
ads.viralize.tv/track/ Frame 5D21 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec11cfc7be8e90ba4b575b63621e31%3A0%3AYWRuXzU5Mzcbjd2pOTNLEQ%3D%3D~wp8sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzU5Mzcbjd2pOTNLEQ%3D%3D~wp8sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:06 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
pixel.gif
px.moatads.com/ Frame 163E 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&pxm=&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=BETWAY_GLOBAL_FT_DISPLAY1&ol=1058780619&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%3AxkrG%3D01%60%3CY%24d!K%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-SRU9GJ%2BZ4ONI7%2BlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&sc=1&os=1-AA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fask.fm%2F&id=0&ii=9&f=1&j=https%3A%2F%2Fask.fm&lp=https%3A%2F%2Fask.fm&t=1631234465813&de=65749779014&cu=1631234465813&m=1147&ar=503c7d4-clean&iw=85d6c64&cb=0&ym=0&ll=2&lm=3&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A331%3A331%3A1025%3A121&aa=1&ad=1008&cn=97&gn=1&gk=1008&gl=97&ik=1008&ic=1008&ez=1&co=1008&cp=907&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=907&cd=35&ah=907&am=35&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=152991%3A17602%3A5602466%3A3529837&bo=ask.fm&bd=ask.fm&gw=betwayglobalftdisplay906661272790&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMMStrategy=-&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=194337&na=676464123&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.122.150.58 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-150-58.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:06 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 10 Sep 2021 00:41:06 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 5D21 		965 B
849 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1631234465
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.149.47 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-149-47.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2dbdc9ce43f451197930c2ad2904040c236e395cb00eabeace3396e8d1a5cee9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:06 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5b82218517c94"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
597
expires
Fri, 10 Sep 2021 00:41:06 GMT
/
ads.viralize.tv/t-bid-opportunity/ Frame 5D21 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ec11cfc7be8e90ba4b575b63621e31&item=YWRuXzYwMzne7x9rsv40Jg%3D%3D.10.wp10sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:06 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
ads.viralize.tv/t-bid-done/ Frame 5D21 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-done/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&item=YWRuXzYwMzne7x9rsv40Jg%3D%3D&sc=wp10sc1&l=vpaid&as=PubMatic&ct=application%2Fjavascript&sid=01ec11cfc7be8e90ba4b575b63621e31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:07 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame CFE0 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1631234465
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_player.min.b9da9260.js?e=ops
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.149.47 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-149-47.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:07 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
pixel.gif
px.moatads.com/ Frame 163E 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&pxm=&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=BETWAY_GLOBAL_FT_DISPLAY1&ol=1058780619&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%3AxkrG%3D01%60%3CY%24d!K%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-SRU9GJ%2BZ4ONI7%2BlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&sc=1&os=1-AA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fask.fm%2F&id=0&ii=9&f=1&j=https%3A%2F%2Fask.fm&lp=https%3A%2F%2Fask.fm&t=1631234465813&de=65749779014&cu=1631234465813&m=1149&ar=503c7d4-clean&iw=85d6c64&cb=0&ym=0&ll=2&lm=3&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A331%3A331%3A1025%3A121&aa=1&ad=1008&cn=1008&gn=1&gk=1008&gl=1008&ik=1008&ic=1008&ez=1&co=1008&cp=907&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=907&cd=907&ah=907&am=907&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=152991%3A17602%3A5602466%3A3529837&bo=ask.fm&bd=ask.fm&gw=betwayglobalftdisplay906661272790&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMMStrategy=-&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=194337&na=374703046&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.122.150.58 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-150-58.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:07 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 10 Sep 2021 00:41:07 GMT
/
ads.viralize.tv/track/ Frame 5D21 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec11cfc7be8e90ba4b575b63621e31%3A0%3AYWRuXzU5MDWV50jyfwo5FQ%3D%3D~wp9sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzU5MDWV50jyfwo5FQ%3D%3D~wp9sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_done%22%2C%22session_id%22%3A%2201ec11cfc7be8e90ba4b575b63621e31%3A0%3AYWRuXzYwMzne7x9rsv40Jg%3D%3D~wp10sc1%3A0%22%2C%22bid_done_id%22%3A%220%22%2C%22label%22%3A%22bid_selected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:07 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
pixel.gif
px.moatads.com/ Frame 163E 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&pxm=&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=BETWAY_GLOBAL_FT_DISPLAY1&ol=1058780619&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%3AxkrG%3D01%60%3CY%24d!K%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-SRU9GJ%2BZ4ONI7%2BlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&sc=1&os=1-AA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fask.fm%2F&id=0&ii=9&f=1&j=https%3A%2F%2Fask.fm&lp=https%3A%2F%2Fask.fm&t=1631234465813&de=65749779014&cu=1631234465813&m=1150&ar=503c7d4-clean&iw=85d6c64&cb=0&ym=0&ll=2&lm=3&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A331%3A331%3A1025%3A121&aa=1&ad=1008&cn=1008&gn=1&gk=1008&gl=1008&ik=1008&ic=1008&ez=1&co=1008&cp=907&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=907&cd=907&ah=907&am=907&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=152991%3A17602%3A5602466%3A3529837&bo=ask.fm&bd=ask.fm&gw=betwayglobalftdisplay906661272790&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMMStrategy=-&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=194337&na=1859672860&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.122.150.58 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-150-58.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:07 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 10 Sep 2021 00:41:07 GMT
widget.81c6784b5877a281166d.js
c.bannerflow.net/scripts/ Frame C50E 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/widget.81c6784b5877a281166d.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/610a76f4256010b5f790cc57?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc57&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602466%3B3529837%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
407837d8c439977d467f0868cc7be102ffbe3e0d354b3375cbf5d60804d98fd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc57&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602466%3B3529837%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 Sep 2021 00:41:07 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
iPO6K46q8/CbzZoIAMTVog==
age
3453087
cf-polished
origSize=19905
x-ms-lease-status
unlocked
last-modified
Thu, 29 Jul 2021 12:49:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9110105e-e01e-006a-5a74-86350e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2009-09-19
cf-ray
68c49bdb6a41fcad-VIE
cf-bgj
minify
feed.72c1100847dd73ecbd0a.js
c.bannerflow.net/scripts/ Frame C50E 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/feed.72c1100847dd73ecbd0a.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/610a76f4256010b5f790cc57?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc57&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602466%3B3529837%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09a1035ead5512982d8e543a9f0ca11d44a49f301e105236bd0f32cf6da3e120

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc57&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602466%3B3529837%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 Sep 2021 00:41:07 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
mCALpUEGzShtLdm5CRhzxA==
age
3601329
cf-polished
origSize=5343
x-ms-lease-status
unlocked
last-modified
Thu, 29 Jul 2021 12:49:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
28f03ba1-f01e-0082-641b-85ac98000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2009-09-19
cf-ray
68c49bdb6a44fcad-VIE
cf-bgj
minify
document.926509ef70.js
c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/published/966808/1214684/ Frame C50E 		103 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/published/966808/1214684/document.926509ef70.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/610a76f4256010b5f790cc57?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc57&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602466%3B3529837%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24e3923321e38333574512073e08311bccc56afe6f0aacb5fedf6a3fba784db8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc57&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602466%3B3529837%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 Sep 2021 00:41:07 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
kmUJ73As7eomSNyh+N2xhA==
age
83279
cf-polished
origSize=109037
x-ms-lease-status
unlocked
last-modified
Tue, 10 Aug 2021 11:20:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
cf9512e2-201e-005a-5c1a-a58bc1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2009-09-19
cf-ray
68c49bdb6a45fcad-VIE
cf-bgj
minify
animated-creative.3e2f59a6b242873c0282.js
c.bannerflow.net/scripts/ Frame C50E 		131 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/animated-creative.3e2f59a6b242873c0282.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/610a76f4256010b5f790cc57?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc57&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602466%3B3529837%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b21e8894208f8d634fc7efcad5afa5d3bef4a18a9525d01392cddb6b808691c1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc57&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602466%3B3529837%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 Sep 2021 00:41:07 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
3uwMcSr/fpqz/DEHIqBWYw==
age
3601329
cf-polished
origSize=133712
x-ms-lease-status
unlocked
last-modified
Thu, 29 Jul 2021 17:12:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
837205d7-401e-0011-771b-857792000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2009-09-19
cf-ray
68c49bdb6a47fcad-VIE
cf-bgj
minify
showad.js
ads.pubmatic.com/AdServer/js/ Frame 4823 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1631234465
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.149.47 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-149-47.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ask.fm/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=99B50716-645B-4619-885E-FF6900806EF8; chkChromeAb67Sec=1; DPSync3=1632441600%3A201_197_219%7C1631318400%3A174; SyncRTB3=1632441600%3A234_204_189_231_56_99_176_21_3_8_55_165_88_7_81_230_161_22_166_220_71_222_13_54%7C1632528000%3A35%7C1632096000%3A63%7C1633824000%3A203%7C1631836800%3A223_15_2; KRTBCOOKIE_57=22776-8753280251054543738; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESENTIr-0_0qIBssK1GrxVwuA&KRTB&16514-CAESENTIr-0_0qIBssK1GrxVwuA&KRTB&23025-CAESENTIr-0_0qIBssK1GrxVwuA; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_409=22966-mP6c8yWZTjRovg8LPKj3XdLp; KRTBCOOKIE_153=19420-wWHgSZZpshjaMeMdlmT-GZVl4UzaMuUYxGcZA9CR&KRTB&22979-wWHgSZZpshjaMeMdlmT-GZVl4UzaMuUYxGcZA9CR; KRTBCOOKIE_1101=23040-7006098674996082839; KRTBCOOKIE_22=14911-8632571902530157938; KRTBCOOKIE_377=6810-be919faa-1a75-4dee-97fe-3f0e168429c9&KRTB&22918-be919faa-1a75-4dee-97fe-3f0e168429c9&KRTB&23031-be919faa-1a75-4dee-97fe-3f0e168429c9; KRTBCOOKIE_27=16735-uid:ec47613a-a9a0-4400-88c3-4f3971a0b5d2&KRTB&16736-uid:ec47613a-a9a0-4400-88c3-4f3971a0b5d2&KRTB&23019-uid:ec47613a-a9a0-4400-88c3-4f3971a0b5d2&KRTB&23114-uid:ec47613a-a9a0-4400-88c3-4f3971a0b5d2; SPugT=1631234463; KRTBCOOKIE_391=22924-5802539667209419446&KRTB&23263-5802539667209419446; KRTBCOOKIE_466=16530-fdbbf0d3-14c9-4e18-beb2-1f263514daae; KRTBCOOKIE_336=5844-9109962894328357128; KRTBCOOKIE_594=17105-RX-b002ce4b-af79-4b56-b8be-e8737ddf4673-003&KRTB&17107-RX-b002ce4b-af79-4b56-b8be-e8737ddf4673-003; PugT=1631234464; KRTBCOOKIE_218=22978-YTqpoAAAVIlJPAAT&KRTB&23194-YTqpoAAAVIlJPAAT&KRTB&23209-YTqpoAAAVIlJPAAT&KRTB&23244-YTqpoAAAVIlJPAAT; KRTBCOOKIE_1074=22956-e_41fcf18c-4708-488e-894a-d8c42b5365c8; pp=156498; PMDTSHR=cat:
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=119650
expires
Sat, 11 Sep 2021 09:55:17 GMT
date
Fri, 10 Sep 2021 00:41:07 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame CFE0 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1631234465
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.149.47 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-149-47.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:07 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:07:52 GMT
server
Apache/2.2.15 (CentOS)
etag
"13006b6-974e-5c4c7cb53d8cb"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=119650
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13946
expires
Sat, 11 Sep 2021 09:55:17 GMT
auction_multi
am-0.moevideo.biz/ssp/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://am-0.moevideo.biz/ssp/auction_multi
Protocol
HTTP/1.1
Server
92.223.103.116 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f54.moevideo.net
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://moevideo.biz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Fri, 10 Sep 2021 00:41:07 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET, POST, OPTIONS
auction_multi
am-0.moevideo.biz/ssp/ Frame 87C7 		2 B
472 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://am-0.moevideo.biz/ssp/auction_multi
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.116 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f54.moevideo.net
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:07 GMT
X-Balancer-Name
f54
Last-Modified
Fri, 10 Sep 2021 00:41:07 GMT
Server
nginx
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://moevideo.biz
X-B-Name
f54
Cache-Control
no-cache, must-revalidate;post-check=0,pre-check=0;max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
Expires
Thu, 19 Feb 1998 13:24:18 GMT
analytics.js
www.google-analytics.com/ Frame 87C7 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=BgKKYfpisL2DMd60%2Brsy9hRFCVVeHrUxvTQR747gOTh62fsQrHV4Nibe3I84mXOk&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fspadebook33&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:80f::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
1414
date
Fri, 10 Sep 2021 00:17:33 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Fri, 10 Sep 2021 02:17:33 GMT
ads-async.js
ad.mail.ru/static/ Frame 87C7 		193 B
485 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/static/ads-async.js
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=BgKKYfpisL2DMd60%2Brsy9hRFCVVeHrUxvTQR747gOTh62fsQrHV4Nibe3I84mXOk&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fspadebook33&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
d0d2b70ff09df898f2652af487149d55391a4088ad738ad9f69286ef5e734811

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:07 GMT
Server
nginx
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=600
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
193
Expires
Fri, 10 Sep 2021 00:51:07 GMT
AdRiverFPS_MV.js
content.adriver.ru/banners/0007207/0007207973/0/ Frame 87C7 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.adriver.ru/banners/0007207/0007207973/0/AdRiverFPS_MV.js?id1=186662e8883042b41dc9
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=BgKKYfpisL2DMd60%2Brsy9hRFCVVeHrUxvTQR747gOTh62fsQrHV4Nibe3I84mXOk&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fspadebook33&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.96.52 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
c95123ccc9890a5ac5dba9d9060abc099e1fcb9f7e1043c675188ac12942616f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:07 GMT
last-modified
Fri, 09 Apr 2021 14:49:31 GMT
server
nginx
etag
"6070697b-26a8"
content-type
application/x-javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
9896
expires
Fri, 10 Sep 2021 01:41:07 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 4823 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=64215362&p=156962&s=795650&a=3435608&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b0373085b66528d11e38de4b36e037830f7e883dc699dc9929c01cdf6185289a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1595
content-type
text/html; charset=UTF-8
storage.html
moe.video/ Frame BCA7 		18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moe.video/storage.html?v=08
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.106.12 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f41.moevideo.net
Software
nginx /
Resource Hash
55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Host
moe.video
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://moevideo.biz/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/

Response headers

Server
nginx
Date
Fri, 10 Sep 2021 00:41:07 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 30 Aug 2021 11:44:00 GMT
ETag
W/"612cc480-4783"
X-My-Name
s33
X-My-Reqtime
0.080
X-B-Name
f41
Content-Encoding
gzip
storage.html
moe.video/ Frame EEBF 		18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moe.video/storage.html?v=08
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.106.12 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f41.moevideo.net
Software
nginx /
Resource Hash
55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Host
moe.video
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://moevideo.biz/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/

Response headers

Server
nginx
Date
Fri, 10 Sep 2021 00:41:07 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 30 Aug 2021 11:44:04 GMT
ETag
W/"612cc484-4783"
X-My-Name
s45
X-My-Reqtime
0.093
X-B-Name
f41
Content-Encoding
gzip
Pug
simage2.pubmatic.com/AdServer/ Frame 9DF7
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:kVIHXRy11MouBk5&gdpr=0&gdpr_consent=
42 B
366 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:kVIHXRy11MouBk5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:kVIHXRy11MouBk5&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=99B50716-645B-4619-885E-FF6900806EF8; KRTBCOOKIE_57=22776-8753280251054543738; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESENTIr-0_0qIBssK1GrxVwuA&KRTB&16514-CAESENTIr-0_0qIBssK1GrxVwuA&KRTB&23025-CAESENTIr-0_0qIBssK1GrxVwuA; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_409=22966-mP6c8yWZTjRovg8LPKj3XdLp; KRTBCOOKIE_153=19420-wWHgSZZpshjaMeMdlmT-GZVl4UzaMuUYxGcZA9CR&KRTB&22979-wWHgSZZpshjaMeMdlmT-GZVl4UzaMuUYxGcZA9CR; KRTBCOOKIE_1101=23040-7006098674996082839; KRTBCOOKIE_22=14911-8632571902530157938; KRTBCOOKIE_377=6810-be919faa-1a75-4dee-97fe-3f0e168429c9&KRTB&22918-be919faa-1a75-4dee-97fe-3f0e168429c9&KRTB&23031-be919faa-1a75-4dee-97fe-3f0e168429c9; KRTBCOOKIE_27=16735-uid:ec47613a-a9a0-4400-88c3-4f3971a0b5d2&KRTB&16736-uid:ec47613a-a9a0-4400-88c3-4f3971a0b5d2&KRTB&23019-uid:ec47613a-a9a0-4400-88c3-4f3971a0b5d2&KRTB&23114-uid:ec47613a-a9a0-4400-88c3-4f3971a0b5d2; SPugT=1631234463; KRTBCOOKIE_391=22924-5802539667209419446&KRTB&23263-5802539667209419446; KRTBCOOKIE_466=16530-fdbbf0d3-14c9-4e18-beb2-1f263514daae; KRTBCOOKIE_336=5844-9109962894328357128; KRTBCOOKIE_594=17105-RX-b002ce4b-af79-4b56-b8be-e8737ddf4673-003&KRTB&17107-RX-b002ce4b-af79-4b56-b8be-e8737ddf4673-003; PugT=1631234464; KRTBCOOKIE_218=22978-YTqpoAAAVIlJPAAT&KRTB&23194-YTqpoAAAVIlJPAAT&KRTB&23209-YTqpoAAAVIlJPAAT&KRTB&23244-YTqpoAAAVIlJPAAT; KRTBCOOKIE_1074=22956-e_41fcf18c-4708-488e-894a-d8c42b5365c8; pp=156498; PMDTSHR=cat:; chkChromeAb67Sec=2; DPSync3=1632441600%3A226_227_201_197_219_221%7C1633824000%3A232%7C1631318400%3A174; SyncRTB3=1631836800%3A2_223_15%7C1636416000%3A69%7C1632528000%3A35%7C1632096000%3A63%7C1633824000%3A203%7C1632441600%3A166_233_99_8_165_81_3_7_176_104_234_56_88_13_57_21_222_22_220_71_54_204_189_231_161_55_230_5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 10 Sep 2021 00:41:07 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_107=1471-uid:kVIHXRy11MouBk5; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 09-Dec-2021 00:41:07 GMT; path=/ PugT=1631234467; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 10-Oct-2021 00:41:07 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 09-Dec-2021 00:41:07 GMT; path=/
x-lat
lhrpug009:0:424
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Fri, 10 Sep 2021 00:41:06 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:kVIHXRy11MouBk5&gdpr=0&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/v2.0.30-675-ga433434#rel-ec2-master i-0ba344ce46fae568e@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Set-Cookie
wfivefivec=kVIHXRy11MouBk5; Domain=.w55c.net; Expires=Mon, 10-Oct-2022 00:41:07 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Sun, 10-Oct-2021 00:41:07 GMT; Path=/; SameSite=None; Secure
Strict-Transport-Security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
usersync
match.bnmla.com/ Frame 4D88 		0
114 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.101 Chestertown, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
match.bnmla.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Fri, 10 Sep 2021 00:41:07 GMT
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 8B15
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:762AF14F632641BB920CDABAF016FA99
1 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:762AF14F632641BB920CDABAF016FA99
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:762AF14F632641BB920CDABAF016FA99
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=99B50716-645B-4619-885E-FF6900806EF8; KRTBCOOKIE_57=22776-8753280251054543738; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESENTIr-0_0qIBssK1GrxVwuA&KRTB&16514-CAESENTIr-0_0qIBssK1GrxVwuA&KRTB&23025-CAESENTIr-0_0qIBssK1GrxVwuA; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_409=22966-mP6c8yWZTjRovg8LPKj3XdLp; KRTBCOOKIE_153=19420-wWHgSZZpshjaMeMdlmT-GZVl4UzaMuUYxGcZA9CR&KRTB&22979-wWHgSZZpshjaMeMdlmT-GZVl4UzaMuUYxGcZA9CR; KRTBCOOKIE_1101=23040-7006098674996082839; KRTBCOOKIE_22=14911-8632571902530157938; KRTBCOOKIE_377=6810-be919faa-1a75-4dee-97fe-3f0e168429c9&KRTB&22918-be919faa-1a75-4dee-97fe-3f0e168429c9&KRTB&23031-be919faa-1a75-4dee-97fe-3f0e168429c9; KRTBCOOKIE_27=16735-uid:ec47613a-a9a0-4400-88c3-4f3971a0b5d2&KRTB&16736-uid:ec47613a-a9a0-4400-88c3-4f3971a0b5d2&KRTB&23019-uid:ec47613a-a9a0-4400-88c3-4f3971a0b5d2&KRTB&23114-uid:ec47613a-a9a0-4400-88c3-4f3971a0b5d2; SPugT=1631234463; KRTBCOOKIE_391=22924-5802539667209419446&KRTB&23263-5802539667209419446; KRTBCOOKIE_466=16530-fdbbf0d3-14c9-4e18-beb2-1f263514daae; KRTBCOOKIE_336=5844-9109962894328357128; KRTBCOOKIE_594=17105-RX-b002ce4b-af79-4b56-b8be-e8737ddf4673-003&KRTB&17107-RX-b002ce4b-af79-4b56-b8be-e8737ddf4673-003; PugT=1631234464; KRTBCOOKIE_218=22978-YTqpoAAAVIlJPAAT&KRTB&23194-YTqpoAAAVIlJPAAT&KRTB&23209-YTqpoAAAVIlJPAAT&KRTB&23244-YTqpoAAAVIlJPAAT; KRTBCOOKIE_1074=22956-e_41fcf18c-4708-488e-894a-d8c42b5365c8; pp=156498; PMDTSHR=cat:; chkChromeAb67Sec=2; DPSync3=1632441600%3A226_227_201_197_219_221%7C1633824000%3A232%7C1631318400%3A174; SyncRTB3=1631836800%3A2_223_15%7C1636416000%3A69%7C1632528000%3A35%7C1632096000%3A63%7C1633824000%3A203%7C1632441600%3A166_233_99_8_165_81_3_7_176_104_234_56_88_13_57_21_222_22_220_71_54_204_189_231_161_55_230_5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 10 Sep 2021 00:41:07 GMT
content-type
text/html; charset=utf-8
content-length
1
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 09-Dec-2021 00:41:07 GMT; path=/
x-lat
lhrpug011:0:412
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
nginx
date
Fri, 10 Sep 2021 00:41:07 GMT
content-type
text/html
content-length
154
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:762AF14F632641BB920CDABAF016FA99
expires
Thu, 09 Sep 2021 00:41:07 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Pug
simage2.pubmatic.com/AdServer/ Frame 9CB8
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VcaibnwWRb5BtkCfnIBbYMIkbBM
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VcaibnwWRb5BtkCfnIBbYMIkbBM
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VcaibnwWRb5BtkCfnIBbYMIkbBM
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=99B50716-645B-4619-885E-FF6900806EF8; KRTBCOOKIE_57=22776-8753280251054543738; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESENTIr-0_0qIBssK1GrxVwuA&KRTB&16514-CAESENTIr-0_0qIBssK1GrxVwuA&KRTB&23025-CAESENTIr-0_0qIBssK1GrxVwuA; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_409=22966-mP6c8yWZTjRovg8LPKj3XdLp; KRTBCOOKIE_153=19420-wWHgSZZpshjaMeMdlmT-GZVl4UzaMuUYxGcZA9CR&KRTB&22979-wWHgSZZpshjaMeMdlmT-GZVl4UzaMuUYxGcZA9CR; KRTBCOOKIE_1101=23040-7006098674996082839; KRTBCOOKIE_22=14911-8632571902530157938; KRTBCOOKIE_377=6810-be919faa-1a75-4dee-97fe-3f0e168429c9&KRTB&22918-be919faa-1a75-4dee-97fe-3f0e168429c9&KRTB&23031-be919faa-1a75-4dee-97fe-3f0e168429c9; KRTBCOOKIE_27=16735-uid:ec47613a-a9a0-4400-88c3-4f3971a0b5d2&KRTB&16736-uid:ec47613a-a9a0-4400-88c3-4f3971a0b5d2&KRTB&23019-uid:ec47613a-a9a0-4400-88c3-4f3971a0b5d2&KRTB&23114-uid:ec47613a-a9a0-4400-88c3-4f3971a0b5d2; SPugT=1631234463; KRTBCOOKIE_391=22924-5802539667209419446&KRTB&23263-5802539667209419446; KRTBCOOKIE_466=16530-fdbbf0d3-14c9-4e18-beb2-1f263514daae; KRTBCOOKIE_336=5844-9109962894328357128; KRTBCOOKIE_594=17105-RX-b002ce4b-af79-4b56-b8be-e8737ddf4673-003&KRTB&17107-RX-b002ce4b-af79-4b56-b8be-e8737ddf4673-003; KRTBCOOKIE_218=22978-YTqpoAAAVIlJPAAT&KRTB&23194-YTqpoAAAVIlJPAAT&KRTB&23209-YTqpoAAAVIlJPAAT&KRTB&23244-YTqpoAAAVIlJPAAT; KRTBCOOKIE_1074=22956-e_41fcf18c-4708-488e-894a-d8c42b5365c8; pp=156498; PMDTSHR=cat:; chkChromeAb67Sec=2; DPSync3=1632441600%3A226_227_201_197_219_221%7C1633824000%3A232%7C1631318400%3A174; SyncRTB3=1631836800%3A2_223_15%7C1636416000%3A69%7C1632528000%3A35%7C1632096000%3A63%7C1633824000%3A203%7C1632441600%3A166_233_99_8_165_81_3_7_176_104_234_56_88_13_57_21_222_22_220_71_54_204_189_231_161_55_230_5; KRTBCOOKIE_107=1471-uid:kVIHXRy11MouBk5; PugT=1631234467
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 10 Sep 2021 00:41:07 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_860=16335-VcaibnwWRb5BtkCfnIBbYMIkbBM; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 09-Dec-2021 00:41:07 GMT; path=/ PugT=1631234467; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 10-Oct-2021 00:41:07 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 09-Dec-2021 00:41:07 GMT; path=/
x-lat
lhrpug008:0:515
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Fri, 10 Sep 2021 00:41:07 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VcaibnwWRb5BtkCfnIBbYMIkbBM
Set-Cookie
sa-user-id=s%3A0-55c6a26e-7c16-45be-41b6-409f9c805b60.s8dnR4p2%2BTU0GK6WC3RpY5rsDdUjc61iV%2F9A7BZqBJg; Max-Age=31536000; Secure; SameSite=None sa-user-id-v2=s%3A0-55c6a26e-7c16-45be-41b6-409f9c805b60%24ip%24194.36.108.19.A20iKBgUa2y2Psneei6IM3db5dn0OkhuH%2FE3RWtqzyg; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length
159
Connection
keep-alive
Artemis
aud.pubmatic.com/AdServer/ Frame 4823
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=99B50716-645B-4619-885E-FF6900806EF8&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=99B50716-645B-4619-885E-FF6900806EF8&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=99B50716-645B-4619-885E-FF6900806EF8&addseg=19,36,42
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=99B50716-645B-4619-885E-FF6900806EF8&addseg=19,36,42
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.229 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:07 GMT
content-length
43
content-type
text/plain; charset=utf-8

Redirect headers

date
Fri, 10 Sep 2021 00:41:07 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=99B50716-645B-4619-885E-FF6900806EF8&addseg=19,36,42
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame 4823
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=99B50716-645B-4619-885E-FF6900806EF8&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=99B50716-645B-4619-885E-FF6900806EF8&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=99B50716-645B-4619-885E-FF6900806EF8&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:06 GMT
frontend-id
15
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:06 GMT
frontend-id
14
location
/pubmatic/1/info2?sType=sync&sExtCookieId=99B50716-645B-4619-885E-FF6900806EF8&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 4823 		95 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=99B50716-645B-4619-885E-FF6900806EF8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
68c49bdcdae30d6b-VIE
access-control-allow-headers
*
content-length
95
/
loadm.exelator.com/load/ Frame 4823 		0
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=71&buid=99B50716-645B-4619-885E-FF6900806EF8&gdpr=0&gdpr_consent=&j=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.126.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:07 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
Pug
simage2.pubmatic.com/AdServer/ Frame 4823
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=c966c27b-11cf-11ec-a9a1-2972a6622f69&gdpr=0&gdpr_consent=
1 B
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=c966c27b-11cf-11ec-a9a1-2972a6622f69&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:07 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug012:0:485
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=c966c27b-11cf-11ec-a9a1-2972a6622f69&gdpr=0&gdpr_consent=
Date
Fri, 10 Sep 2021 00:41:06 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
c966c27c-11cf-11ec-a9a1-2972a6622f69
truncated
/ 		630 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
vast
bid.g.doubleclick.net/dbm/ 		14 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BzaBoxSNrjOYgSJ1wKArQW0dkU_XTP4d-VuvxQh_XOB8wfZuJgz5VyNgY8b87W1h5CWcFGAs6I9pHvqzHE_5bGk7ZzTA&cry=1&dbm_d=AKAmf-BoKMJVMJgat784vE04zEeNgLLooVpT4rhNm5w5REpmrzI-Nkc1Y7bSbeBcUVVMih6h13DmCzTFyo1VvjaYmiq_m9mvXikOYpTOyPtqEWE4pxWtgZdhSG--kp0InYtsbMutA5OJQFxvzCVGtS6ocZeR5H4FSHiJ_TW_pIK8XsQcGw6kxKl3Dj9isxEtBIJcYt4A3mpHG7AXtwn2C2B9y8BxJGcyRTLWT8U3xbosMr6gG_RsYXsw-zvJoGf0hwN3ANnMnZn2CXWEGVbGalS2RHz8LSN5ghNvimcoWWGMOyY1n0cOtG1LvneYIToUOBoX-RXwv3pqkk3jorrCL3Iu8FA2YVtp3qvcdyfKJweMkRizNFNovfLs-itPEfn8Sk1W1k9Ojas7Vhvs0CRcHoHXjVvFSamfXD_6MCNrlFhdYyCqaL6oHJrSZaigcgtW1-lwuRWWQzT8njsHB63X4ikhz4j122w4YBdKQMq4V9TEWVjh0TmLLX_ryHoa360Vi78iHTjq2k9DW9FVGd4zLdEDMJ50WB5kOj1Tp-AyjC3WAiuEY0FDlYPLP0gU5mxAQS4U7swYh4cxXuqyaFn6S8gnRyiQAFYRfXV6CMq_lWib9LvecxD4tBI9nnHMiwiMym_BFaWwQxDuPqunnUTv1AARd5sKqAmTe77Ep5hHap-a2NHDcPeASL2uoUg6vCzVVc6mt5HtviyVQoUE8phwfvAyDQG5gKODKeAb3iSDhrSHfAk3yHdwGdFyJdaSiV00jemhVfs9FnQGcAfInKUIlhcl0e9iA9jor98o-I37EzJEGaZoDDi_MfNluVtht1BVhHx_x6abNr6By7FHaGUn3H0ojd2KJwFZYY27JMr4uj72Yu5ZmirxRdwoB87Nd4xEfsbKyvOED9f3zTP7f8b_OP9jUC2ecqwcDBY0seAEETY70hVqgUTnneESBZ0Ma0meWeKgExR3kdi9n7ZAQqvXcqMLwcNz1dFKvIiUKvIywoxwk-iXtRBVlVHsju6PnTsP-wjA80YJEewCIasEOi8OKqY2crHIDfhi7gG4khcgZBwFEa9X-KsKmo3dS0N8KP1B4dKgIxtFat85DWgPH74x2mq2CkEjWq-L81ktpNN219xJixuljETf-qHWclK4FBI7Zq9cHGzH89iCqjNhIkJr3OvWTeQMY9yUU77GafZ4Vr2seBbU_j-vdfFixPrIw0zCMGLUS6S9sUAmZZOBBHQZJsIXl7WMjxCYvrpWW3r6eZxpiSlXEJcNm14-mBA6hY7iOQsT8w7f5ePzQWTa-BgDrtRkRg_klHld6QqBPV1wnnhdjEJNMmPk3PSNq1tywLj1AszO-6E4brgK9PS0LOf1HkHJa3VhZQoud-9y7o11IM4uH96BT-9j-R3NxQsxb1JY3QXzmewAwmBJkK0q4wt7_QUUT9HC5OHuFEHjluoDsIZIOQh6PaxLs8jomyu88_gIProf7fxUssgMnPf9y1z-qEKt5SaufnpsSDmoL4mWtB69T4Oy6quv6dlr_3VGLBQAWS1laEvw7B-U7-P48YsjO9ZQcisjIq7x7YSrGqGScJ_BJfyr8XMZQ9lWeDhKroClugKn_A0QpfAXNEzHeg5zU18OWliP3rc96dBukyEQyK0aiiO69YMa70tNj7Vza0SBT2SyYYeGD7yhR2YRXSUG4RiRuCnfczqX6VsswBJGaPcSwB_2ljZbv2J82jR7ktfv3CcOu_osxwRhHGfi2IsvNqf8SSKEmyRO54byKvJsKRHxPdVxQPOOqA-RpiAmw2bwaU51ddhNHsXj0crhVQeciAsPzydMlhzlsZrJTFLEW4IuLs7nkW3L7deWKWD38W-2BpFWF8WNLtzzFpNBHnx26sulkaH4INutxOdiyUbufMM3Y66UbUcn4Lfvh6bBViYZbT69Yy4jSqkGUyr9KsfzfOMHtKsAGkF-gkITNSMxAawwyMWxcPTPhC3e0t4KIoIneULhXbo4ByS8xHj-YkVDSillf4NkWzYb4Sxm31enLz5cdqYaY2JcrA7TfuKx0OWWJRLl6sU5TBFHMjvyLx5pi77GYDZvO89e_Srb95T2kVmkINB7kf1yCHloeVNGPPlcc2QR7QAz2W-ajFDBmysOdw8SqEekWMvMP8Y2ApGiqFKgv9aNWODwcSJu_71Ntv_0umd6l5dDGzeOWbJFh9-aNFpl3mUaMG7rdmQQ-pfPSh6pQT0SVvfAVo7KFmcQQ1yXfya3sxbG9hlyc7wmuwi0N7Wuy-e-IWkY3ZMEf9JLxTuDE9sxppqkMGh3b6za9RswSJ-31mKMqyuQhc6Y2OA-D6Z5u9dLIM7zNmgPBO7yHu-yE_TjDiUWGTJ4c-0KZ5nLwNIWDi8-peMs6lTbcGkN6CuqYMpUDWnHHM-HnGAiBO5v8WgaIQ4fbFYJV7OanvEkJds1bzjT9zLiqbC9UT1ao2011U5EXzJdBGg5hWZpAeROQI4kSOD7ywBwHPAAZuCB1XeM_iD3pmWPVQjn5Qykww8jvFvIOx9xxYkPkW49WTnlenOTIrFfoijhBliJciCvAqAqQWRLw6gFJ8fmyVBfYpvqdUYpwqycTpix6OoaLhfUstvYBjHStdt9oWUdHliTAdViuTHxVzM47wIQkOY2KIEAaOT-BhwrExQyypyG343NwT-FkYVgPy6VTWVER5V7qPZ27PgFblOwxxORoWtblDuykcgB5NAmuXJbUM1qhT8dbmSFNUx0JHyXbGaY2rpDul1dqZ91pv_pbneJXBhUVqN0lc7IRx2SuqYQHY2TP89aq0jzszHCd8zmC792JR5CxfXQTmw0cty-Gl-FVNXgxFxep0WAnMoGzXMl90y2oQ5sJo9umKNKnon0gp4U7C-2590oepxzjVV0rW-eozeRClTgPeaebjJaDmYrSUJOzPF_LKRGbXIlAqy9adKkwLpDEtXAy8qT2mhfOpM6eA3aelTSR4vnNgDSe884Bpkn_YgU18CPNcgTPuOiZIVA86lpn0P1tAhQYInLpq_B7UMr_S89FyUTVxVNb-jUv-cI0d8_TmggdsGEov4&cid=CAASBORoDcI&pr=63:0.2365344166447954
Requested by
Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/optad360.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.206.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f156.1e100.net
Software
cafe /
Resource Hash
069324895c2a40625e5287e5956f6197d9d57d3416db1880ea827be69db439da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
4764
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
1
serving.stat-rock.com/v1/log/js/ 		35 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1631234467255.3286&type=INIT&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fspadebook33&t=117&v=96&width=528&z=p%3Adf%3Bv%3AinView%3B&r=0.8370452984742351
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.217.114.174 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap10.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 00:41:07 GMT
srvf
95.217.114.174
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
1
serving.stat-rock.com/v1/log/js/ 		35 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1631234467255.3286&type=REQUEST&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fspadebook33&t=122&v=96&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.5592403379801643
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.217.114.174 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap10.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 00:41:07 GMT
srvf
95.217.114.174
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
389706
ad.mail.ru/vast/ Frame 87C7 		60 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/389706?pr=5869703&sc=2453591051&dl=moevideo.biz
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:07 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
389706
ad.mail.ru/vast/ Frame 87C7 		60 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/389706?pr=4482684&sc=2453591051&dl=https%3A%2F%2Fask.fm%2Fspadebook33
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:07 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
vast
stats.seedr.com/ Frame 87C7 		766 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.seedr.com/vast?gid=5a422ce95f366efa348b462b&sc=2453591051&pr=6884593
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.185.194.45 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
host45.seedr.ru
Software
nginx /
Resource Hash
b6d226b553d2c71ae08ba613555065baeb7f6870717e2c25cf544f22f991700e

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:07 GMT
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/xml; charset=utf-8
Access-Control-Allow-Origin
https://moevideo.biz
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, *
174627
ad.mail.ru/vast/ Frame 87C7 		61 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/174627?rand=1806834&sc=2453591051&dl=https%3A%2F%2Fask.fm%2Fspadebook33
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
db4857f9c629c7255011feed900ea424555f595daea63a20cb9d28f659024778

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:07 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
truncated
/ Frame C50E 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
ad
v.lkqd.net/ Frame CE53 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fspadebook33&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=25058049&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.184 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
b13f2b7e8fb211126ea79de91f437593e32a81cb9fe19336ebc6f63a8d9be88e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:07 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1358
60d0815c37670160b4539414.json
c.bannerflow.net/sfeeds/581701278d987c10bca61aed/ Frame C50E 		19 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/sfeeds/581701278d987c10bca61aed/60d0815c37670160b4539414.json
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/feed.72c1100847dd73ecbd0a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9b1f42d0a9b100d27138d26ebcacaff27ec31f617b67a209bfe8a3362124d54

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc57&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602466%3B3529837%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:07 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
53
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
public, max-age=600, stale-if-error=28800, stale-while-revalidate=28800
cf-ray
68c49bdd0b00fcad-VIE
request-context
appId=cid-v1:75ea8019-1544-4ba8-a6db-e73bdcff9d5b
1
serving.stat-rock.com/v1/log/js/ 		35 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1631234467255.3286&type=OPPORTUNITY&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fspadebook33&t=231&v=96&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.14905274916356892
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.217.114.174 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap10.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 00:41:07 GMT
srvf
95.217.114.174
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
font
c.bannerflow.net/fs/api/v2/ Frame C50E 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F581700858d987c12245d04b2%2F7b49bac3-4e85-4c34-b3ea-72a1852603f7.woff&t=%20%24%2C%2F012356%40ABCDEHINORSUZkmnortux%C2%A3%E2%82%AC%E2%82%B9
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc57&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602466%3B3529837%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5df35e3fd1bfa989bc9d40d5fbade2bfe0e7fb988075904e0466bf2f686e98cf

Request headers

Referer
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc57&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602466%3B3529837%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Origin
https://c.bannerflow.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:07 GMT
cf-cache-status
HIT
server
cloudflare
age
2774404
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=7b49bac3-4e85-4c34-b3ea-72a1852603f7-subset.woff
cf-ray
68c49bdd5b20fcad-VIE
expires
Mon, 08 Aug 2022 22:01:03 GMT
font
c.bannerflow.net/fs/api/v2/ Frame C50E 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F581700858d987c12245d04b2%2F8586c66f-7c84-4e0e-881c-e8dca530b008.woff&t=%20%26%27%2B.18%40ACEGKSTVacdeghijklmnoprstuvxy%7C%C3%A4%C3%A5%C3%BC%D8%A3%D8%A7%D8%A8%D8%AA%D8%AD%D8%B1%D8%B4%D8%B7%D9%82%D9%83%D9%84%D9%85%D9%88%E0%A4%82%E0%A4%94%E0%A4%97%E0%A4%A4%E0%A4%A8%E0%A4%AE%E0%A4%AF%E0%A4%B0%E0%A4%B2%E0%A4%B6%E0%A4%BE%E0%A4%BF%E0%A5%82%E0%A5%87%E0%A5%8D
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc57&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602466%3B3529837%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0f6c03cccecbac19d9d426c947fc96e3896a05a897a9954fca8e222cd894745

Request headers

Referer
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc57&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602466%3B3529837%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Origin
https://c.bannerflow.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:07 GMT
cf-cache-status
HIT
server
cloudflare
age
2638771
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=8586c66f-7c84-4e0e-881c-e8dca530b008-subset.woff
cf-ray
68c49bdd5b21fcad-VIE
expires
Wed, 10 Aug 2022 11:41:36 GMT
font
c.bannerflow.net/fs/api/v2/ Frame C50E 		4 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F581700858d987c12245d04b2%2F42eeb52d-4ab8-44ad-9b90-6a5b55a7192c.woff&t=%20%27%40ACDEGIJKLNORSTYetx%C3%96%D8%A5%D8%B6%D9%85%D9%86%E0%A4%82%E0%A4%95%E0%A4%9C%E0%A4%9F%E0%A4%B0%E0%A4%B8%E0%A4%BF%E0%A5%87%E0%A5%8D
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc57&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602466%3B3529837%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8687b424cb02389f232920f0d33849c3d8ac57bfe400c13f5e5aef0c8851a4b

Request headers

Referer
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a76f4256010b5f790cc57&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5602466%3B3529837%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fbetway.de%2Fbwp%2Fsports-welcome-mr-instinkt-soccer-de%2Fde-de%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Origin
https://c.bannerflow.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:07 GMT
cf-cache-status
HIT
server
cloudflare
age
2456088
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=42eeb52d-4ab8-44ad-9b90-6a5b55a7192c-subset.woff
cf-ray
68c49bdd5b22fcad-VIE
expires
Fri, 12 Aug 2022 14:26:19 GMT
file.mp4
r3---sn-4g5lznes.c.2mdn.net/videoplayback/id/a94f4d7b3fe25b13/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1662770467/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip...
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/a94f4d7b3fe25b13/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1662770467/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
  • https://r3---sn-4g5lznes.c.2mdn.net/videoplayback/id/a94f4d7b3fe25b13/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1662770467/sparams/acao,ctier,expire,id,ip,ipbits,ita...
2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r3---sn-4g5lznes.c.2mdn.net/videoplayback/id/a94f4d7b3fe25b13/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1662770467/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0FAA5CB4ACC4E7EA10558C68E04E7D9AB9691509.18CF61082C9CF5B6D65C3DA7169EA80EAE6C3C8B/key/cms1/cms_redirect/yes/mh/Tu/mip/2001:ac8:36:6:207::1/mm/42/mn/sn-4g5lznes/ms/onc/mt/1631233885/mv/u/mvi/3/pl/48/file/file.mp4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:10::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
2c95edb514059559d1aafd3345ece82176c76390deb4225914c4eafface4c3f5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:07 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 06 Aug 2020 18:00:03 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-2260355/2260356
Cache-Control
private, max-age=86400
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2260356
Expires
Fri, 10 Sep 2021 00:41:07 GMT

Redirect headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:07 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r3---sn-4g5lznes.c.2mdn.net/videoplayback/id/a94f4d7b3fe25b13/itag/342/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1662770467/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0FAA5CB4ACC4E7EA10558C68E04E7D9AB9691509.18CF61082C9CF5B6D65C3DA7169EA80EAE6C3C8B/key/cms1/cms_redirect/yes/mh/Tu/mip/2001:ac8:36:6:207::1/mm/42/mn/sn-4g5lznes/ms/onc/mt/1631233885/mv/u/mvi/3/pl/48/file/file.mp4
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
650
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vpaid.js
ad.lkqd.net/vpaid/ Frame 7775 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:07 GMT
content-encoding
gzip
last-modified
Mon, 10 May 2021 16:09:54 GMT
etag
"18431b5d583ab7507824ab63424fc76a"
x-hw
1631234467.cds017.fr8.hn,1631234467.cds107.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62012
optimize
c.bannerflow.net/io/api/image/ Frame A0DF 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetway%2F581701278d987c10bca61aed%2Fimages%2Fe56741f2-e1b9-4438-b2ab-ed263b2e70c2.png&w=104&h=90&q=90&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9811c1becea5c0c134342f37f302f4362f781675ae5e131f45e8a5434a97d2d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:07 GMT
cf-cache-status
HIT
api-supported-versions
2.0
age
31140
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
68c49bde7b9cfcad-VIE
content-length
3454
server
cloudflare
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
717f7a99-6bee-4744-a66c-3442b78fe3e7.svg
c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/images/ Frame A0DF 		27 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/images/717f7a99-6bee-4744-a66c-3442b78fe3e7.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1dd11385bf9a9e2e67c1107000d9e30010e95da3ef8b8c29b1b5c5071546595

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 Sep 2021 00:41:07 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
JDZegjfRvShKsHUH2G1lsg==
age
1551
x-ms-lease-status
unlocked
last-modified
Mon, 21 Jun 2021 11:53:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
b3116cad-a01e-0026-20a0-8ca53e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
cf-ray
68c49bde7b9ffcad-VIE
60247ad2-a231-4d4d-b281-7cee8fd1d189.svg
c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/images/ Frame A0DF 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/images/60247ad2-a231-4d4d-b281-7cee8fd1d189.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
115d3d222e948b73289c8180d4c821ae08feed8d7c3c62d7abff966e1f890bbb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 Sep 2021 00:41:07 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
7YVF1fdK2DQLVpofOPigCA==
age
1858
x-ms-lease-status
unlocked
last-modified
Wed, 02 Jun 2021 09:28:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
f921f526-e01e-0008-16a0-8cf729000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
cf-ray
68c49bde7ba0fcad-VIE
6E98B6.js
r.mradx.net/img/58/ Frame 87C7 		185 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r.mradx.net/img/58/6E98B6.js
Requested by
Host: ad.mail.ru
URL: https://ad.mail.ru/static/ads-async.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a00:1148:db00::28 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
7568bf67bec31079e13d3eea3a735e7cf5179c15d6deb65822ce6c9bd23df350

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:07 GMT
Content-Encoding
gzip
Last-Modified
Tue, 29 Jun 2021 07:24:19 GMT
Server
nginx
ETag
W/"60dacaa3-2e478"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Connection
keep-alive
Timing-Allow-Origin
*
Expires
Thu, 31 Dec 2037 23:55:55 GMT
9e2bc361-3646-41a4-a61c-2f9c8b372d9d.svg
c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/images/ Frame A0DF 		14 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/images/9e2bc361-3646-41a4-a61c-2f9c8b372d9d.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a566ae2a1e7934ac507ab1f3f7b34f7f7d4a2ecf6463c98cb1b2305e8efb19f1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 Sep 2021 00:41:07 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
z/n/saqDL/0Fn4YhkL3Dgg==
age
6329
x-ms-lease-status
unlocked
last-modified
Wed, 21 Jul 2021 11:46:34 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
fc06ed27-601e-004b-20a0-8c1175000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
cf-ray
68c49bdecbc6fcad-VIE
optimize
c.bannerflow.net/io/api/image/ Frame A10F 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetway%2F581701278d987c10bca61aed%2Fimages%2Ffa473745-880c-42d3-9470-5aed7b5ae848.png&w=136&h=135&q=90&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a59b390e99d47d3ca482d8700fdbd3020d14599032b754704d1db390e858d92

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:07 GMT
cf-cache-status
HIT
api-supported-versions
2.0
age
84332
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
68c49bdf0be2fcad-VIE
content-length
7692
server
cloudflare
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
AdServerServlet
vid.pubmatic.com/AdServer/ Frame CFE0 		27 B
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+7+9+1+0+1+1+1+6&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1631234465&us_privacy=&cb=1631234467111&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fask.fm%252Fspadebook33&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fask.fm%252Fspadebook33&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-9-10%200:41:7&ranreq=0.3613426708725287&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1631234465
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:07 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://ask.fm
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
content-type
application/xml; charset=utf-8
usync.html
ad.lkqd.net/cookie-sync/ Frame 9D1B 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 10 Sep 2021 00:41:07 GMT
content-encoding
gzip
content-length
1868
content-type
text/html
last-modified
Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges
bytes
etag
"81f08e6987a7c8675462207e3514d72e"
cache-control
public, max-age=1209600
x-hw
1631234467.cds017.fr8.hn,1631234467.cds226.fr8.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 7775 		51 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fspadebook33&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=25058049&m=&rtv=1&thost=ask.fm
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.184 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
d07d773625380e1710faf4d8711224be59bb7aa38e01c3137c21d6bb5d35df63

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 10 Sep 2021 00:41:07 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
3844
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fspadebook33&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=25058049&m=&rtv=1&thost=ask.fm
Protocol
H2
Server
146.20.132.184 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 00:41:07 GMT
content-length
0
access-control-allow-origin
https://ask.fm
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
nr-vpaid.min.js
cdn01.nativeroll.tv/js/ Frame D60E 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn01.nativeroll.tv/js/nr-vpaid.min.js
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:1d1:2801::14 Paris, France, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
61732724ef457a86cb694449dcd434f954d42a2b50d873a96745f1a7ebac7aca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
tp-up-gc11
date
Fri, 10 Sep 2021 00:41:07 GMT
content-encoding
gzip
last-modified
Tue, 07 Sep 2021 15:15:08 GMT
server
nginx
etag
W/"613781fc-33da"
vary
Accept-Encoding
x-cached-since
2021-09-09T22:42:00+00:00
content-type
application/javascript; charset=utf-8
cache-control
max-age=7200
cache
HIT
expires
Tue, 07 Sep 2021 18:33:55 GMT
track
aktrack.pubmatic.com/ Frame CFE0 		0
0
optimize
c.bannerflow.net/io/api/image/ Frame A10F 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetway%2F581701278d987c10bca61aed%2Fimages%2Ffa473745-880c-42d3-9470-5aed7b5ae848.png&w=136&h=135&q=90&f=webp&rt=contain
Requested by
Host:
URL: widget-8200efd6-b00e-4bba-85ac-159146eeebcd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a59b390e99d47d3ca482d8700fdbd3020d14599032b754704d1db390e858d92

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:07 GMT
cf-cache-status
HIT
api-supported-versions
2.0
age
84332
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
68c49bdfcc50fcad-VIE
content-length
7692
server
cloudflare
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
track
aktrack.pubmatic.com/ Frame 5D21 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156962&s=795650&a=3435608&ts=1631234466&wa=0&e=96&ier=901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.40.112.228 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-112-228.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:07 GMT
content-length
0
content-type
text/html
1
serving.stat-rock.com/v1/log/js/ 		35 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1631234467255.3286&type=LOADED&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fspadebook33&t=672&v=96&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.1727318192033518
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.217.114.174 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap10.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 00:41:07 GMT
srvf
95.217.114.174
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
storage.html
moe.video/ Frame BE5F 		18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moe.video/storage.html?v=08
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.106.12 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f41.moevideo.net
Software
nginx /
Resource Hash
55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Host
moe.video
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://moevideo.biz/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/

Response headers

Server
nginx
Date
Fri, 10 Sep 2021 00:41:08 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 30 Aug 2021 11:42:53 GMT
ETag
W/"612cc43d-4783"
X-My-Name
s26
X-My-Reqtime
0.086
X-B-Name
f41
Content-Encoding
gzip
cs
cs-0.moevideo.biz/ssp/ Frame 87C7
Redirect Chain
  • https://moevideo-sync.rutarget.ru/sync
  • https://cs-0.moevideo.biz/ssp/cs?d=1&b=0tg3WBmcLP5q
36 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-0.moevideo.biz/ssp/cs?d=1&b=0tg3WBmcLP5q
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.145 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f49.moevideo.net
Software
nginx /
Resource Hash
9b33810d308f761a076f7d2ddd720839b719bee12e8082e42b3d2042b5041090

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 10 Sep 2021 00:41:08 GMT
Server
nginx
Connection
keep-alive
Content-Length
36
Content-Type
image/gif

Redirect headers

Location
https://cs-0.moevideo.biz/ssp/cs?d=1&b=0tg3WBmcLP5q
Date
Fri, 10 Sep 2021 00:41:08 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
match
dm.hybrid.ai/ Frame 87C7 		0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=117
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.21 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:07 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
101
x-xss-protection
1; mode=block
expires
-1
moevideo
px.adhigh.net/p/cm/ Frame 87C7
Redirect Chain
  • https://px.adhigh.net/p/cm/moevideo?u=186662e8883042b41dc9
  • https://px.adhigh.net/p/cm/moevideo?u=186662e8883042b41dc9&bounced=1
49 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.adhigh.net/p/cm/moevideo?u=186662e8883042b41dc9&bounced=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.232.148.151 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:08 GMT
server
nginx
x-backend-id
f12-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-type
image/gif
content-length
49
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:07 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f12-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://px.adhigh.net/p/cm/moevideo?u=186662e8883042b41dc9&bounced=1
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
sync.bumlam.com/ Frame 87C7
Redirect Chain
  • https://sync.bumlam.com/?src=moe2&uid=186662e8883042b41dc9
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABij0-qJBlIFst3qqQtiFDE4NjY2MmU4ODgzMDQyYjQxZGM5
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARij0-qJBlIFst3qqQtiFDE4NjY2MmU4ODgzMDQyYjQxZGM5ogEQyaH__BHPEeyG4AAlkMBkfA**
  • https://sync.bumlam.com/?src=moe2&s_data=CAIQABij0-qJBmIUMTg2NjYyZTg4ODMwNDJiNDFkYzmiARDJof_8Ec8R7IbgACWQwGR8
  • https://sync.bumlam.com/?src=moe2&s_data=CAIQARij0-qJBmIUMTg2NjYyZTg4ODMwNDJiNDFkYzmiARDJof_8Ec8R7IbgACWQwGR8
43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bumlam.com/?src=moe2&s_data=CAIQARij0-qJBmIUMTg2NjYyZTg4ODMwNDJiNDFkYzmiARDJof_8Ec8R7IbgACWQwGR8
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
31.172.81.159 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:08 GMT
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date
Fri, 10 Sep 2021 00:41:08 GMT
Server
nginx
ETag
c9a1fffc-11cf-11ec-86e0-002590c0647c
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
//sync.bumlam.com/?src=moe2&s_data=CAIQARij0-qJBmIUMTg2NjYyZTg4ODMwNDJiNDFkYzmiARDJof_8Ec8R7IbgACWQwGR8
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
cs
cs-0.moevideo.biz/ssp/ Frame 87C7
Redirect Chain
  • https://mitdmp.whiteboxdigital.ru/pixel?source=moevideo&id=186662e8883042b41dc9&redirect=true&href=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D51%26b%3D%7Buid%7D
  • https://e4a0d02b-0984-4d99-85c4-cbdbc56f9ab8.mitdmp.whiteboxdigital.ru/redirect?miid=e4a0d02b-0984-4d99-85c4-cbdbc56f9ab8&href=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D51%26b%3De4a0d02b-098...
  • https://cs-0.moevideo.biz/ssp/cs?d=51&b=e4a0d02b-0984-4d99-85c4-cbdbc56f9ab8
36 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-0.moevideo.biz/ssp/cs?d=51&b=e4a0d02b-0984-4d99-85c4-cbdbc56f9ab8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.145 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f49.moevideo.net
Software
nginx /
Resource Hash
9b33810d308f761a076f7d2ddd720839b719bee12e8082e42b3d2042b5041090

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 10 Sep 2021 00:41:08 GMT
Server
nginx
Connection
keep-alive
Content-Length
36
Content-Type
image/gif

Redirect headers

Date
Fri, 10 Sep 2021 00:41:08 GMT
Server
nginx/1.21.0
Location
https://cs-0.moevideo.biz/ssp/cs?d=51&b=e4a0d02b-0984-4d99-85c4-cbdbc56f9ab8
Access-Control-Max-Age
3628800
Access-Control-Allow-Methods
GET, DELETE, OPTIONS, POST, PUT
Access-Control-Allow-Origin
Access-Control-Expose-Headers
Content-Length,Content-Range
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
Content-Length
0
rle.cgi
ad.adriver.ru/cgi-bin/ Frame 87C7 		42 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=719570&bt=21&bn=719570
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.108.39 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:07 GMT
Transfer-Encoding
chunked
P3P
policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection
keep-alive
Content-Type
image/gif
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cs
cs-0.moevideo.biz/ssp/ Frame 87C7
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/redirect/moevideo?redirect_url=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D81%26b%3D%24%7BUUID%7D
  • https://cs-0.moevideo.biz/ssp/cs?d=81&b=a0dc1d96-75d4-44ca-65bc-865fe3406601
36 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-0.moevideo.biz/ssp/cs?d=81&b=a0dc1d96-75d4-44ca-65bc-865fe3406601
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.145 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f49.moevideo.net
Software
nginx /
Resource Hash
9b33810d308f761a076f7d2ddd720839b719bee12e8082e42b3d2042b5041090

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 10 Sep 2021 00:41:08 GMT
Server
nginx
Connection
keep-alive
Content-Length
36
Content-Type
image/gif

Redirect headers

location
https://cs-0.moevideo.biz/ssp/cs?d=81&b=a0dc1d96-75d4-44ca-65bc-865fe3406601
date
Fri, 10 Sep 2021 00:41:07 GMT
server
nginx
content-length
115
serverid
TODO
content-type
text/html; charset=utf-8
cs
cs-0.moevideo.biz/ssp/ Frame 87C7
Redirect Chain
  • https://sync.upravel.com/moevideo/sync
  • https://sync.upravel.com/moevideo/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9tb2V2aWRlby5iaXovIl19fQ
  • https://9a7eb090-76c1-4547-a6f7-d6139ca6932c.sync.upravel.com/moevideo/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9tb2V2aWRlby5iaXovIiwiaHR0cHM6Ly9tb2V2aWRlby5iaXovIl19fQ
  • https://cs-0.moevideo.biz/ssp/cs?d=91&b=9a7eb090-76c1-4547-a6f7-d6139ca6932c
36 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-0.moevideo.biz/ssp/cs?d=91&b=9a7eb090-76c1-4547-a6f7-d6139ca6932c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.145 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f49.moevideo.net
Software
nginx /
Resource Hash
9b33810d308f761a076f7d2ddd720839b719bee12e8082e42b3d2042b5041090

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 10 Sep 2021 00:41:08 GMT
Server
nginx
Connection
keep-alive
Content-Length
36
Content-Type
image/gif

Redirect headers

date
Fri, 10 Sep 2021 00:41:08 GMT
server
nginx
location
https://cs-0.moevideo.biz/ssp/cs?d=91&b=9a7eb090-76c1-4547-a6f7-d6139ca6932c
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
false
content-type
image/png
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
0
JanqCNShRdiPRjJLRo2adQ
an.yandex.ru/setud/mts_banner/ Frame 87C7
Redirect Chain
  • https://sm.rtb.mts.ru/p?ssp=moevideo&id=186662e8883042b41dc9
  • https://sm.rtb.mts.ru/match/second?ssp=moevideo&exu=186662e8883042b41dc9
  • https://tech.rtb.mts.ru/?dsp_uid=25a9ea08-d4a1-45d8-8f46-324b468d9a75&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FJanqCNShRdiPRjJLRo2adQ%3Fsign%3D3331683762
  • https://an.yandex.ru/setud/mts_banner/JanqCNShRdiPRjJLRo2adQ?sign=3331683762
43 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/setud/mts_banner/JanqCNShRdiPRjJLRo2adQ?sign=3331683762
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:08 GMT
content-encoding
gzip
last-modified
Fri, 10 Sep 2021 00:41:08 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=windows-1251
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 10 Sep 2021 00:41:08 GMT

Redirect headers

Date
Fri, 10 Sep 2021 00:41:08 GMT
Server
nginx/1.13.12
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=utf-8
Location
https://an.yandex.ru/setud/mts_banner/JanqCNShRdiPRjJLRo2adQ?sign=3331683762
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
moevideo
sync.dmp.otm-r.com/match/ Frame 87C7 		0
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.dmp.otm-r.com/match/moevideo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.152.110 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.110.152.201.195.clients.your-server.de
Software
nginx/1.17.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 10 Sep 2021 00:41:07 GMT
server
nginx/1.17.6
myvideo-sync
rtb.com.ru/ Frame 87C7 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.com.ru/myvideo-sync?uid=186662e8883042b41dc9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
83.222.114.186 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:08 GMT
Cache-Control
max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
Server
nginx/1.18.0
Connection
keep-alive
P3p
CP="rtb.com.ru does not have a P3P policy"
match
ads.betweendigital.com/ Frame 87C7 		0
0
collect
dx.frontend.weborama.com/ Frame 87C7
Redirect Chain
  • https://dx.frontend.weborama.com/collect?touchpoint=0&url=https%3A//moevideo.biz/embed/vpaid%3Ftoken%3DBgKKYfpisL2DMd60%252Brsy9hRFCVVeHrUxvTQR747gOTh62fsQrHV4Nibe3I84mXOk%26ref%3Dviads-ask.fm%26ti...
  • https://dx.frontend.weborama.com/collect?touchpoint=0&url=https%3A%2F%2Fmoevideo.biz%2Fembed%2Fvpaid%3Ftoken%3DBgKKYfpisL2DMd60%252Brsy9hRFCVVeHrUxvTQR747gOTh62fsQrHV4Nibe3I84mXOk%26ref%3Dviads-ask...
  • https://rd.frontend.weborama.fr/rd?key=wamsync&url=https%3A%2F%2Fdx.frontend.weborama.com%2Fcollect%3Fdsp_id%3D0%26eid%3D%7BWEBO_ID%7D
  • https://dx.frontend.weborama.com/collect?dsp_id=0&eid=wGFzK0v6cljA
0
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dx.frontend.weborama.com/collect?dsp_id=0&eid=wGFzK0v6cljA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.80.102 -, , ASN (),
Reverse DNS
Software
nginx/1.12.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:08 GMT
via
1.1 google
last-modified
Fri, 10 Sep 2021 00:41:08 GMT
server
nginx/1.12.0
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
clear
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:08 GMT
via
1.1 google
last-modified
Fri, 10 Sep 2021 00:41:08 GMT
server
nginx/1.12.0
location
https://dx.frontend.weborama.com/collect?dsp_id=0&eid=wGFzK0v6cljA
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
clear
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
json.cgi
ad.adriver.ru/cgi-bin/ Frame 87C7 		385 B
1023 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.adriver.ru/cgi-bin/json.cgi?sid=1&ad=719473&bt=55&pid=3198680&bid=7189165&bn=7189165&custom=300=0;301=0;302=0;303=unavail;304=0;305=186662e8883042b41dc9;306=;307=;308=0;309=0
Requested by
Host: content.adriver.ru
URL: https://content.adriver.ru/banners/0007207/0007207973/0/AdRiverFPS_MV.js?id1=186662e8883042b41dc9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.108.39 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
e90de518fa38d9bc006ecf7a2f1c5f61b712bdd7c22bd9d7676ca68c2e40a2c6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/embed/vpaid?token=BgKKYfpisL2DMd60%2Brsy9hRFCVVeHrUxvTQR747gOTh62fsQrHV4Nibe3I84mXOk&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fspadebook33&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:07 GMT
Transfer-Encoding
chunked
P3P
policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Access-Control-Allow-Origin
https://moevideo.biz
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Expires
Thu, 01 Jan 1970 00:00:00 GMT
48953915
mc.yandex.com/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=2&wv-hit=511849672&page-url=https%3A%2F%2Fask.fm%2Fspadebook33&rn=776620761&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1631234468%3Aw%3A1600x1200%3Av%3A631%3Az%3A0%3Ai%3A202109010004107%3Au%3A1631234463427757091%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1631234468
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:07 GMT
last-modified
Fri, 10-Sep-2021 00:41:07 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 10-Sep-2021 00:41:07 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52f714c3f78011bc97493a37219e75e9edf220b7e9de5e7c3f40d6644c7a3232

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		674 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a59e8d8491b501831dd2cb45a4ef16eb2aa3c8c52a80d185d39e257917472bd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
1
serving.stat-rock.com/v1/log/js/ 		35 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1631234467255.3286&type=STARTED&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=VAST&u=https%3A%2F%2Fask.fm%2Fspadebook33&t=748&v=96&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.42297409017380416
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.217.114.174 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap10.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 00:41:07 GMT
srvf
95.217.114.174
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
1
serving.stat-rock.com/v1/log/js/ 		35 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1631234467255.3286&type=IMPRESSION&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fspadebook33&t=749&v=96&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.13546542093075375
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.217.114.174 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap10.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 00:41:07 GMT
srvf
95.217.114.174
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
/
adx.adform.net/adx/ssp/imp/ 		35 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adx.adform.net/adx/ssp/imp/?data=7TnbnHB7PJ0V5SNsbefc4_IGAzb8dUYJgds5ewra8_q1k8yWv930JJWWQIVCwURCCLpofqeeD2bPul1yb6uyH9EJ7bsu3PaB5pd6WfcFaSBnVBZwGCiPYaQcJ-SQK2rb8aJKUUMD9MvkeHap14LOufC4d2AWayshmSHZ9ZqqCO-hGhRGtORGmw2&adxvars=ia3rUCbFu7UE2Efb994J9DCEqHrBWcQGTbZtbFPppUlWft3OUgzq9HHuB2Ai5n1E6WJncinS6OA4yTltxGuHaXWbIzjnN-0UlSMxHgTp7ZPDg57qTGWLakYpEAjq9GzhDMr03kbOlxj7LmWsAdxPExb7_CQR5ZLGHNKKbxrZHQu3MYyxo2PQgam4z6nvQ6UjZ1Zfxj8CP-qHIY-QSVMd3Q2&ord=114252
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:07 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
expires
-1
sync
odr.mookie1.com/t/v2/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adform
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=fdbbf0d3-14c9-4e18-beb2-1f263514daae&ssp=adform&gdpr=&gdpr_consent=
43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=fdbbf0d3-14c9-4e18-beb2-1f263514daae&ssp=adform&gdpr=&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:07 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=fdbbf0d3-14c9-4e18-beb2-1f263514daae&ssp=adform&gdpr=&gdpr_consent=
date
Fri, 10 Sep 2021 00:41:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.adform.net/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID
  • https://cm.adform.net/pixel?adform_pid=16&adform_pc=8753280251054543738
43 B
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=16&adform_pc=8753280251054543738
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:07 GMT
last-modified
Wed, 10 Apr 2019 11:14:34 GMT
server
nginx
accept-ranges
bytes
etag
"5cadd01a-2b"
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:07 GMT
X-Proxy-Origin
194.36.108.19; 194.36.108.19; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
f3d40926-4d56-4369-a20f-fd807ebb9e0b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.adform.net/pixel?adform_pid=16&adform_pc=8753280251054543738
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.adform.net/
Redirect Chain
  • https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID
  • https://cm.adform.net/pixel?adform_pid=18&adform_pc=4bfa5bea-ada0-4b38-9394-38ebb8b06147
43 B
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=18&adform_pc=4bfa5bea-ada0-4b38-9394-38ebb8b06147
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:08 GMT
last-modified
Wed, 10 Apr 2019 11:14:34 GMT
server
nginx
accept-ranges
bytes
etag
"5cadd01a-2b"
content-length
43
content-type
image/gif

Redirect headers

Location
https://cm.adform.net/pixel?adform_pid=18&adform_pc=4bfa5bea-ada0-4b38-9394-38ebb8b06147
Date
Fri, 10 Sep 2021 00:41:08 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
view
googleads4.g.doubleclick.net/pcs/ 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvIYnbS6bXeFEsLcD98_l7mkcrPMY893n3Oy8XefZuFkLL4hIUQ8n5Ndnt1VbHEZqHVKln52KxXagOFz5HUZOCxONDwzSZTXL1538Aea700o6tRifTXe3Xew-VNj0mv9p3b2cdPyrsvFphGeg7HumQ_G8paaQtzQWejICuzkbq0ccsWawQKJwoikuQOG8TrcyYRfBX_M_LixP2KMXFtVCfrm0-AHCcDhRYU6FCkOfS7t57ePvCbrp_SvnqWGsomVb_Ple0qtJWXCQ8SpeA5xGXe2o4TiL0k5rcvNEHZmPZCt077e2m1Op809noOH42MVPlt7xJYJ_HKXq4C7zGY3z4AQ9NqVdP97-Kfsn9fcg9Vmt4vdBMz7mQi50fR5wcpQwZEBxCUJOGgRGEby0tCqLZB65A3fhW28Y-WiDgPVAWDp9oT3i3-Zji0lrO0FiUCEEDxsyleWyKOr4unDLg-W7dApJbWSAo2PneAzfYc4Wio16AwCj7UMj3ySAj51jSBKlqBiALoGKqAJAqqdVBhKIdWMFU7PMkTxHBhlkfNwnthh1Z8iJZ2UZfSyjDI_LE0lFWaQhUeBVQB8Xx8fGjcQCJguSgMrCNtnn_JtoM8G015Ugv1TN9lvGBG19-WLnRUY7retpFFgVrxJkWXTgHv677Lv8JSJuZw2TYo5JvNjfHVSOrJd_KSZmhe6TKtWtr9V1EaqevDMr26pUnK9uVFGDZ9GgKutzMcxpXrdVACEi0tPPNMN8y9i3fwdipCR0DxmfdplWX6TsBBOg0RXc8NBWf-GkeO77-occNbAXrLqAyLliNx9ujC1AXG2V2scx2pDwPZp_9mDwkfiZctewdwTe2bodgDJTo0ts1z6VcWtrWsELg9HdZ9ivfjaITsdGbF1OAft1G3IItfaZmCC2yxLNrRTnSJYiYe00_DKz9SRF8DpVpkVfvuay7M5d5uDsWwQpJqYXRDY91aA_BiJjNISMdYbFdQcf9p1LqYYrJZ7kpaaudq0FwRt1fxg7xX1cYTgMsBYd7snQYI9HeSe9TOkBIMwhg&sai=AMfl-YQQQc5fpxCk5cYv-g2lBhp8j82DSF-_OfaCzBLCHHZZbnV_9J_Yj8gVED-Qn5smDhrriE2yOveG8lCVNLYWgJ9ft7SQv8VN2Ku3gj0LIxGFUxe9J1lzKNSE7bG-bDJ6gj3U&sig=Cg0ArKJSzGlNWRRrRDIEEAE&pr=63:0.2365344166447954&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.178.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
par21s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Fri, 10 Sep 2021 00:41:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
/
cm.adsafety.net/
Redirect Chain
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-8yQIQ78_RAhj1l86BASABMAE&v=APEucNW-77h5rpISeBGvHZ3odt_mPyL8t-6XtEaUKYqFtgZYJXDBI-soX-Eabj6w92flk81WQK7rUuJ-Bbx8aiRA4yqdMQ-biGLJKULEL2v7YHKJTc0NBL8
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm&gdpr=0
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&gdpr=0&google_gid=CAESEDCVdkH8rw5N8YZu0v1Vnls&google_cver=1
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEDCVdkH8rw5N8YZu0v1Vnls&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=eba40a42daeed875f81f00393d985604&uid=eba40a42daeed875f81f00393d985...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1
  • https://cm.adsafety.net/?_cmsrc=ttdx&idt=100&did=be919faa-1a75-4dee-97fe-3f0e168429c9
  • https://tags.adsafety.net/v1/cm?cm_uid=CM1202109100050d000ad72cbf43e974&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Ddefault%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D
  • https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=default&idt=100&did=eba40a42daeed875f81f00393d985604
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=default&idt=100&did=eba40a42daeed875f81f00393d985604
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.82.217.103 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:08 GMT
Last-Modified
Fri, 10 Sep 2021 00:41:08 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection
keep-alive
Expires
Mon, 28 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:08 GMT
Last-Modified
Fri, 10 Sep 2021 00:41:08 GMT
Server
nginx
Location
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=default&idt=100&did=eba40a42daeed875f81f00393d985604
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
post-check=0, pre-check=0
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
t
t.lkqd.net/ Frame E688 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 00:41:08 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 00:41:07 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
cs
cs.lkqd.net/ Frame 9D1B 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:08 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 9D1B 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:07 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 9D1B 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:07 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 9D1B 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:07 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 9D1B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8632571902530157938
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8632571902530157938
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:07 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8632571902530157938
pragma
no-cache
date
Fri, 10 Sep 2021 00:41:07 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
nr-player.min.js
cdn01.nativeroll.tv/js/ Frame 0FE6 		529 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn01.nativeroll.tv/js/nr-player.min.js
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-vpaid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:1d1:2801::14 Paris, France, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1e51fd15944329fa0576ec339cc9071c33ce181e029f486625273f41cc4db361

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
tp-up-gc11
date
Fri, 10 Sep 2021 00:41:07 GMT
content-encoding
gzip
last-modified
Tue, 07 Sep 2021 15:15:08 GMT
server
nginx
etag
W/"613781fc-84255"
vary
Accept-Encoding
x-cached-since
2021-09-09T23:21:34+00:00
content-type
application/javascript; charset=utf-8
cache-control
max-age=7200
cache
HIT
expires
Tue, 07 Sep 2021 17:18:35 GMT
/
adx.adform.net/adx/ 		65 B
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fask.fm%2Fspadebook33
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:08 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
av
vidoomy-d.openx.net/v/1.0/ 		48 B
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fask.fm%2Fspadebook33&cb=902430783&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C8388339269820740594311446191,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.215.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:08 GMT
content-encoding
gzip
server
OXGW/16.215.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ask.fm
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
adx.adform.net/adx/ 		65 B
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&url=https%3A%2F%2Fask.fm%2Fspadebook33&t=2
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:08 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=
ads.adaptv.advertising.com/a/h/ 		249 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1799153511&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.69.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-69-184.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=
ads.adaptv.advertising.com/a/h/ 		249 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=429932227&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.69.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-69-184.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=
ads.adaptv.advertising.com/a/h/ 		249 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=1400867843&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov&pi.width=400&pi.height=225&pi.viewable=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.69.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-69-184.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
/
onetag-sys.com/usync/ Frame 8FBE 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1631234466945
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?cb=1631234466945
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ask.fm/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
/
onetag-sys.com/usync/ Frame F14A 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1631234464029
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?cb=1631234464029
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ask.fm/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
apacdex
sync.quantumdex.io/usersync/ Frame 6CE5 		3 KB
999 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:397e -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
05159a7a284bf9a29bfa3731f08c49fab429d4ee95646141036a61dc5833bd90

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/apacdex
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ask.fm/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

date
Fri, 10 Sep 2021 00:41:08 GMT
content-type
text/html
set-cookie
uid=826d07eb-0cf2-4cbb-83e4-4066639efae4; expires=Thu, 30 Sep 2021 00:41:08 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
68c49be189df38b1-VIE
content-encoding
gzip
ixmatch.html
js-sec.indexww.com/um/ Frame 560A 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.149.105 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ask.fm/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Fri, 10 Sep 2021 00:41:08 GMT
Connection
keep-alive
async_usersync.html
acdn.adnxs.com/dmp/ Frame 7F9C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.149.30 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-149-30.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ask.fm/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=8753280251054543738; icu=ChgI_t1aEAoYASABKAEwo9PqiQY4AUABSAEKGAibu10QChgBIAEoATCg0-qJBjgBQAFIARCj0-qJBhgB
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Content-Type
text/html
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Sat, 11 Sep 2021 00:41:10 GMT
Date
Fri, 10 Sep 2021 00:41:08 GMT
Connection
keep-alive
Vary
Accept-Encoding
connectmyusers.php
cdn.connectad.io/ Frame 982A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
cdn.connectad.io
:scheme
https
:path
/connectmyusers.php?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ask.fm/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

date
Fri, 10 Sep 2021 00:41:08 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
referrer-policy
same-origin
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
68c49be14cc00fa2-VIE
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
async_usersync.html
acdn.adnxs.com/dmp/ Frame 11E8 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.149.30 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-149-30.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ask.fm/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=8753280251054543738; icu=ChgI_t1aEAoYASABKAEwo9PqiQY4AUABSAEKGAibu10QChgBIAEoATCg0-qJBjgBQAFIARCj0-qJBhgB
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Content-Type
text/html
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Sat, 11 Sep 2021 00:41:10 GMT
Date
Fri, 10 Sep 2021 00:41:08 GMT
Connection
keep-alive
Vary
Accept-Encoding
/
onetag-sys.com/usync/ 		0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?tag=img
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
setuid
prebid.a-mo.net/
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da6a6222a-a3e4-446e-bf5f-3b3a0c811550%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da6a6222a-a3e4-446e-bf5f-3b3a0c811550%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://prebid.a-mo.net/setuid?A=a6a6222a-a3e4-446e-bf5f-3b3a0c811550&D=&bidder=sovrn&uid=297cb7d52fd12dc67047e5d2
0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=a6a6222a-a3e4-446e-bf5f-3b3a0c811550&D=&bidder=sovrn&uid=297cb7d52fd12dc67047e5d2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:07 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Date
Fri, 10 Sep 2021 00:41:08 GMT
Server
nginx
Location
https://prebid.a-mo.net/setuid?A=a6a6222a-a3e4-446e-bf5f-3b3a0c811550&D=&bidder=sovrn&uid=297cb7d52fd12dc67047e5d2
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
prebid.a-mo.net/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da6a6222a-a3e4-446e-bf5f-3b3a0c811550%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=a6a6222a-a3e4-446e-bf5f-3b3a0c811550&D=&bidder=appnexus&uid=8753280251054543738
0
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=a6a6222a-a3e4-446e-bf5f-3b3a0c811550&D=&bidder=appnexus&uid=8753280251054543738
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:08 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:08 GMT
X-Proxy-Origin
194.36.108.19; 194.36.108.19; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
b4d2acc2-eb7a-4602-b8fe-a1dd8bdb5d3d
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://prebid.a-mo.net/setuid?A=a6a6222a-a3e4-446e-bf5f-3b3a0c811550&D=&bidder=appnexus&uid=8753280251054543738
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
prebid.a-mo.net/
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da6a6222a-a3e4-446e-bf5f-3b3a0c811550%26D%3D%26bidder%3Dindex_rtb%26uid%3D
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da6a6222a-a3e4-446e-bf5f-3b3a0c811550%26D%3D%26bidder%3Dindex_rtb%26uid%3D&s=191503&C=1
  • https://prebid.a-mo.net/setuid?A=a6a6222a-a3e4-446e-bf5f-3b3a0c811550&D=&bidder=index_rtb&uid=YTqppCCJJMbXm4CAFDxZgQAA%261139
0
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=a6a6222a-a3e4-446e-bf5f-3b3a0c811550&D=&bidder=index_rtb&uid=YTqppCCJJMbXm4CAFDxZgQAA%261139
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:07 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:08 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://prebid.a-mo.net/setuid?A=a6a6222a-a3e4-446e-bf5f-3b3a0c811550&D=&bidder=index_rtb&uid=YTqppCCJJMbXm4CAFDxZgQAA%261139
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
321
Expires
Fri, 10 Sep 2021 00:41:08 GMT
setuid
prebid.a-mo.net/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da6a6222a-a3e4-446e-bf5f-3b3a0c811550%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID
  • https://prebid.a-mo.net/setuid?A=a6a6222a-a3e4-446e-bf5f-3b3a0c811550&D=&bidder=pubmatic&uid=99B50716-645B-4619-885E-FF6900806EF8
0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=a6a6222a-a3e4-446e-bf5f-3b3a0c811550&D=&bidder=pubmatic&uid=99B50716-645B-4619-885E-FF6900806EF8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:08 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=a6a6222a-a3e4-446e-bf5f-3b3a0c811550&D=&bidder=pubmatic&uid=99B50716-645B-4619-885E-FF6900806EF8
date
Fri, 10 Sep 2021 00:41:06 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
verizon_video
prebid.a-mo.net/setuid/
Redirect Chain
  • https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=a6a6222a-a3e4-446e-bf5f-3b3a0c811550
  • https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=a6a6222a-a3e4-446e-bf5f-3b3a0c811550&verify=true
  • https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=a6a6222a-a3e4-446e-bf5f-3b3a0c811550&apid=UPc9a4413e-11cf-11ec-ae6d-06efd8582e12
  • https://prebid.a-mo.net/setuid/verizon_video?uid=UPc9a4413e-11cf-11ec-ae6d-06efd8582e12&gdpr=0&gdpr_consent=
0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/verizon_video?uid=UPc9a4413e-11cf-11ec-ae6d-06efd8582e12&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:07 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Date
Fri, 10 Sep 2021 00:41:08 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://prebid.a-mo.net/setuid/verizon_video?uid=UPc9a4413e-11cf-11ec-ae6d-06efd8582e12&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
1
serving.stat-rock.com/v1/log/js/ 		35 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1631234467255.3286&type=VIEWED_0&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&typeA=PRE&contentTypeA=VIDEO&u=https%3A%2F%2Fask.fm%2Fspadebook33&t=858&v=96&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.37007452032857047
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.217.114.174 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap10.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 00:41:08 GMT
srvf
95.217.114.174
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
dc_oe=ChMIrbTj95Xz8gIVS4JRCh1eAw4PEAAYACCA9OpAQhMIjaDM95Xz8gIVD2MbCh0DBQbo;met=1;ecn1=1;etm1=0;eid1=11;
ade.googlesyndication.com/ddm/activity/ 		42 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIrbTj95Xz8gIVS4JRCh1eAw4PEAAYACCA9OpAQhMIjaDM95Xz8gIVD2MbCh0DBQbo;met=1;ecn1=1;etm1=0;eid1=11;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.75.226 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ Frame 0FE6 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:80f::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
1415
date
Fri, 10 Sep 2021 00:17:33 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Fri, 10 Sep 2021 02:17:33 GMT
nr-box.html
cdn01.nativeroll.tv/js/ Frame 4079 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn01.nativeroll.tv/js/nr-box.html?origin=https%3A%2F%2Fmoevideo.biz
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:1d1:2801::14 Paris, France, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
c36bd2f4afb43865bb873b30ed3b159548b48ae96f577726fc76a94f624283a5

Request headers

:method
GET
:authority
cdn01.nativeroll.tv
:scheme
https
:path
/js/nr-box.html?origin=https%3A%2F%2Fmoevideo.biz
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://moevideo.biz/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/

Response headers

server
nginx
date
Fri, 10 Sep 2021 00:41:08 GMT
content-type
text/html; charset=utf-8
last-modified
Tue, 07 Sep 2021 15:15:08 GMT
vary
Accept-Encoding
etag
W/"613781fc-1b73"
cache
HIT
x-cached-since
2021-09-07T15:37:13+00:00
x-id
tp-up-gc11
content-encoding
gzip
hosts.json
cdn02.nativeroll.tv/player/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn02.nativeroll.tv/player/hosts.json
Protocol
H2
Server
2a03:90c0:1d1:2801::14 Paris, France, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
cache-control
Origin
https://moevideo.biz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 00:41:08 GMT
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Content-Encoding,Content-Range,Content-Length
access-control-expose-headers
Content-Encoding,Content-Range,Content-Length
access-control-max-age
1728000
access-control-allow-origin
https://moevideo.biz
x-id
tp-up-gc13
hosts.json
cdn02.nativeroll.tv/player/ Frame 0FE6 		301 B
617 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn02.nativeroll.tv/player/hosts.json
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:1d1:2801::14 Paris, France, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
b92087c8f2dbb941e624d2403cf39e049a9d75d62859df03ddda63bfdbda182c

Request headers

cache-control
no-cache
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
tp-up-gc12
date
Fri, 10 Sep 2021 00:41:08 GMT
content-encoding
gzip
last-modified
Thu, 25 Feb 2021 15:02:35 GMT
server
nginx
etag
W/"6037bc0b-12d"
x-cached-since
2021-09-06T19:41:19+00:00
content-type
application/json
access-control-allow-origin
https://moevideo.biz
access-control-expose-headers
Content-Encoding,Content-Range,Content-Length
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Content-Encoding,Content-Range,Content-Length
cache
HIT
286714873
www.tns-counter.ru/V13b****nativeroll_tv/ru/UTF-8/tmsec=nativeroll_total/ Frame 0FE6
Redirect Chain
  • https://www.tns-counter.ru/V13a****nativeroll_tv/ru/UTF-8/tmsec=nativeroll_total/286714873
  • https://www.tns-counter.ru/V13b****nativeroll_tv/ru/UTF-8/tmsec=nativeroll_total/286714873
43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tns-counter.ru/V13b****nativeroll_tv/ru/UTF-8/tmsec=nativeroll_total/286714873
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=BgKKYfpisL2DMd60%2Brsy9hRFCVVeHrUxvTQR747gOTh62fsQrHV4Nibe3I84mXOk&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fspadebook33&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:6d0:4001::226 -, , ASN (),
Reverse DNS
Software
ms-counter-3.2.9/1.20.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:08 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
ms-counter-3.2.9/1.20.1
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:08 GMT
server
ms-counter-3.2.9/1.20.1
strict-transport-security
max-age=2678400
content-type
image/gif
location
https://www.tns-counter.ru/V13b****nativeroll_tv/ru/UTF-8/tmsec=nativeroll_total/286714873
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
vkAuth.html
ad.mail.ru/dist/ Frame 6723 		523 B
802 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/dist/vkAuth.html
Requested by
Host: r.mradx.net
URL: https://r.mradx.net/img/58/6E98B6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
ed75109404e5ed7750f964bfe12245ad0d67cd4fb6d2d4138ee094d322477c82

Request headers

Host
ad.mail.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://moevideo.biz/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/

Response headers

Server
nginx
Date
Fri, 10 Sep 2021 00:41:08 GMT
Content-Type
text/html;charset=UTF-8
Content-Length
523
Connection
keep-alive
Expires
Fri, 10 Sep 2021 00:51:08 GMT
Cache-Control
max-age=600
Access-Control-Allow-Origin
*
Timing-Allow-Origin
*
/
ad.mail.ru/adq/ Frame 87C7 		83 B
450 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/adq/?callback=mailru_ad1631234468158&q=199847&vk=0&_=885773115
Requested by
Host: r.mradx.net
URL: https://r.mradx.net/img/58/6E98B6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
2fc0743b79d614f1feb1930e0926dcef3cab9fbb094969875b576aaa5f5d19b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/embed/vpaid?token=BgKKYfpisL2DMd60%2Brsy9hRFCVVeHrUxvTQR747gOTh62fsQrHV4Nibe3I84mXOk&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fspadebook33&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:08 GMT
Content-Encoding
gzip
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Transfer-Encoding
chunked
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
private, no-cache, no-store
Connection
keep-alive
Timing-Allow-Origin
*
async_usersync
ib.adnxs.com/ Frame 11E8 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:08 GMT
X-Proxy-Origin
194.36.108.19; 194.36.108.19; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
a8769734-9091-4fee-a0a0-15f132bb0139
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 7F9C 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:08 GMT
X-Proxy-Origin
194.36.108.19; 194.36.108.19; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
084e3833-6c43-4f55-aaa0-2ee05785e218
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame B96B 		0
758 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.149.105 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Cookie
CMID=YTqppCCJJMbXm4CAFDxZgQAA; CMPS=5225
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Accept-Ranges
bytes
Content-Length
0
Content-Type
text/html
ETag
"0"
Last-Modified
Fri, 18 Sep 2020 03:08:00 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Fri, 10 Sep 2021 00:41:08 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:08 GMT
Connection
keep-alive
Set-Cookie
CMID=YTqppCCJJMbXm4CAFDxZgQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 10 Sep 2022 00:41:08 GMT CMPS=5225;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 09 Dec 2021 00:41:08 GMT CMPRO=1139;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 09 Dec 2021 00:41:08 GMT
cors
data.ad-score.com/data/ Frame 163E 		1 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=RSQGGJYfEXmupzWoXrNmEpEveIZlFxPQ-FE7fPshldVrqKDwc0HLJEULAPg==-E0zCPc9laVXmNg==&pm_ct=2448487b1d18d01420f59fef&pm_pl=1631234465576&pm_td=2675&pid=1000791&en=1.1&callback=__pm_glbl_1APuPk7JtD4qMlOwJOnEbDbV._gc7&tt=g&v=01ec985
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000791&tt=g
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://eu.sportradarserving.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://eu.sportradarserving.com
Date
Fri, 10 Sep 2021 00:41:08 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
openapi.js
vk.com/js/api/ Frame 6723 		100 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/js/api/openapi.js?169
Requested by
Host: ad.mail.ru
URL: https://ad.mail.ru/dist/vkAuth.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.139.194 -, , ASN (),
Reverse DNS
Software
kittenx /
Resource Hash
4a59afde8e0c966992b4cf31107f3e706e78572223f8f28162c218673bf7a71b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.mail.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:08 GMT
content-encoding
br
x-frontend
front623306
last-modified
Tue, 15 Jun 2021 09:11:55 GMT
server
kittenx
etag
"60c86edb-5802"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
content-length
22530
expires
Tue, 14 Sep 2021 00:41:08 GMT
setuid
sync.quantumdex.io/ Frame 6CE5
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8753280251054543738
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8753280251054543738
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:397e -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:08 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
68c49be2fb8338b1-VIE
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:08 GMT
X-Proxy-Origin
194.36.108.19; 194.36.108.19; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
d700f5a7-5e2a-40f6-bce7-6fc121fcbc0f
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8753280251054543738
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 6CE5
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-0H5o2cRE2uGzG2BccUykFrkH.qalm1FgjnRsKsQ-~A
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-0H5o2cRE2uGzG2BccUykFrkH.qalm1FgjnRsKsQ-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:397e -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:08 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
68c49be2eb7b38b1-VIE
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Fri, 10 Sep 2021 00:41:08 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-0H5o2cRE2uGzG2BccUykFrkH.qalm1FgjnRsKsQ-~A
Connection
keep-alive
Content-Length
0
1.gif
id5-sync.com/c/495/0/0/ Frame 6CE5
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.95.34.105 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:06 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

Location
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Date
Fri, 10 Sep 2021 00:41:06 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame 6CE5
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=297cb7d52fd12dc67047e5d2
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=297cb7d52fd12dc67047e5d2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:397e -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:08 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
68c49be30ba238b1-VIE
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Fri, 10 Sep 2021 00:41:08 GMT
Server
nginx
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=297cb7d52fd12dc67047e5d2
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
sync.quantumdex.io/ Frame 6CE5
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8753280251054543738
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8753280251054543738
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:397e -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:08 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
68c49be30b9738b1-VIE
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:08 GMT
X-Proxy-Origin
194.36.108.19; 194.36.108.19; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
6ec2c4e7-6365-4e16-97ed-114892194fbf
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8753280251054543738
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
no-consent
sync.1rx.io/usersync3/centro/2064/ Frame 6CE5
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F2064%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=6828565610
  • https://sync.1rx.io/usersync3/centro/2064/no-consent?zcc=0&sspret=1&rndcb=6828565610
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync3/centro/2064/no-consent?zcc=0&sspret=1&rndcb=6828565610
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:08 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
server
Tengine
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:07 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.1rx.io/usersync3/centro/2064/no-consent?zcc=0&sspret=1&rndcb=6828565610
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
setuid
sync.quantumdex.io/ Frame 6CE5
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=bdc8e699-b85d-486f-950d-7f4481626ba5
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=bdc8e699-b85d-486f-950d-7f4481626ba5
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:397e -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:08 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
68c49be44c9f38b1-VIE
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=bdc8e699-b85d-486f-950d-7f4481626ba5
date
Fri, 10 Sep 2021 00:41:08 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame 6CE5
Redirect Chain
  • https://ms.quantumdex.io/user/sync/quantumdex
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=e9b526ba-502f-42dd-9355-5fa240cfde87
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=e9b526ba-502f-42dd-9355-5fa240cfde87
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:397e -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:08 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
68c49be3fc6338b1-VIE
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=e9b526ba-502f-42dd-9355-5fa240cfde87
date
Fri, 10 Sep 2021 00:41:08 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
68c49be30b9b38b1-VIE
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
us
sync.go.sonobi.com/ Frame 6CE5 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 -, , ASN (),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:08 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame 6CE5
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPc9a4413e-11cf-11ec-ae6d-06efd8582e12
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPc9a4413e-11cf-11ec-ae6d-06efd8582e12
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPc9a4413e-11cf-11ec-ae6d-06efd8582e12
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:397e -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:08 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
68c49be30ba338b1-VIE
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Fri, 10 Sep 2021 00:41:08 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPc9a4413e-11cf-11ec-ae6d-06efd8582e12
Connection
keep-alive
Content-Length
0
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame DACF 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.149.105 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
6aaf35342ce4cbca7759ea96905ce35914f2a816a214942e58e1c16f22548dc9

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Cookie
CMID=YTqppCCJJMbXm4CAFDxZgQAA; CMPS=5225; CMPRO=1139; CMST=YTqppGE6qaQA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|230|45|241|13|88|3|195
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1990
Expires
Fri, 10 Sep 2021 00:41:08 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:08 GMT
Connection
keep-alive
Set-Cookie
CMID=YTqppCCJJMbXm4CAFDxZgQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 10 Sep 2022 00:41:08 GMT CMPS=5225;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 09 Dec 2021 00:41:08 GMT CMPRO=1139;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 09 Dec 2021 00:41:08 GMT CMRUM3=e6613aa9a42760&58613aa9a405a0&03613aa9a405a0&0d613aa9a405a0&c3613aa9a405a00&27613aa9a40b40&2d613aa9a405a0&f1613aa9a405a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 10 Sep 2022 00:41:08 GMT
/
onetag-sys.com/usync/ Frame 618F 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DF64 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.149.47 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-149-47.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=99B50716-645B-4619-885E-FF6900806EF8; KRTBCOOKIE_57=22776-8753280251054543738; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESENTIr-0_0qIBssK1GrxVwuA&KRTB&16514-CAESENTIr-0_0qIBssK1GrxVwuA&KRTB&23025-CAESENTIr-0_0qIBssK1GrxVwuA; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_409=22966-mP6c8yWZTjRovg8LPKj3XdLp; KRTBCOOKIE_153=19420-wWHgSZZpshjaMeMdlmT-GZVl4UzaMuUYxGcZA9CR&KRTB&22979-wWHgSZZpshjaMeMdlmT-GZVl4UzaMuUYxGcZA9CR; KRTBCOOKIE_1101=23040-7006098674996082839; KRTBCOOKIE_22=14911-8632571902530157938; KRTBCOOKIE_377=6810-be919faa-1a75-4dee-97fe-3f0e168429c9&KRTB&22918-be919faa-1a75-4dee-97fe-3f0e168429c9&KRTB&23031-be919faa-1a75-4dee-97fe-3f0e168429c9; KRTBCOOKIE_27=16735-uid:ec47613a-a9a0-4400-88c3-4f3971a0b5d2&KRTB&16736-uid:ec47613a-a9a0-4400-88c3-4f3971a0b5d2&KRTB&23019-uid:ec47613a-a9a0-4400-88c3-4f3971a0b5d2&KRTB&23114-uid:ec47613a-a9a0-4400-88c3-4f3971a0b5d2; SPugT=1631234463; KRTBCOOKIE_391=22924-5802539667209419446&KRTB&23263-5802539667209419446; KRTBCOOKIE_466=16530-fdbbf0d3-14c9-4e18-beb2-1f263514daae; KRTBCOOKIE_336=5844-9109962894328357128; KRTBCOOKIE_594=17105-RX-b002ce4b-af79-4b56-b8be-e8737ddf4673-003&KRTB&17107-RX-b002ce4b-af79-4b56-b8be-e8737ddf4673-003; KRTBCOOKIE_218=22978-YTqpoAAAVIlJPAAT&KRTB&23194-YTqpoAAAVIlJPAAT&KRTB&23209-YTqpoAAAVIlJPAAT&KRTB&23244-YTqpoAAAVIlJPAAT; KRTBCOOKIE_1074=22956-e_41fcf18c-4708-488e-894a-d8c42b5365c8; pp=156498; PMDTSHR=cat:; chkChromeAb67Sec=2; DPSync3=1632441600%3A226_227_201_197_219_221%7C1633824000%3A232%7C1631318400%3A174; SyncRTB3=1631836800%3A2_223_15%7C1636416000%3A69%7C1632528000%3A35%7C1632096000%3A63%7C1633824000%3A203%7C1632441600%3A166_233_99_8_165_81_3_7_176_104_234_56_88_13_57_21_222_22_220_71_54_204_189_231_161_55_230_5; KRTBCOOKIE_107=1471-uid:kVIHXRy11MouBk5; PugT=1631234467; KRTBCOOKIE_860=16335-VcaibnwWRb5BtkCfnIBbYMIkbBM; KRTBCOOKIE_279=22890-c966c27b-11cf-11ec-a9a1-2972a6622f69&KRTB&23011-c966c27b-11cf-11ec-a9a1-2972a6622f69
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=22100
expires
Fri, 10 Sep 2021 06:49:28 GMT
date
Fri, 10 Sep 2021 00:41:08 GMT
vary
Accept-Encoding
Cookie set uc.html
sync.go.sonobi.com/ Frame 4805 		43 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 -, , ASN (),
Reverse DNS
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Date
Fri, 10 Sep 2021 00:41:08 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s57129|YTqpp; path=/; domain=.go.sonobi.com
t
t.lkqd.net/ Frame E688 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 00:41:08 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame E688 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 00:41:08 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 00:41:08 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 00:41:08 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
PugMaster
image6.pubmatic.com/AdServer/ Frame DF64 		182 B
416 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=36675891&p=156498&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
8189270dac88cee8f85402a7cf917080e204c3dfe6131309c0c389d676113f0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
182
content-type
text/html; charset=UTF-8
5a422ce95f366efa348b462b
statsb.nativeroll.tv/nr/aserver/group/ Frame 0FE6 		67 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://statsb.nativeroll.tv/nr/aserver/group/5a422ce95f366efa348b462b?event=visit&gid=5a422ce95f366efa348b462b&v=1.18.18&url=https%3A%2F%2Fask.fm%2F&title=&ref=https%3A%2F%2Fask.fm%2F&block_enabled=0&width=432&height=243&offset_px=0&offset_pct=0&lenght_px=243&cookie_enabled=1&t=2021-09-10T00%3A41%3A08&mode=vpaid&data_saver=false&sc=2453591051&nr_f=MTYzMTIzNDQ2ODI5MA%3D%3D&ancestor_origins=https%3A%2F%2Fmoevideo.biz%2Chttps%3A%2F%2Fask.fm&hwConcurrency=4&deviceMemory=8&platform=Linux%20x86_64&touchPoints=0&plays360=true&plays_inline=true&power_saver=false&li=&cid=c866a0af-55fb-496a-80d8-bf1d2fc68800
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.43.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
cac4cff1067d546eee4b0907276ecbb1e57c02d2ac6002ddc1718c9ed422a621

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:08 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://moevideo.biz
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, *
Content-Length
67
casale
match.adsrvr.org/track/cmf/ Frame DACF 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:08 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame DACF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YTqppCCJJMbXm4CAFDxZgQAABHMAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENsUePAmxf_dQsWXzVyWoQM&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENsUePAmxf_dQsWXzVyWoQM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.149.105 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:08 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 10 Sep 2021 00:41:08 GMT

Redirect headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:08 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENsUePAmxf_dQsWXzVyWoQM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame DACF
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YTqppCCJJMbXm4CAFDxZgQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDD503J4aRt0s_LfmkD_56o&google_cver=1&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDD503J4aRt0s_LfmkD_56o&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.149.105 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:08 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 10 Sep 2021 00:41:08 GMT

Redirect headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:08 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDD503J4aRt0s_LfmkD_56o&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame DACF
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YTqppCCJJMbXm4CAFDxZgQAABHMAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YTqppCCJJMbXm4CAFDxZgQAABHMAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YTqppCCJJMbXm4CAFDxZgQAABHMAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:08 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
XBMQ2MVX7KDXECP7KSJT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:08 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
TKG5FFVM9JEPM3YJBA6Z
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YTqppCCJJMbXm4CAFDxZgQAABHMAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame DACF
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06b12204009801a24eefb82b&expiration=[EXPIRATION]&gdpr=1
43 B
997 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06b12204009801a24eefb82b&expiration=[EXPIRATION]&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.149.105 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:08 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 10 Sep 2021 00:41:08 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06b12204009801a24eefb82b&expiration=[EXPIRATION]&gdpr=1
Date
Fri, 10 Sep 2021 00:41:08 GMT
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Content-Length
0
Vary
Origin
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame DACF 		85 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:08 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1631234469.588881,VS0,VE80
x-served-by
cache-cdg20732-CDG
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/png
content-length
85
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame DACF
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=c3a1613a-a9a0-4400-901c-beee312d150c&gdpr=1&gdpr_consent=
43 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=c3a1613a-a9a0-4400-901c-beee312d150c&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.149.105 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:08 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 10 Sep 2021 00:41:08 GMT

Redirect headers

Date
Fri, 10 Sep 2021 00:41:08 GMT
Server
MT3 3944 2bcb57b master cdg-pixel-x8 config:1.0.1
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=c3a1613a-a9a0-4400-901c-beee312d150c&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 10 Sep 2021 00:41:07 GMT
crum
dsum-sec.casalemedia.com/ Frame DACF
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-4dce8498-e7bc-48bf-8eb4-e2a4299dd55f
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-4dce8498-e7bc-48bf-8eb4-e2a4299dd55f
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.149.105 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:08 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 10 Sep 2021 00:41:08 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-4dce8498-e7bc-48bf-8eb4-e2a4299dd55f
date
Fri, 10 Sep 2021 00:41:08 GMT
server
Apache-Coyote/1.1
content-length
0
setuid
sync.quantumdex.io/ Frame DACF 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YTqppCCJJMbXm4CAFDxZgQAABHMAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:397e -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:08 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
68c49be4ace238b1-VIE
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
/
login.vk.com/ Frame 6723 		27 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.vk.com/?act=openapi&oauth=1&aid=7871968&location=ad.mail.ru&new=1
Requested by
Host: vk.com
URL: https://vk.com/js/api/openapi.js?169
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.129.135 -, , ASN (),
Reverse DNS
Software
kittenx / KPHP/7.4.108528
Resource Hash
52732007dd790f73859fc299aef99cd5aaff8c209e045f02ce3b0285a0567095
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.mail.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:08 GMT
content-encoding
gzip
server
kittenx
x-powered-by
KPHP/7.4.108528
strict-transport-security
max-age=15768000
access-control-allow-methods
GET
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://ad.mail.ru
cache-control
no-store
access-control-allow-credentials
true
content-type
text/html; charset=windows-1251
content-length
41
setuid
sync.quantumdex.io/ Frame 6655 		43 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=99B50716-645B-4619-885E-FF6900806EF8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:397e -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/setuid?bidder=pubmatic&uid=99B50716-645B-4619-885E-FF6900806EF8
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
uid=826d07eb-0cf2-4cbb-83e4-4066639efae4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 10 Sep 2021 00:41:08 GMT
content-type
image/gif
content-length
43
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
68c49be4bce738b1-VIE
p
a.audrte.com/ Frame DF64
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=99B50716-645B-4619-885E-FF6900806EF8
  • https://a.audrte.com/p
68 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.248.174 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:09 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 10 Sep 2021 00:41:08 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
5a422ce95f366efa348b462b.jsonp
statsb.nativeroll.tv/nr/aserver/group/ Frame D60E 		0
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://statsb.nativeroll.tv/nr/aserver/group/5a422ce95f366efa348b462b.jsonp?event=impression&v=1.18.18&gid=5a422ce95f366efa348b462b&url=https%3A%2F%2Fmoevideo.biz%2Fembed%2Fvpaid%3Ftoken%3DBgKKYfpisL2DMd60%252Brsy9hRFCVVeHrUxvTQR747gOTh62fsQrHV4Nibe3I84mXOk%26ref%3Dviads-ask.fm%26title%3D%26duration%3D0%26test%3D0%26proxyVars%255Breferer%255D%3Dhttps%253A%252F%252Fask.fm%252Fspadebook33%26impressionAfterPaid%3D1%26muteVisibleCheck%3D1%26vl%3D1%26es%3D1%26mvver%3D1707&title=&cookie_enabled=1&block_enabled=0&ref=https%3A%2F%2Fask.fm%2F&width=432&offset_px=0&offset_pct=0&lenght_px=243&nr_f=MTYzMTIzNDQ2ODgzMA%3D%3D&plays360=true&plays_inline=true&rsn=255
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-vpaid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.43.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:09 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Headers
Content-Type, *
ad
v.lkqd.net/ Frame CE53 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fspadebook33&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=1437163&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.184 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
6918a34111d8ca8bdaf81622365acc974a135854e0f7c0ec34b466965e9fc7ff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:09 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1353
935975
ad.mail.ru/vast/ Frame 87C7 		60 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/935975?rand=5584532&sc=2453591051&dl=moevideo.biz
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:09 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
935975
ad.mail.ru/vast/ Frame 87C7 		60 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/935975?rand=2793442&sc=2453591051&dl=https%3A%2F%2Fask.fm%2Fspadebook33
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:09 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
197143
ad.mail.ru/vast/ Frame 87C7 		61 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/197143?pr=549390&sc=2453591051&dl=https%3A%2F%2Fask.fm%2Fspadebook33
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
db4857f9c629c7255011feed900ea424555f595daea63a20cb9d28f659024778

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:09 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
362146
ad.mail.ru/vast/ Frame 87C7 		0
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/362146?rand=9120579&sc=2453591051&dl=https%3A%2F%2Fask.fm%2Fspadebook33
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:09 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
362146
ad.mail.ru/vast/ Frame 87C7 		0
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/362146?rand=92129&sc=2453591051&dl=moevideo.biz
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:09 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
942495
ad.mail.ru/vast/ Frame 87C7 		60 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/942495?rand=3888840&sc=2453591051&dl=https%3A%2F%2Fask.fm%2Fspadebook33
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:09 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
vpaid.js
ad.lkqd.net/vpaid/ Frame 6713 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:09 GMT
content-encoding
gzip
last-modified
Mon, 10 May 2021 16:09:54 GMT
etag
"18431b5d583ab7507824ab63424fc76a"
x-hw
1631234469.cds017.fr8.hn,1631234469.cds107.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62012
async_usersync
ib.adnxs.com/ Frame 11E8 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:09 GMT
X-Proxy-Origin
194.36.108.19; 194.36.108.19; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
257d1923-fd7a-4238-9b94-d271d7d35ab7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 7F9C 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:09 GMT
X-Proxy-Origin
194.36.108.19; 194.36.108.19; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
12932dc5-bbb5-4377-836c-bf3cd6c2350f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
ad.lkqd.net/cookie-sync/ Frame 997B 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 10 Sep 2021 00:41:09 GMT
content-encoding
gzip
content-length
1868
content-type
text/html
last-modified
Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges
bytes
etag
"81f08e6987a7c8675462207e3514d72e"
cache-control
public, max-age=1209600
x-hw
1631234469.cds017.fr8.hn,1631234469.cds226.fr8.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fspadebook33&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=1437163&m=&rtv=1&thost=ask.fm
Protocol
H2
Server
146.20.132.184 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 00:41:09 GMT
content-length
0
access-control-allow-origin
https://ask.fm
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
ad
v.lkqd.net/ Frame 6713 		64 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fspadebook33&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=1437163&m=&rtv=1&thost=ask.fm
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.184 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a7e89e33d938547b4916b1d946d9ef7ea3c6861f796941c7e764cd2fe9ab3543

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 10 Sep 2021 00:41:09 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
4380
942495
ad.mail.ru/vast/ Frame 87C7 		60 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/942495?rand=3706853&sc=2453591051&dl=moevideo.biz
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:09 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
726513
ad.mail.ru/vast/ Frame 87C7 		60 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/726513
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:09 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
get
pub-eu.p.otm-r.com/ Frame 87C7 		65 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pub-eu.p.otm-r.com/get?placement_id=58b41eb87a379fc852fa4496&when=pre&stream=instream&domain=https%3A%2F%2Fask.fm%2Fspadebook33
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.69.72.5 -, , ASN (),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
a9179676206755fbdcaf25d2c0958cf0ef14c8a787f38c966b9dbd8013b919f0

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:09 GMT
server
nginx/1.17.0
vary
Origin
content-type
text/xml
access-control-allow-origin
https://moevideo.biz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
65
expires
0
t
t.lkqd.net/ Frame C0B3 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 00:41:09 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 00:41:09 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
cs
cs.lkqd.net/ Frame 997B 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:09 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 997B 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:09 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 997B 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:09 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 997B 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:09 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 997B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8632571902530157938
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8632571902530157938
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:09 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8632571902530157938
pragma
no-cache
date
Fri, 10 Sep 2021 00:41:09 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
/
adx.adform.net/adx/ 		65 B
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fask.fm%2Fspadebook33
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:09 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
av
vidoomy-d.openx.net/v/1.0/ 		48 B
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fask.fm%2Fspadebook33&cb=793525786&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C8163172999418567477410454243,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.215.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:09 GMT
content-encoding
gzip
server
OXGW/16.215.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ask.fm
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
218945
search.spotxchange.com/vast/2.0/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=https%3A%2F%2Fask.fm%2Fspadebook33&cb=768892241&player_width=400&player_height=225&regs[gdpr]=&user[consent]=&device[geo][lat]=&device[geo][lon]=&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C8163172999418567477443986195%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:09 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000252
X-SpotX-Timing-SpotMarket
0.009348
X-SpotX-Timing-Page-Mux
0.000944
X-SpotX-Timing-Page-Require
0.000289
X-fe
143
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000021
Content-Length
77
X-SpotX-Timing-Page
0.013464
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000244
Last-Modified
Fri, 10 Sep 2021 00:41:09 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.009348
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://ask.fm
X-SpotX-Timing-Page-Misc
0.002358
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000007
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
adx.adform.net/adx/ 		65 B
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&url=https%3A%2F%2Fask.fm%2Fspadebook33&t=2
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:09 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1801287469&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov&pi.width=400&pi....
  • https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1801287469&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov&pi.width=400&pi.heig...
249 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1801287469&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=9362bc9e-7bda-42c6-9daf-a2697f012683&a.is_yahoo=3&redirect_y=dHM9MTYzMTIzNDQ2OTcyNS4zMjM0ODY6YXBpZD1VUGM5YTQ0MTNlLTExY2YtMTFlYy1hZTZkLTA2ZWZkODU4MmUxMjpyZXF1ZXN0X2lkPTkzNjJiYzllLTdiZGEtNDJjNi05ZGFmLWEyNjk3ZjAxMjY4Mw==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.203.132 -, , ASN (),
Reverse DNS
Software
ATS/7.1.2.138 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:10 GMT
content-encoding
gzip
server
ATS/7.1.2.138
Age
0
content-type
text/xml
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0

Redirect headers

strict-transport-security
max-age=31536000
server
adaptv/1.0
access-control-allow-origin
https://ask.fm
content-type
text/plain
location
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1801287469&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=9362bc9e-7bda-42c6-9daf-a2697f012683&a.is_yahoo=3&redirect_y=dHM9MTYzMTIzNDQ2OTcyNS4zMjM0ODY6YXBpZD1VUGM5YTQ0MTNlLTExY2YtMTFlYy1hZTZkLTA2ZWZkODU4MmUxMjpyZXF1ZXN0X2lkPTkzNjJiYzllLTdiZGEtNDJjNi05ZGFmLWEyNjk3ZjAxMjY4Mw==
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
0
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=989101710&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov&pi.width=400&pi.h...
  • https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=989101710&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov&pi.width=400&pi.heigh...
249 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=989101710&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=29befbcd-9ffb-46fd-892c-00117adc4bf1&a.is_yahoo=3&redirect_y=dHM9MTYzMTIzNDQ2OTcyNC4wOTM5OTQ6YXBpZD1VUGM5YTQ0MTNlLTExY2YtMTFlYy1hZTZkLTA2ZWZkODU4MmUxMjpyZXF1ZXN0X2lkPTI5YmVmYmNkLTlmZmItNDZmZC04OTJjLTAwMTE3YWRjNGJmMQ==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.203.132 -, , ASN (),
Reverse DNS
Software
ATS/7.1.2.138 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:10 GMT
content-encoding
gzip
server
ATS/7.1.2.138
Age
0
content-type
text/xml
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0

Redirect headers

strict-transport-security
max-age=31536000
server
adaptv/1.0
access-control-allow-origin
https://ask.fm
content-type
text/plain
location
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=989101710&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=29befbcd-9ffb-46fd-892c-00117adc4bf1&a.is_yahoo=3&redirect_y=dHM9MTYzMTIzNDQ2OTcyNC4wOTM5OTQ6YXBpZD1VUGM5YTQ0MTNlLTExY2YtMTFlYy1hZTZkLTA2ZWZkODU4MmUxMjpyZXF1ZXN0X2lkPTI5YmVmYmNkLTlmZmItNDZmZC04OTJjLTAwMTE3YWRjNGJmMQ==
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
0
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=2132474692&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov&pi.width=400&pi....
  • https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=2132474692&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov&pi.width=400&pi.heig...
249 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=2132474692&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=fe0195dd-cd53-488a-91d0-193c01b49337&a.is_yahoo=3&redirect_y=dHM9MTYzMTIzNDQ2OTcyNC44ODE1OTI6YXBpZD1VUGM5YTQ0MTNlLTExY2YtMTFlYy1hZTZkLTA2ZWZkODU4MmUxMjpyZXF1ZXN0X2lkPWZlMDE5NWRkLWNkNTMtNDg4YS05MWQwLTE5M2MwMWI0OTMzNw==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.203.132 -, , ASN (),
Reverse DNS
Software
ATS/7.1.2.138 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:10 GMT
content-encoding
gzip
server
ATS/7.1.2.138
Age
0
content-type
text/xml
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0

Redirect headers

strict-transport-security
max-age=31536000
server
adaptv/1.0
access-control-allow-origin
https://ask.fm
content-type
text/plain
location
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=2132474692&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=fe0195dd-cd53-488a-91d0-193c01b49337&a.is_yahoo=3&redirect_y=dHM9MTYzMTIzNDQ2OTcyNC44ODE1OTI6YXBpZD1VUGM5YTQ0MTNlLTExY2YtMTFlYy1hZTZkLTA2ZWZkODU4MmUxMjpyZXF1ZXN0X2lkPWZlMDE5NWRkLWNkNTMtNDg4YS05MWQwLTE5M2MwMWI0OTMzNw==
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
0
vg8w_5FE244+r7CJB_4mkZ3_YehF4CBX
ads.adaptv.advertising.com/a/h/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/vg8w_5FE244+r7CJB_4mkZ3_YehF4CBX?cb=2011677084&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.69.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-69-184.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
410bab830d27671f97b2c3939d8839d9c8dab63b0dcb1852b3edf5ee5cd7e7b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
908
expires
0
/
pl.viadata.store/export/102415/ Frame 57AE 		5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pl.viadata.store/export/102415/?secured=1&language=en&page_url=https%3A%2F%2Fask.fm%2Fspadebook33&pub_sid=102415&pub_sub=0&format=json&tgt=0&VIA_SUBID=&VIA_ABT=&pce=1&npx=1&VIA_DNT=0&page_domain=ask.fm&trackdomain=logs.viadata.store&VIA_DADPOS=3&avtoken=464332&VIA_WIDTH=432&VIA_HEIGHT=243&imp=false&rc=2&cb=1631234469820
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.119.12 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
0d8bd083c78dd4bc0b74bf2e8e565ab52db09732f087ad3e902009ef70758932

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:09 GMT
content-encoding
br
server
nginx/1.19.5
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
access-control-allow-credentials
true
access-control-allow-headers
sentry-trace
bid
clientside-video-bidder.rutarget.ru/ Frame 57AE 		27 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://clientside-video-bidder.rutarget.ru/bid?url=https%3A%2F%2Fask.fm%2Fspadebook33&request_id=1234469893&placement_id=109&mimes=video%2Fmp4&placement=1&protocols=2&protocols=3&protocols=5&protocols=6&mimes=application/javascript&vd_api_0=VPAID_2_0
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.64.106.152 , Russian Federation, ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU),
Reverse DNS
s-fr7.rutarget.ru
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:09 GMT
Server
nginx
Access-Control-Allow-Methods
OPTIONS
Content-Type
text/xml
Access-Control-Allow-Origin
https://ask.fm
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Ssp-Name
Content-Length
27
cs
rtb-msk-2.viadata.store/vast/ Frame 57AE 		71 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb-msk-2.viadata.store/vast/cs?zone=102415&w=432&h=243&site=https%3A%2F%2Fask.fm%2Fspadebook33&vp=2&cbb=1234469894
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.236 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
ea8c11136a7433434705f93ac9b944267b1e5b18cb713fe9817c7ca09c730cf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
age
0
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/xml; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-store
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
access-control-allow-headers
Content-Type, Accept
rle.cgi
ad.adriver.ru/cgi-bin/ Frame 57AE 		5 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=222536&bn=1&bt=61&pz=0&w=400&h=220&vp=5&target=top&vmindn=5&vmaxdn=180&vminbtr=30&vmaxbtr=3000&tuid=1&rnd=1234469895&tail256=https%3A%2F%2Fask.fm%2F
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.108.39 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
ae3307d05ab3e5c511ac849c889f76bcd3aa2f5d23d499c9f98b075b0e424750

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:09 GMT
Transfer-Encoding
chunked
P3P
policyref="https://adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Access-Control-Allow-Origin
https://ask.fm
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/xml
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
ads.viralize.tv/vast/ Frame 57AE 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.viralize.tv/vast/?zid=AADPh4dFgdgbKwgH&u=ask.fm&cbb=1234469896
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
7e07453741eb445ade5cfacd24d3c6f1985cf0f014e7dd481a2db3d66ef395b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:09 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding, Origin
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
expires
0
vast
moevideo.biz/ Frame 57AE 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/vast?ref=viads-ask.fm&impressionAfterPaid=1&es=1&vl=1&mvis=1&referrer=https%3A%2F%2Fask.fm%2Fspadebook33&cbb=1234469896
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.105 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f12.moevideo.net
Software
nginx / PHP/5.5.38
Resource Hash
aecc32831feccf99a25694c1fb07198dfee0bd55a0eaaa08f8793fc8bc65a2a0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:09 GMT
Content-Encoding
gzip
X-Mv-Embed-Version
1373
X-Powered-By
PHP/5.5.38
Transfer-Encoding
chunked
Connection
keep-alive
X-My-Reqtime
0.084
Pragma
no-cache
Last-Modified
Fri, 10 Sep 2021 00:41:09 GMT
Server
nginx
X-My-Name
s43
Access-Control-Allow-Methods
GET, POST
Content-Type
application/xml
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
X-Mv-TryCache
0
X-My-App-Time
0.001
Access-Control-Allow-Headers
Content-Type, Accept
Expires
Thu, 19 Feb 1998 13:24:18 GMT
viads-vast
adx.com.ru/ Frame 57AE 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.com.ru/viads-vast?vpaid=true&rolltype=outstream&referer=https%3A%2F%2Fask.fm%2Fspadebook33&uid=c2acdbca-6d63-4dcc-bef8-e53f751fb959&cbb=1234469896
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.34.131.130 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.130.131.34.188.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 00:41:09 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
server
nginx/1.18.0
p3p
CP="adx.com.ru does not have a P3P policy"
ad_request
ads.aralego.com/ Frame 57AE 		0
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?host=ask.fm&ver=UCX_WEB-20200113&adid=ad-8A29B9A43D442E8EFEE379B36E7ED89&atype=2&u=https%3A%2F%2Fask.fm%2Fspadebook33&gdpr=0&euconsent-v2=&w=432&h=243&je=1&cbb=1234469897
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:10 GMT
X-Width
432
X-Height
243
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
https://ask.fm
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Access-Control-Allow-Credentials
true
X-SspId
7afd20c3-6271-3fa3-98ec-404850351129
Connection
close
X-Adtype
vast
dsp
logs.viadata.store/event/ Frame 57AE 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logs.viadata.store/event/dsp?sid=102415&event=rtb&event2=request&cb=1631234469897&tids=2107,2110,2106,2552,4760,2111,2555,2109,7323,7378
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:09 GMT
x-content-type-options
nosniff
last-modified
Fri, 10 Sep 2021 00:41:09 GMT
server
nginx
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT
48953915
mc.yandex.com/webvisor/ 		43 B
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=3&wv-hit=511849672&page-url=https%3A%2F%2Fask.fm%2Fspadebook33&rn=881636499&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1631234470%3Aw%3A1600x1200%3Av%3A631%3Az%3A0%3Ai%3A202109010004109%3Au%3A1631234463427757091%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1631234470
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:09 GMT
last-modified
Fri, 10-Sep-2021 00:41:09 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 10-Sep-2021 00:41:09 GMT
viralize_vpaid.min.9026482f.js
static.viralize.tv/ Frame 1A6E 		61 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.viralize.tv/viralize_vpaid.min.9026482f.js?e=ops
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a10d306265feb9fd46afe61797ff3eb234550e49d93624d80212d4761296ce1b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:10 GMT
content-encoding
br
cf-cache-status
HIT
age
42106
x-guploader-uploadid
ADPycds_kHIqwdOjqEwZ4rIFoG7EeJVo3htiCnEgUUJUqhz2aYxFa0TOR1ob0hufW2fJdC9O2EWZNgLP9T7TLM-b
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 09 Sep 2021 12:54:55 GMT
server
cloudflare
etag
W/"9026482feeb11a8d20ff2d42d0817333"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=rErZ1Q==, md5=kCZIL+6xGo0g/y1C0IFzMw==
x-goog-generation
1631192095681511
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=2592000
x-goog-stored-content-length
62513
cf-ray
68c49bef7b1238b0-VIE
expires
Sun, 10 Oct 2021 00:41:10 GMT
vpaid.min.js
moevideo.biz/embed/player/1707/vpaid/ Frame 3543 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/player/1707/vpaid/vpaid.min.js
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.105 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f12.moevideo.net
Software
nginx /
Resource Hash
3c50e9629fa1a0f26d8a6a017db615c5fc46af69bf4f2e28f6f5e6b05336289e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:10 GMT
Last-Modified
Mon, 30 Aug 2021 11:41:37 GMT
Server
nginx
X-My-Name
s37
ETag
"612cc3f1-1c64"
Content-Type
application/javascript
Content-Length
7268
Connection
keep-alive
Accept-Ranges
bytes
X-My-Reqtime
0.096
truncated
/ 		626 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a77319d6ab3cf3a1c4a4a5ba4e6c5b3ccf689c5269ddb896b93b2393b93d319c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
context.js
an.yandex.ru/system/ 		287 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/system/context.js
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
2bbcb59250b9114b48d664d571935ef205017ddb8860f740623aa4099750f46e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
strict-transport-security
max-age=31536000
content-encoding
br
etag
1912756970
x-yandex-req-id
1631234470345474-1240468467014165224700281-production-app-host-man-pcode-127
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Fri, 10 Sep 2021 01:41:10 GMT
/
ads.viralize.tv/player/ Frame 1A6E 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.viralize.tv/player/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fask.fm&cbb=1234469896&sid=01ec11cfcabeaa3260762747814e5491&experiment=ops.&ahd=1&enable_branding=0&player_session=%7B%22page_id%22%3A%22017bcd269e918cf6853531fb407c70f0%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1244%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22width%22%3A432%2C%22height%22%3A243%7D%7D&pub_platform=&dd=ask.fm&sc=1&gdpr=1&cs=&cmp=unavailable
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.9026482f.js?e=ops
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
1ff5975e299124ad627f8d1237a082a8ef293f752ca9e10414c225a5e79bf974

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:10 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
raven.min.js
cdn.ravenjs.com/3.17.0/ Frame CC29 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ravenjs.com/3.17.0/raven.min.js
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.9026482f.js?e=ops
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:10 GMT
content-encoding
gzip
last-modified
Thu, 13 Jul 2017 16:58:06 GMT
server
Fastly
age
1497
etag
"51d6eff0ea5151f41fa0e2f3310fc7c7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
9634
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.1/ Frame CC29 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.1/jquery.min.js
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.9026482f.js?e=ops
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 09:35:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
572718
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34056
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Sep 2022 09:35:52 GMT
polyfill.min.js
polyfill.io/v3/ Frame CC29 		101 B
160 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es5,es6,es7&flags=gated
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.9026482f.js?e=ops
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
069a660398be8db8f9b6d8dad3f052d9a061b697b5354c24784c62d3df0a82f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
1616481
detected-user-agent
Chrome Mobile/89.0.4389
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length
89
referrer-policy
origin-when-cross-origin
last-modified
Sun, 22 Aug 2021 00:24:10 GMT
date
Fri, 10 Sep 2021 00:41:10 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/89.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame CC29 		346 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.9026482f.js?e=ops
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:805::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe08c3a5fd2d4a0c5a4f33864bbb3bddc095f87d1aba54a588163f3370b33ff4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121963
x-xss-protection
0
expires
Fri, 10 Sep 2021 00:41:10 GMT
viralize_player.min.b9da9260.js
static.viralize.tv/ Frame CC29 		732 KB
214 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.viralize.tv/viralize_player.min.b9da9260.js?e=ops
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.9026482f.js?e=ops
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69d4c25c29aa07240210f0578e668297b07d637e6bfc3639e936efbbb371f23c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:10 GMT
content-encoding
br
cf-cache-status
HIT
age
309755
x-guploader-uploadid
ADPycdt_ASeU9Stb2C6TXbuOTHTTgLT53qMzAiHgUHfIbzRY9FiFDzqWtb1nyBAiRB69iCjEGdop1fwTZPFFmlu-kk4
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 06 Sep 2021 10:34:14 GMT
server
cloudflare
etag
W/"b9da9260e532ebe8904933e626177f7a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=pH/jzg==, md5=udqSYOUy6+iQSTPmJhd/eg==
x-goog-generation
1630924454229137
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=2592000
x-goog-stored-content-length
750059
cf-ray
68c49befbb3e38b0-VIE
expires
Sun, 10 Oct 2021 00:41:10 GMT
vpaid
moevideo.biz/embed/ Frame FE41 		31 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/vpaid?token=DEedjxUig%2B%2FUWO6k%2BzfPmh3cagbfs7JrKQXhaTLZds1%2BtRWIJIzFJsiDhG7LKxR1&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fspadebook33&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/vpaid/vpaid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.105 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f12.moevideo.net
Software
nginx / PHP/5.5.38
Resource Hash
0b6672ab255a1e67f848020a163d8df7100d2b4893a454bb2e8a7186b1548151

Request headers

Host
moevideo.biz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ask.fm/
Accept-Encoding
gzip, deflate, br
Cookie
mvuid=186662e8883042b41dc9; mvsid=09cb98f4-8b75-4da8-9ce4-569945c2eec1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

Server
nginx
Date
Fri, 10 Sep 2021 00:41:10 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.5.38
X-My-Adv-Time
0.00266885757446
Expires
Thu, 19 Feb 1998 13:24:18 GMT
Last-Modified
Fri, 10 Sep 2021 00:41:10 GMT
Cache-Control
max-age=0
Pragma
no-cache
X-Mv-TryCache
0
X-My-App-Time
0.016
X-Mv-Embed-Version
1373
X-My-Name
s53
X-My-Reqtime
0.111
Content-Encoding
gzip
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 00:41:10 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 00:41:10 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame C0B3 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 00:41:10 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame C0B3 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 00:41:10 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
advast
ice.360yield.com/ Frame CC29 		27 B
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/advast?p=22424681&w=16&h=9&minduration=1&maxduration=60&player_width=432&player_height=243&referrer=https%3A%2F%2Fask.fm&gdpr=&vast_version=3&vpaid_version=2&video_format_type=instream&schain=1.0,1!viralize.com,4704,1,,,
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.92.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-92-25.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 00:41:10 GMT
access-control-allow-credentials
true
content-type
application/xml; charset=UTF-8
content-length
27
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
ads.viralize.tv/t-bid-opportunity/ Frame CC29 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ec11cfcabeaa3260762747814e5491&item=YWRuXzU4ODWl2fkMABKEIg%3D%3D.1.wp1sc1
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:10 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
polyfill.min.js
polyfill.io/v3/ Frame CC29 		101 B
131 B 		Other
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es5,es6,es7&flags=gated
Requested by
Host: ask.fm
URL: https://ask.fm/spadebook33
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
069a660398be8db8f9b6d8dad3f052d9a061b697b5354c24784c62d3df0a82f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
1616481
detected-user-agent
Chrome Mobile/89.0.4389
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length
89
referrer-policy
origin-when-cross-origin
last-modified
Sun, 22 Aug 2021 00:24:10 GMT
date
Fri, 10 Sep 2021 00:41:10 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/89.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
styles.css
moevideo.biz/embed/player/1707/skins/gray/ Frame FE41 		54 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/player/1707/skins/gray/styles.css
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=DEedjxUig%2B%2FUWO6k%2BzfPmh3cagbfs7JrKQXhaTLZds1%2BtRWIJIzFJsiDhG7LKxR1&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fspadebook33&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.105 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f12.moevideo.net
Software
nginx /
Resource Hash
8981b7634262efb2ccddde3aaf691c544eb2e2a9f95fe7f7976d6574a14999e4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/embed/vpaid?token=DEedjxUig%2B%2FUWO6k%2BzfPmh3cagbfs7JrKQXhaTLZds1%2BtRWIJIzFJsiDhG7LKxR1&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fspadebook33&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:10 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Aug 2021 11:40:34 GMT
Server
nginx
X-My-Name
s13
ETag
W/"612cc3b2-d99f"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
X-My-Reqtime
0.079
mvplayer.min.js
moevideo.biz/embed/player/1707/ Frame FE41 		580 KB
580 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/player/1707/mvplayer.min.js
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=DEedjxUig%2B%2FUWO6k%2BzfPmh3cagbfs7JrKQXhaTLZds1%2BtRWIJIzFJsiDhG7LKxR1&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fspadebook33&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.105 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f12.moevideo.net
Software
nginx /
Resource Hash
bd204debaaee1468075efbf39237f0e7e60da7ae5c1130a0eace92b59f578585

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/embed/vpaid?token=DEedjxUig%2B%2FUWO6k%2BzfPmh3cagbfs7JrKQXhaTLZds1%2BtRWIJIzFJsiDhG7LKxR1&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fspadebook33&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:10 GMT
Last-Modified
Mon, 30 Aug 2021 11:41:48 GMT
Server
nginx
X-My-Name
s51
ETag
"612cc3fc-90ecf"
Content-Type
application/javascript
Content-Length
593615
Connection
keep-alive
Accept-Ranges
bytes
X-My-Reqtime
0.095
/
s.richaudience.com/vid/MP_Ua8BIWjxkR/1631234470/ Frame CC29 		160 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/vid/MP_Ua8BIWjxkR/1631234470/?hasConsent=1&consentString=&mref=https%3A%2F%2Fask.fm&fp=130
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.0.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.13.0.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
21aa80733a2e64012e3f4f18beb996d922b2cbe4eb24fe383c556ee13baf1fd2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:10 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://ask.fm
access-control-max-age
86400
access-control-allow-credentials
true
/
ads.viralize.tv/t-bid-opportunity/ Frame CC29 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ec11cfcabeaa3260762747814e5491&item=YWRuXzU0MDa7VgRR7a8xUg%3D%3D.2.wp2sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:10 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
280214
search.spotxchange.com/vast/2.0/ Frame CC29 		67 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/280214?VPAID=JS&content_page_url=https%3A%2F%2Fask.fm&cb=1631234470&player_width=432&player_height=243&gdpr=1&gdpr_consent=&custom[format]=instream&schain=1.0,1!viralize.com,4704,1,,,
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-spotx-Exception-RESULT
exception
Content-Encoding
gzip
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-spotx-Exception-Message
SpotMarket execution was halted.
X-spotx-Exception-global_blacklist-ID
SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require
0.000381
X-SpotX-Timing-SpotMarket-Secondary
0.000000
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000019
X-SpotX-Timing-Page
0.009681
Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:10 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://ask.fm
X-SpotX-Timing-Page-Exception
0.000013
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-URI
0.000009
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
X-SpotX-Timing-SpotMarket-Primary
0.005135
X-SpotX-Timing-Transform
0.000231
X-SpotX-Timing-SpotMarket
0.005135
X-fe
088
X-SpotX-Timing-Page-Misc
0.003387
Content-Length
77
X-SpotX-Timing-Page-Context
0.000298
Last-Modified
Fri, 10 Sep 2021 00:41:10 GMT
Server
nginx
X-spotx-Exception-global_blacklist-RESULT
failure
X-spotx-Exception-global_blacklist-Message
The referer 'ask.fm' is blacklisted.
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-Mux
0.000208
/
ads.viralize.tv/t-bid-opportunity/ Frame CC29 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ec11cfcabeaa3260762747814e5491&item=YWRuXzQ2MjEalpzxTDwl2A%3D%3D.3.wp3sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:10 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
ads.viralize.tv/track/ Frame CC29 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec11cfcabeaa3260762747814e5491%3A0%3AYWRuXzU4ODWl2fkMABKEIg%3D%3D~wp1sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzU4ODWl2fkMABKEIg%3D%3D~wp1sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec11cfcabeaa3260762747814e5491%3A0%3AYWRuXzU0MDa7VgRR7a8xUg%3D%3D~wp2sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzU0MDa7VgRR7a8xUg%3D%3D~wp2sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:10 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame CC29 		67 B
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=12944561&domain=ask.fm&loc=ask.fm&_fw_gdpr=1&_fw_gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.40.113.157 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-113-157.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:11 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1631234470437046-521
Expires
Fri, 10 Sep 2021 00:41:11 GMT
/
ads.viralize.tv/t-bid-opportunity/ Frame CC29 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ec11cfcabeaa3260762747814e5491&item=YWRuXzU5ODXI591N_k4AOw%3D%3D.4.wp4sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:10 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
ads.viralize.tv/track/ Frame CC29 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec11cfcabeaa3260762747814e5491%3A0%3AYWRuXzQ2MjEalpzxTDwl2A%3D%3D~wp3sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzQ2MjEalpzxTDwl2A%3D%3D~wp3sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:10 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
truncated
/ 		901 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6243d76b5b5b75e0fdec055242a5c57611b00947964c66c498e90dedb47fbdba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
ac
www8.smartadserver.com/ Frame CC29 		129 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www8.smartadserver.com/ac?siteid=115779&pgid=1188694&fmtid=43957&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1631234470&vpw=432&vph=243&pgDomain=ask.fm&gdpr_consent=&gdpr=1&schain=1.0,1!viralize.com,4704,1,,,
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:10 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://ask.fm
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8
transfer-encoding
chunked
/
ads.viralize.tv/t-bid-opportunity/ Frame CC29 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ec11cfcabeaa3260762747814e5491&item=YWRuXzQ0Mzkws_GtCGvh0A%3D%3D.5.wp5sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:11 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
pixel.gif
px.moatads.com/ Frame 163E 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&ra=1&pxm=&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=BETWAY_GLOBAL_FT_DISPLAY1&ol=1058780619&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%3AxkrG%3D01%60%3CY%24d!K%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-SRU9GJ%2BZ4ONI7%2BlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&sc=1&os=1-AA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fask.fm%2F&id=0&ii=9&f=1&j=https%3A%2F%2Fask.fm&lp=https%3A%2F%2Fask.fm&t=1631234465813&de=65749779014&cu=1631234465813&m=5249&ar=503c7d4-clean&iw=85d6c64&cb=0&ym=0&ll=2&lm=3&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A331%3A331%3A1025%3A121&aa=1&ad=5109&cn=1008&gn=1&gk=5109&gl=1008&ik=5109&ic=5109&ez=1&co=1008&cp=907&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5041&cd=907&ah=5041&am=907&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=152991%3A17602%3A5602466%3A3529837&bo=ask.fm&bd=ask.fm&gw=betwayglobalftdisplay906661272790&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMMStrategy=-&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=194337&na=1748224596&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.122.150.58 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-150-58.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:11 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 10 Sep 2021 00:41:11 GMT
/
ads.viralize.tv/track/ Frame CC29 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec11cfcabeaa3260762747814e5491%3A0%3AYWRuXzU5ODXI591N_k4AOw%3D%3D~wp4sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzU5ODXI591N_k4AOw%3D%3D~wp4sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:11 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
shim.gif
creatives.sascdn.com/ Frame CC29 		43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creatives.sascdn.com/shim.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:d9::58dd:305b London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:11 GMT
Last-Modified
Fri, 17 Aug 2018 12:23:00 GMT
Server
Apache
ETag
"221d8352905f2c38b3cb2bd191d630b0:1534508580"
Content-Type
image/gif
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Sat, 10 Sep 2022 00:41:11 GMT
/
ads.viralize.tv/d-vast/ Frame CC29 		71 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.viralize.tv/d-vast/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fask.fm&cbb=1234469896&sid=01ec11cfcabeaa3260762747814e5491&experiment=ops.&ahd=1&enable_branding=0&player_session=%7B%22page_id%22%3A%22017bcd269e918cf6853531fb407c70f0%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1244%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22width%22%3A432%2C%22height%22%3A243%7D%7D&dd=ask.fm&sc=1&gdpr=1&cmp=unavailable&wfp=6&rcx=460.a05dc8e3.1.12
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
3419057d4d0ea2416ad392eb797ded2ac1033896fc70df1dadd4eaad31862bf1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:11 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding, Origin
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://ask.fm
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
ptv
secure.adnxs.com/ Frame CC29 		27 B
850 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/ptv?member=9986&id=19417490&vplaybackmethod=2&referrer=ask.fm&gdpr=1&gdpr_consent=&cb=1631234470
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:11 GMT
X-Proxy-Origin
194.36.108.19; 194.36.108.19; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
4158df92-b1bf-4049-aa1b-61aceb432dea
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
27
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
ads.viralize.tv/t-bid-opportunity/ Frame CC29 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ec11cfcabeaa3260762747814e5491&item=YWRuXzQ5OTY7qXte0KBA8w%3D%3D.7.wp7sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:11 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
av
viralize-d.openx.net/v/1.0/ Frame CC29 		48 B
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://viralize-d.openx.net/v/1.0/av?auid=541171644&url=ask.fm&cb=1631234470&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.215.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:11 GMT
content-encoding
gzip
server
OXGW/16.215.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ask.fm
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
ads.viralize.tv/t-bid-opportunity/ Frame CC29 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ec11cfcabeaa3260762747814e5491&item=YWRuXzQ2ODN6L1-oryRKhQ%3D%3D.8.wp8sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:11 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
ads.viralize.tv/track/ Frame CC29 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec11cfcabeaa3260762747814e5491%3A0%3AYWRuXzQ0Mzkws_GtCGvh0A%3D%3D~wp5sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzQ0Mzkws_GtCGvh0A%3D%3D~wp5sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec11cfcabeaa3260762747814e5491%3A0%3AYWRuXzQ5OTY7qXte0KBA8w%3D%3D~wp7sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzQ5OTY7qXte0KBA8w%3D%3D~wp7sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:11 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
/
adx.adform.net/adx/ Frame CC29 		65 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=822824&t=2&url=https%3A%2F%2Fask.fm&gdpr=1&gdpr_consent=&w=432&h=243&t=1&random=1631234470
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:11 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
ads.viralize.tv/t-bid-opportunity/ Frame CC29 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ec11cfcabeaa3260762747814e5491&item=YWRuXzUyMjLTETLd7KifhA%3D%3D.9.wp9sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:11 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
ad
v.lkqd.net/ Frame CE53 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fspadebook33&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=67466524&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.184 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
7dce3ebdd112291129e425446ca24dab27f326d1dd47d25f33fb88b7b874413f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:11 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1353
storage.html
moe.video/ Frame 0BDF 		18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moe.video/storage.html?v=08
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.106.12 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f41.moevideo.net
Software
nginx /
Resource Hash
55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Host
moe.video
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://moevideo.biz/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/

Response headers

Server
nginx
Date
Fri, 10 Sep 2021 00:41:11 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 30 Aug 2021 11:42:50 GMT
ETag
W/"612cc43a-4783"
X-My-Name
s13
X-My-Reqtime
0.087
X-B-Name
f41
Content-Encoding
gzip
truncated
/ Frame FE41 		313 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6add357eb64adef558f956767816927de0b8be69dd7a8f50953a0f79ee20daee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
ads.viralize.tv/track/ Frame CC29 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec11cfcabeaa3260762747814e5491%3A0%3AYWRuXzQ2ODN6L1-oryRKhQ%3D%3D~wp8sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzQ2ODN6L1-oryRKhQ%3D%3D~wp8sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:11 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame CC29 		965 B
848 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1631234470
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.149.47 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-149-47.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
02c2e914e29e6301e6b90a583e2050106f1154732cb6245cb2faa966e4e04f7b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:11 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5b82218517c94"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
596
expires
Fri, 10 Sep 2021 00:41:11 GMT
/
ads.viralize.tv/t-bid-opportunity/ Frame CC29 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ec11cfcabeaa3260762747814e5491&item=YWRuXzQ3MzHWonrNMPHyzQ%3D%3D.10.wp10sc1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:11 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
ads.viralize.tv/t-bid-done/ Frame CC29 		0
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-done/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&item=YWRuXzQ3MzHWonrNMPHyzQ%3D%3D&sc=wp10sc1&l=vpaid&as=PubMatic&ct=application%2Fjavascript&sid=01ec11cfcabeaa3260762747814e5491
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:11 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 86A3 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1631234470
Requested by
Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_player.min.b9da9260.js?e=ops
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.149.47 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-149-47.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:11 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
pixel.gif
px.moatads.com/ Frame 163E 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&ra=1&pxm=&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=BETWAY_GLOBAL_FT_DISPLAY1&ol=1058780619&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%3AxkrG%3D01%60%3CY%24d!K%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-SRU9GJ%2BZ4ONI7%2BlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&sc=1&os=1-AA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=6&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fask.fm%2F&id=0&ii=9&f=1&j=https%3A%2F%2Fask.fm&lp=https%3A%2F%2Fask.fm&t=1631234465813&de=65749779014&cu=1631234465813&m=5459&ar=503c7d4-clean&iw=85d6c64&cb=0&ym=0&ll=2&lm=3&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A331%3A331%3A1025%3A121&aa=1&ad=5319&cn=5109&gn=1&gk=5319&gl=5109&ik=5319&ic=5319&ez=1&co=1008&cp=907&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5241&cd=5041&ah=5241&am=5041&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=152991%3A17602%3A5602466%3A3529837&bo=ask.fm&bd=ask.fm&gw=betwayglobalftdisplay906661272790&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMMStrategy=-&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=194337&na=1705844535&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.122.150.58 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-150-58.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:11 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 10 Sep 2021 00:41:11 GMT
/
ads.viralize.tv/track/ Frame CC29 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ec11cfcabeaa3260762747814e5491%3A0%3AYWRuXzUyMjLTETLd7KifhA%3D%3D~wp9sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzUyMjLTETLd7KifhA%3D%3D~wp9sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_done%22%2C%22session_id%22%3A%2201ec11cfcabeaa3260762747814e5491%3A0%3AYWRuXzQ3MzHWonrNMPHyzQ%3D%3D~wp10sc1%3A0%22%2C%22bid_done_id%22%3A%220%22%2C%22label%22%3A%22bid_selected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:11 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
clear
showad.js
ads.pubmatic.com/AdServer/js/ Frame 5B69 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1631234470
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.149.47 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-149-47.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ask.fm/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=99B50716-645B-4619-885E-FF6900806EF8; KRTBCOOKIE_57=22776-8753280251054543738; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESENTIr-0_0qIBssK1GrxVwuA&KRTB&16514-CAESENTIr-0_0qIBssK1GrxVwuA&KRTB&23025-CAESENTIr-0_0qIBssK1GrxVwuA; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_409=22966-mP6c8yWZTjRovg8LPKj3XdLp; KRTBCOOKIE_153=19420-wWHgSZZpshjaMeMdlmT-GZVl4UzaMuUYxGcZA9CR&KRTB&22979-wWHgSZZpshjaMeMdlmT-GZVl4UzaMuUYxGcZA9CR; KRTBCOOKIE_1101=23040-7006098674996082839; KRTBCOOKIE_22=14911-8632571902530157938; KRTBCOOKIE_377=6810-be919faa-1a75-4dee-97fe-3f0e168429c9&KRTB&22918-be919faa-1a75-4dee-97fe-3f0e168429c9&KRTB&23031-be919faa-1a75-4dee-97fe-3f0e168429c9; KRTBCOOKIE_27=16735-uid:ec47613a-a9a0-4400-88c3-4f3971a0b5d2&KRTB&16736-uid:ec47613a-a9a0-4400-88c3-4f3971a0b5d2&KRTB&23019-uid:ec47613a-a9a0-4400-88c3-4f3971a0b5d2&KRTB&23114-uid:ec47613a-a9a0-4400-88c3-4f3971a0b5d2; SPugT=1631234463; KRTBCOOKIE_391=22924-5802539667209419446&KRTB&23263-5802539667209419446; KRTBCOOKIE_466=16530-fdbbf0d3-14c9-4e18-beb2-1f263514daae; KRTBCOOKIE_336=5844-9109962894328357128; KRTBCOOKIE_594=17105-RX-b002ce4b-af79-4b56-b8be-e8737ddf4673-003&KRTB&17107-RX-b002ce4b-af79-4b56-b8be-e8737ddf4673-003; KRTBCOOKIE_218=22978-YTqpoAAAVIlJPAAT&KRTB&23194-YTqpoAAAVIlJPAAT&KRTB&23209-YTqpoAAAVIlJPAAT&KRTB&23244-YTqpoAAAVIlJPAAT; KRTBCOOKIE_1074=22956-e_41fcf18c-4708-488e-894a-d8c42b5365c8; pp=156498; PMDTSHR=cat:; SyncRTB3=1631836800%3A2_223_15%7C1636416000%3A69%7C1632528000%3A35%7C1632096000%3A63%7C1633824000%3A203%7C1632441600%3A166_233_99_8_165_81_3_7_176_104_234_56_88_13_57_21_222_22_220_71_54_204_189_231_161_55_230_5; KRTBCOOKIE_107=1471-uid:kVIHXRy11MouBk5; PugT=1631234467; KRTBCOOKIE_860=16335-VcaibnwWRb5BtkCfnIBbYMIkbBM; KRTBCOOKIE_279=22890-c966c27b-11cf-11ec-a9a1-2972a6622f69&KRTB&23011-c966c27b-11cf-11ec-a9a1-2972a6622f69; chkChromeAb67Sec=3; DPSync3=1632441600%3A226_227_197_221_235_201_219%7C1633824000%3A232%7C1631318400%3A174; pubsyncexp=1631256068585
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=119646
expires
Sat, 11 Sep 2021 09:55:17 GMT
date
Fri, 10 Sep 2021 00:41:11 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 86A3 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1631234470
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.149.47 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-149-47.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:11 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:07:52 GMT
server
Apache/2.2.15 (CentOS)
etag
"13006b6-974e-5c4c7cb53d8cb"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=119646
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13946
expires
Sat, 11 Sep 2021 09:55:17 GMT
vpaid.js
ad.lkqd.net/vpaid/ Frame A824 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:11 GMT
content-encoding
gzip
last-modified
Mon, 10 May 2021 16:09:54 GMT
etag
"18431b5d583ab7507824ab63424fc76a"
x-hw
1631234471.cds017.fr8.hn,1631234471.cds107.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62012
auction_multi
am-0.moevideo.biz/ssp/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://am-0.moevideo.biz/ssp/auction_multi
Protocol
HTTP/1.1
Server
92.223.103.116 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f54.moevideo.net
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://moevideo.biz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Fri, 10 Sep 2021 00:41:11 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET, POST, OPTIONS
auction_multi
am-0.moevideo.biz/ssp/ Frame FE41 		2 B
472 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://am-0.moevideo.biz/ssp/auction_multi
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.116 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f54.moevideo.net
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:11 GMT
X-Balancer-Name
f54
Last-Modified
Fri, 10 Sep 2021 00:41:11 GMT
Server
nginx
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://moevideo.biz
X-B-Name
f54
Cache-Control
no-cache, must-revalidate;post-check=0,pre-check=0;max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
Expires
Thu, 19 Feb 1998 13:24:18 GMT
analytics.js
www.google-analytics.com/ Frame FE41 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=DEedjxUig%2B%2FUWO6k%2BzfPmh3cagbfs7JrKQXhaTLZds1%2BtRWIJIzFJsiDhG7LKxR1&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fspadebook33&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:80f::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
1418
date
Fri, 10 Sep 2021 00:17:33 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Fri, 10 Sep 2021 02:17:33 GMT
ads-async.js
ad.mail.ru/static/ Frame FE41 		193 B
485 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/static/ads-async.js
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=DEedjxUig%2B%2FUWO6k%2BzfPmh3cagbfs7JrKQXhaTLZds1%2BtRWIJIzFJsiDhG7LKxR1&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fspadebook33&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
d0d2b70ff09df898f2652af487149d55391a4088ad738ad9f69286ef5e734811

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:11 GMT
Server
nginx
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=600
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
193
Expires
Fri, 10 Sep 2021 00:51:11 GMT
AdRiverFPS_MV.js
content.adriver.ru/banners/0007207/0007207973/0/ Frame FE41 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.adriver.ru/banners/0007207/0007207973/0/AdRiverFPS_MV.js?id1=186662e8883042b41dc9
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=DEedjxUig%2B%2FUWO6k%2BzfPmh3cagbfs7JrKQXhaTLZds1%2BtRWIJIzFJsiDhG7LKxR1&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fspadebook33&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.96.52 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
c95123ccc9890a5ac5dba9d9060abc099e1fcb9f7e1043c675188ac12942616f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:11 GMT
last-modified
Fri, 09 Apr 2021 14:49:31 GMT
server
nginx
etag
"6070697b-26a8"
content-type
application/x-javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
9896
expires
Fri, 10 Sep 2021 01:41:11 GMT
usync.html
ad.lkqd.net/cookie-sync/ Frame A945 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 10 Sep 2021 00:41:11 GMT
content-encoding
gzip
content-length
1868
content-type
text/html
last-modified
Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges
bytes
etag
"81f08e6987a7c8675462207e3514d72e"
cache-control
public, max-age=1209600
x-hw
1631234471.cds017.fr8.hn,1631234471.cds226.fr8.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame A824 		51 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fspadebook33&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=67466524&m=&rtv=1&thost=ask.fm
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.184 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e16fa6558d06f4623c16dcf9aac7479d734dad7dee74c657329fb18c52f2a7e3

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 10 Sep 2021 00:41:11 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
4189
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fspadebook33&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=67466524&m=&rtv=1&thost=ask.fm
Protocol
H2
Server
146.20.132.184 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 00:41:11 GMT
content-length
0
access-control-allow-origin
https://ask.fm
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
cs
cs.lkqd.net/ Frame A945 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:11 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame A945 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:11 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame A945 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:11 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame A945 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:11 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame A945
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8632571902530157938
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8632571902530157938
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:11 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8632571902530157938
pragma
no-cache
date
Fri, 10 Sep 2021 00:41:10 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
6E98B6.js
r.mradx.net/img/58/ Frame FE41 		185 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r.mradx.net/img/58/6E98B6.js
Requested by
Host: ad.mail.ru
URL: https://ad.mail.ru/static/ads-async.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a00:1148:db00::28 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
7568bf67bec31079e13d3eea3a735e7cf5179c15d6deb65822ce6c9bd23df350

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:11 GMT
Content-Encoding
gzip
Last-Modified
Tue, 29 Jun 2021 07:24:19 GMT
Server
nginx
ETag
W/"60dacaa3-2e478"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Connection
keep-alive
Timing-Allow-Origin
*
Expires
Thu, 31 Dec 2037 23:55:55 GMT
storage.html
moe.video/ Frame 718F 		18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moe.video/storage.html?v=08
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.106.12 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f41.moevideo.net
Software
nginx /
Resource Hash
55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Host
moe.video
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://moevideo.biz/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/

Response headers

Server
nginx
Date
Fri, 10 Sep 2021 00:41:11 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 30 Aug 2021 11:42:54 GMT
ETag
W/"612cc43e-4783"
X-My-Name
s29
X-My-Reqtime
0.108
X-B-Name
f41
Content-Encoding
gzip
storage.html
moe.video/ Frame A14D 		18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moe.video/storage.html?v=08
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.106.12 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f41.moevideo.net
Software
nginx /
Resource Hash
55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Host
moe.video
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://moevideo.biz/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/

Response headers

Server
nginx
Date
Fri, 10 Sep 2021 00:41:11 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 30 Aug 2021 11:42:50 GMT
ETag
W/"612cc43a-4783"
X-My-Name
s13
X-My-Reqtime
0.096
X-B-Name
f41
Content-Encoding
gzip
389706
ad.mail.ru/vast/ Frame FE41 		60 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/389706?pr=2837109&sc=2453591051&dl=moevideo.biz
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:11 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
389706
ad.mail.ru/vast/ Frame FE41 		60 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/389706?pr=8518521&sc=2453591051&dl=https%3A%2F%2Fask.fm%2Fspadebook33
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:11 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
vast
stats.seedr.com/ Frame FE41 		766 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.seedr.com/vast?gid=5a422ce95f366efa348b462b&sc=2453591051&pr=4482718
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.185.194.45 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
host45.seedr.ru
Software
nginx /
Resource Hash
630f7c17bc86a407fcab331f8806df7048506586183ed9fe0ef3dfc3f7cbe9d0

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:11 GMT
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/xml; charset=utf-8
Access-Control-Allow-Origin
https://moevideo.biz
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, *
174627
ad.mail.ru/vast/ Frame FE41 		61 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/174627?rand=100959&sc=2453591051&dl=https%3A%2F%2Fask.fm%2Fspadebook33
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
db4857f9c629c7255011feed900ea424555f595daea63a20cb9d28f659024778

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:11 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
json.cgi
ad.adriver.ru/cgi-bin/ Frame FE41 		385 B
1023 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.adriver.ru/cgi-bin/json.cgi?sid=1&ad=719473&bt=55&pid=3198680&bid=7189165&bn=7189165&custom=300=0;301=AR7mT70WzjU-6OyxtJVHtbw;302=AR7mT70WzjU-6OyxtJVHtbw;303=unavail;304=AR7mT70WzjU-6OyxtJVHtbw;305=186662e8883042b41dc9;306=;307=;308=0;309=0
Requested by
Host: content.adriver.ru
URL: https://content.adriver.ru/banners/0007207/0007207973/0/AdRiverFPS_MV.js?id1=186662e8883042b41dc9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.108.39 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
f94fc4df1227df6e8fd8288668327680e80bf6c3b584d439ff6c830ae8d9b61d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/embed/vpaid?token=DEedjxUig%2B%2FUWO6k%2BzfPmh3cagbfs7JrKQXhaTLZds1%2BtRWIJIzFJsiDhG7LKxR1&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fspadebook33&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:11 GMT
Transfer-Encoding
chunked
P3P
policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Access-Control-Allow-Origin
https://moevideo.biz
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Expires
Thu, 01 Jan 1970 00:00:00 GMT
t
t.lkqd.net/ Frame F0F7 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 00:41:11 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 00:41:11 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
vkAuth.html
ad.mail.ru/dist/ Frame F3AE 		523 B
802 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/dist/vkAuth.html
Requested by
Host: r.mradx.net
URL: https://r.mradx.net/img/58/6E98B6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
ed75109404e5ed7750f964bfe12245ad0d67cd4fb6d2d4138ee094d322477c82

Request headers

Host
ad.mail.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://moevideo.biz/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/

Response headers

Server
nginx
Date
Fri, 10 Sep 2021 00:41:11 GMT
Content-Type
text/html;charset=UTF-8
Content-Length
523
Connection
keep-alive
Expires
Fri, 10 Sep 2021 00:51:11 GMT
Cache-Control
max-age=600
Access-Control-Allow-Origin
*
Timing-Allow-Origin
*
/
ad.mail.ru/adq/ Frame FE41 		83 B
450 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/adq/?callback=mailru_ad1631234471700&q=199847&vk=0&_=75067619
Requested by
Host: r.mradx.net
URL: https://r.mradx.net/img/58/6E98B6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
52797754e44d0c6c637f4bcda0d29317b777e359a60a8d267903634b0edfb5d1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/embed/vpaid?token=DEedjxUig%2B%2FUWO6k%2BzfPmh3cagbfs7JrKQXhaTLZds1%2BtRWIJIzFJsiDhG7LKxR1&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fspadebook33&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:11 GMT
Content-Encoding
gzip
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Transfer-Encoding
chunked
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
private, no-cache, no-store
Connection
keep-alive
Timing-Allow-Origin
*
nr-vpaid.min.js
cdn01.nativeroll.tv/js/ Frame 2A08 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn01.nativeroll.tv/js/nr-vpaid.min.js
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:1d1:2801::14 Paris, France, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
61732724ef457a86cb694449dcd434f954d42a2b50d873a96745f1a7ebac7aca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
tp-up-gc11
date
Fri, 10 Sep 2021 00:41:11 GMT
content-encoding
gzip
last-modified
Tue, 07 Sep 2021 15:15:08 GMT
server
nginx
etag
W/"613781fc-33da"
vary
Accept-Encoding
x-cached-since
2021-09-09T22:42:00+00:00
content-type
application/javascript; charset=utf-8
cache-control
max-age=7200
cache
HIT
expires
Tue, 07 Sep 2021 18:33:55 GMT
/
adx.adform.net/adx/ 		65 B
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fask.fm%2Fspadebook33
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:11 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
av
vidoomy-d.openx.net/v/1.0/ 		48 B
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fask.fm%2Fspadebook33&cb=1749048210&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C56731186773519014621804113402,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.215.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:11 GMT
content-encoding
gzip
server
OXGW/16.215.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ask.fm
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
adx.adform.net/adx/ 		65 B
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&url=https%3A%2F%2Fask.fm%2Fspadebook33&t=2
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:11 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1080011793&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov&pi.width=400&pi....
  • https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1080011793&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov&pi.width=400&pi.heig...
249 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1080011793&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=6e440eea-b8ce-467b-835d-8de80cd678c5&a.is_yahoo=3&redirect_y=dHM9MTYzMTIzNDQ3MTc2MC4wNzQ5NTE6YXBpZD1VUGM5YTQ0MTNlLTExY2YtMTFlYy1hZTZkLTA2ZWZkODU4MmUxMjptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPTZlNDQwZWVhLWI4Y2UtNDY3Yi04MzVkLThkZTgwY2Q2NzhjNQ==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.203.132 -, , ASN (),
Reverse DNS
Software
ATS/7.1.2.138 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:12 GMT
content-encoding
gzip
server
ATS/7.1.2.138
Age
1
content-type
text/xml
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0

Redirect headers

strict-transport-security
max-age=31536000
server
adaptv/1.0
access-control-allow-origin
https://ask.fm
content-type
text/plain
location
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1080011793&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=6e440eea-b8ce-467b-835d-8de80cd678c5&a.is_yahoo=3&redirect_y=dHM9MTYzMTIzNDQ3MTc2MC4wNzQ5NTE6YXBpZD1VUGM5YTQ0MTNlLTExY2YtMTFlYy1hZTZkLTA2ZWZkODU4MmUxMjptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPTZlNDQwZWVhLWI4Y2UtNDY3Yi04MzVkLThkZTgwY2Q2NzhjNQ==
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
0
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1769525303&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov&pi.width=400&pi....
  • https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1769525303&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov&pi.width=400&pi.heig...
249 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1769525303&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=adbe46ab-07a2-41f9-90bd-9d8d07ed1a29&a.is_yahoo=3&redirect_y=dHM9MTYzMTIzNDQ3MTc2Mi43NzgwNzY6YXBpZD1VUGM5YTQ0MTNlLTExY2YtMTFlYy1hZTZkLTA2ZWZkODU4MmUxMjptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPWFkYmU0NmFiLTA3YTItNDFmOS05MGJkLTlkOGQwN2VkMWEyOQ==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.203.132 -, , ASN (),
Reverse DNS
Software
ATS/7.1.2.138 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:12 GMT
content-encoding
gzip
server
ATS/7.1.2.138
Age
1
content-type
text/xml
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0

Redirect headers

strict-transport-security
max-age=31536000
server
adaptv/1.0
access-control-allow-origin
https://ask.fm
content-type
text/plain
location
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1769525303&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=adbe46ab-07a2-41f9-90bd-9d8d07ed1a29&a.is_yahoo=3&redirect_y=dHM9MTYzMTIzNDQ3MTc2Mi43NzgwNzY6YXBpZD1VUGM5YTQ0MTNlLTExY2YtMTFlYy1hZTZkLTA2ZWZkODU4MmUxMjptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPWFkYmU0NmFiLTA3YTItNDFmOS05MGJkLTlkOGQwN2VkMWEyOQ==
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
0
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=151940007&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov&pi.width=400&pi.h...
  • https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=151940007&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov&pi.width=400&pi.heigh...
249 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=151940007&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=d0b0881d-0adf-4e0f-8294-38851883ca93&a.is_yahoo=3&redirect_y=dHM9MTYzMTIzNDQ3MTc2MC44NDA4MjA6YXBpZD1VUGM5YTQ0MTNlLTExY2YtMTFlYy1hZTZkLTA2ZWZkODU4MmUxMjptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPWQwYjA4ODFkLTBhZGYtNGUwZi04Mjk0LTM4ODUxODgzY2E5Mw==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.203.132 -, , ASN (),
Reverse DNS
Software
ATS/7.1.2.138 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 10 Sep 2021 00:41:12 GMT
content-encoding
gzip
server
ATS/7.1.2.138
Age
1
content-type
text/xml
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0

Redirect headers

strict-transport-security
max-age=31536000
server
adaptv/1.0
access-control-allow-origin
https://ask.fm
content-type
text/plain
location
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=151940007&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Fspadebook33&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&a.y_rid=d0b0881d-0adf-4e0f-8294-38851883ca93&a.is_yahoo=3&redirect_y=dHM9MTYzMTIzNDQ3MTc2MC44NDA4MjA6YXBpZD1VUGM5YTQ0MTNlLTExY2YtMTFlYy1hZTZkLTA2ZWZkODU4MmUxMjptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPWQwYjA4ODFkLTBhZGYtNGUwZi04Mjk0LTM4ODUxODgzY2E5Mw==
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
0
nr-player.min.js
cdn01.nativeroll.tv/js/ Frame 5F42 		529 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn01.nativeroll.tv/js/nr-player.min.js
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-vpaid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:1d1:2801::14 Paris, France, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1e51fd15944329fa0576ec339cc9071c33ce181e029f486625273f41cc4db361

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
tp-up-gc11
date
Fri, 10 Sep 2021 00:41:11 GMT
content-encoding
gzip
last-modified
Tue, 07 Sep 2021 15:15:08 GMT
server
nginx
etag
W/"613781fc-84255"
vary
Accept-Encoding
x-cached-since
2021-09-09T23:21:34+00:00
content-type
application/javascript; charset=utf-8
cache-control
max-age=7200
cache
HIT
expires
Tue, 07 Sep 2021 17:18:35 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 86A3 		27 B
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+7+9+1+0+1+1+1+6&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1631234470&us_privacy=&cb=1631234471315&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fask.fm%252Fspadebook33&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fask.fm%252Fspadebook33&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-9-10%200:41:11&ranreq=0.8958260094017259&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=662277&adId=2645917&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1631234470
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:11 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://ask.fm
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
content-type
application/xml; charset=utf-8
48953915
mc.yandex.com/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=4&wv-hit=511849672&page-url=https%3A%2F%2Fask.fm%2Fspadebook33&rn=1060087017&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1631234472%3Aw%3A1600x1200%3Av%3A631%3Az%3A0%3Ai%3A202109010004111%3Au%3A1631234463427757091%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1631234472
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:11 GMT
last-modified
Fri, 10-Sep-2021 00:41:11 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 10-Sep-2021 00:41:11 GMT
track
aktrack.pubmatic.com/ Frame 86A3 		0
0
openapi.js
vk.com/js/api/ Frame F3AE 		100 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/js/api/openapi.js?169
Requested by
Host: ad.mail.ru
URL: https://ad.mail.ru/dist/vkAuth.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.139.194 -, , ASN (),
Reverse DNS
Software
kittenx /
Resource Hash
4a59afde8e0c966992b4cf31107f3e706e78572223f8f28162c218673bf7a71b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.mail.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:11 GMT
content-encoding
br
x-frontend
front623306
last-modified
Tue, 15 Jun 2021 09:11:55 GMT
server
kittenx
etag
"60c86edb-5802"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
content-length
22530
expires
Tue, 14 Sep 2021 00:41:11 GMT
analytics.js
www.google-analytics.com/ Frame 5F42 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:80f::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
1418
date
Fri, 10 Sep 2021 00:17:33 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Fri, 10 Sep 2021 02:17:33 GMT
nr-box.html
cdn01.nativeroll.tv/js/ Frame BAAB 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn01.nativeroll.tv/js/nr-box.html?origin=https%3A%2F%2Fmoevideo.biz
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:1d1:2801::14 Paris, France, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
c36bd2f4afb43865bb873b30ed3b159548b48ae96f577726fc76a94f624283a5

Request headers

:method
GET
:authority
cdn01.nativeroll.tv
:scheme
https
:path
/js/nr-box.html?origin=https%3A%2F%2Fmoevideo.biz
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://moevideo.biz/
accept-encoding
gzip, deflate, br
cookie
cid=87b29129-f9e1-4f1c-9871-ce867e132ccc; wdata[social_class]=0; wdata[age]=0; wdata[gender]=0; wdata[expire]=1631241669
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/

Response headers

server
nginx
date
Fri, 10 Sep 2021 00:41:11 GMT
content-type
text/html; charset=utf-8
last-modified
Tue, 07 Sep 2021 15:15:08 GMT
vary
Accept-Encoding
etag
W/"613781fc-1b73"
cache
HIT
x-cached-since
2021-09-07T15:37:13+00:00
x-id
tp-up-gc11
content-encoding
gzip
hosts.json
cdn02.nativeroll.tv/player/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn02.nativeroll.tv/player/hosts.json
Protocol
H2
Server
2a03:90c0:1d1:2801::14 Paris, France, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
cache-control
Origin
https://moevideo.biz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 00:41:12 GMT
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Content-Encoding,Content-Range,Content-Length
access-control-expose-headers
Content-Encoding,Content-Range,Content-Length
access-control-max-age
1728000
access-control-allow-origin
https://moevideo.biz
x-id
tp-up-gc13
hosts.json
cdn02.nativeroll.tv/player/ Frame 5F42 		301 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn02.nativeroll.tv/player/hosts.json
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:1d1:2801::14 Paris, France, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
b92087c8f2dbb941e624d2403cf39e049a9d75d62859df03ddda63bfdbda182c

Request headers

cache-control
no-cache
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
tp-up-gc12
date
Fri, 10 Sep 2021 00:41:12 GMT
content-encoding
gzip
last-modified
Thu, 25 Feb 2021 15:02:35 GMT
server
nginx
etag
W/"6037bc0b-12d"
x-cached-since
2021-09-06T19:41:19+00:00
content-type
application/json
access-control-allow-origin
https://moevideo.biz
access-control-expose-headers
Content-Encoding,Content-Range,Content-Length
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Content-Encoding,Content-Range,Content-Length
cache
HIT
876515888
www.tns-counter.ru/V13a****nativeroll_tv/ru/UTF-8/tmsec=nativeroll_total/ Frame 5F42 		43 B
414 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tns-counter.ru/V13a****nativeroll_tv/ru/UTF-8/tmsec=nativeroll_total/876515888
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=DEedjxUig%2B%2FUWO6k%2BzfPmh3cagbfs7JrKQXhaTLZds1%2BtRWIJIzFJsiDhG7LKxR1&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fspadebook33&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1707
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:6d0:4001::226 -, , ASN (),
Reverse DNS
Software
ms-counter-3.2.9/1.20.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=2678400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:11 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
ms-counter-3.2.9/1.20.1
strict-transport-security
max-age=2678400
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
track
aktrack.pubmatic.com/ Frame CC29 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156962&s=662277&a=2645917&ts=1631234471&wa=0&e=96&ier=901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.40.112.228 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-112-228.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:11 GMT
content-length
0
content-type
text/html
/
login.vk.com/ Frame F3AE 		27 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.vk.com/?act=openapi&oauth=1&aid=7871968&location=ad.mail.ru&new=1
Requested by
Host: vk.com
URL: https://vk.com/js/api/openapi.js?169
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.129.135 -, , ASN (),
Reverse DNS
Software
kittenx / KPHP/7.4.108528
Resource Hash
52732007dd790f73859fc299aef99cd5aaff8c209e045f02ce3b0285a0567095
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.mail.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:12 GMT
content-encoding
gzip
server
kittenx
x-powered-by
KPHP/7.4.108528
strict-transport-security
max-age=15768000
access-control-allow-methods
GET
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://ad.mail.ru
cache-control
no-store
access-control-allow-credentials
true
content-type
text/html; charset=windows-1251
content-length
41
5a422ce95f366efa348b462b
statsb.nativeroll.tv/nr/aserver/group/ Frame 5F42 		67 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://statsb.nativeroll.tv/nr/aserver/group/5a422ce95f366efa348b462b?event=visit&gid=5a422ce95f366efa348b462b&v=1.18.18&url=https%3A%2F%2Fask.fm%2F&title=&ref=https%3A%2F%2Fask.fm%2F&block_enabled=0&width=432&height=243&offset_px=0&offset_pct=0&lenght_px=243&cookie_enabled=1&t=2021-09-10T00%3A41%3A12&mode=vpaid&data_saver=false&sc=2453591051&nr_f=MTYzMTIzNDQ3MjAwOQ%3D%3D&ancestor_origins=https%3A%2F%2Fmoevideo.biz%2Chttps%3A%2F%2Fask.fm&hwConcurrency=4&deviceMemory=8&platform=Linux%20x86_64&touchPoints=0&plays360=true&plays_inline=true&power_saver=false&li=&cid=e9f47c87-9d7e-444c-a180-32f206ca7723
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.43.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
cac4cff1067d546eee4b0907276ecbb1e57c02d2ac6002ddc1718c9ed422a621

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:12 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://moevideo.biz
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, *
Content-Length
67
5a422ce95f366efa348b462b.jsonp
statsb.nativeroll.tv/nr/aserver/group/ Frame 2A08 		0
454 B 		Script
General
Check archive.org
Download Go to
Full URL
https://statsb.nativeroll.tv/nr/aserver/group/5a422ce95f366efa348b462b.jsonp?event=impression&v=1.18.18&gid=5a422ce95f366efa348b462b&url=https%3A%2F%2Fmoevideo.biz%2Fembed%2Fvpaid%3Ftoken%3DDEedjxUig%252B%252FUWO6k%252BzfPmh3cagbfs7JrKQXhaTLZds1%252BtRWIJIzFJsiDhG7LKxR1%26ref%3Dviads-ask.fm%26title%3D%26duration%3D0%26test%3D0%26proxyVars%255Breferer%255D%3Dhttps%253A%252F%252Fask.fm%252Fspadebook33%26impressionAfterPaid%3D1%26muteVisibleCheck%3D1%26vl%3D1%26es%3D1%26mvver%3D1707&title=&cookie_enabled=1&block_enabled=0&ref=https%3A%2F%2Fask.fm%2F&width=432&offset_px=0&offset_pct=0&lenght_px=243&nr_f=MTYzMTIzNDQ3MjE0NQ%3D%3D&plays360=true&plays_inline=true&rsn=255
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-vpaid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.43.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:12 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Headers
Content-Type, *
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 00:41:12 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 00:41:12 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame F0F7 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 00:41:12 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame F0F7 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Fri, 10 Sep 2021 00:41:12 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
935975
ad.mail.ru/vast/ Frame FE41 		60 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/935975?rand=3753260&sc=2453591051&dl=moevideo.biz
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:12 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
935975
ad.mail.ru/vast/ Frame FE41 		60 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/935975?rand=5704870&sc=2453591051&dl=https%3A%2F%2Fask.fm%2Fspadebook33
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:12 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
197143
ad.mail.ru/vast/ Frame FE41 		61 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/197143?pr=6183701&sc=2453591051&dl=https%3A%2F%2Fask.fm%2Fspadebook33
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
db4857f9c629c7255011feed900ea424555f595daea63a20cb9d28f659024778

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:12 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
362146
ad.mail.ru/vast/ Frame FE41 		0
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/362146?rand=6446418&sc=2453591051&dl=https%3A%2F%2Fask.fm%2Fspadebook33
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:12 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
362146
ad.mail.ru/vast/ Frame FE41 		0
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/362146?rand=339104&sc=2453591051&dl=moevideo.biz
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:12 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
942495
ad.mail.ru/vast/ Frame FE41 		60 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/942495?rand=5765408&sc=2453591051&dl=https%3A%2F%2Fask.fm%2Fspadebook33
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:12 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
942495
ad.mail.ru/vast/ Frame FE41 		60 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/942495?rand=8585424&sc=2453591051&dl=moevideo.biz
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:12 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
726513
ad.mail.ru/vast/ Frame FE41 		60 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/726513
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 00:41:12 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
get
pub-eu.p.otm-r.com/ Frame FE41 		65 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pub-eu.p.otm-r.com/get?placement_id=58b41eb87a379fc852fa4496&when=pre&stream=instream&domain=https%3A%2F%2Fask.fm%2Fspadebook33
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1707/mvplayer.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.69.72.5 -, , ASN (),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
a9179676206755fbdcaf25d2c0958cf0ef14c8a787f38c966b9dbd8013b919f0

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 00:41:12 GMT
server
nginx/1.17.0
vary
Origin
content-type
text/xml
access-control-allow-origin
https://moevideo.biz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
65
expires
0
ad
v.lkqd.net/ Frame CE53 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fspadebook33&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=25358340&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.184 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
b91cd48852cd08c27a9815bb1b6402368f59489e81bb9ae7d24034a8d123f23c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:13 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1353
vpaid.js
ad.lkqd.net/vpaid/ Frame 08DE 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:13 GMT
content-encoding
gzip
last-modified
Mon, 10 May 2021 16:09:54 GMT
etag
"18431b5d583ab7507824ab63424fc76a"
x-hw
1631234473.cds017.fr8.hn,1631234473.cds107.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62012
usync.html
ad.lkqd.net/cookie-sync/ Frame 7830 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 10 Sep 2021 00:41:13 GMT
content-encoding
gzip
content-length
1868
content-type
text/html
last-modified
Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges
bytes
etag
"81f08e6987a7c8675462207e3514d72e"
cache-control
public, max-age=1209600
x-hw
1631234473.cds017.fr8.hn,1631234473.cds226.fr8.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fspadebook33&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=25358340&m=&rtv=1&thost=ask.fm
Protocol
H2
Server
146.20.132.184 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 10 Sep 2021 00:41:13 GMT
content-length
0
access-control-allow-origin
https://ask.fm
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
ad
v.lkqd.net/ Frame 08DE 		0
0
cs
cs.lkqd.net/ Frame 7830 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:13 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 7830 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:13 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 7830 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:13 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 7830 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:13 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 7830
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8632571902530157938
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8632571902530157938
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 00:41:13 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8632571902530157938
pragma
no-cache
date
Fri, 10 Sep 2021 00:41:12 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
t.lkqd.net
URL
https://t.lkqd.net/t
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjJjYmJlZjItYjRlOS02ZDM2LTU2MWEtZDc5MGZlOTFkZDZj
Domain
i.connectad.io
URL
https://i.connectad.io/api/v2
Domain
useast.quantumdex.io
URL
https://useast.quantumdex.io/auction/apacdex
Domain
pixel.onaudience.com
URL
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=40956236ede3ea41e75673ce27359298
Domain
match.adsby.bidtheatre.com
URL
https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0
Domain
aktrack.pubmatic.com
URL
https://aktrack.pubmatic.com/track?operId=7&p=156962&s=795650&a=3435608&ts=1631234468&wa=0&e=95&vc=2
Domain
ads.betweendigital.com
URL
https://ads.betweendigital.com/match?bidder_id=42837&callback_url=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D161%26b%3D%24%7BUSER_ID%7D
Domain
aktrack.pubmatic.com
URL
https://aktrack.pubmatic.com/track?operId=7&p=156962&s=662277&a=2645917&ts=1631234472&wa=0&e=95&vc=2
Domain
v.lkqd.net
URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Fspadebook33&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=25358340&m=&rtv=1&thost=ask.fm

Verdicts & Comments Add Verdict or Comment

174 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| onbeforexrselect boolean| originAgentCluster function| logError function| $ function| jQuery function| PerfectScrollbar object| Turbolinks function| Cursores object| Utils object| Events object| Browser object| Turbolinkz function| Actions object| Ajax object| Mutex function| Pages object| AjaxUI object| ScrollBar object| AnswerCard object| ProfileTabCounters object| ThreadCounters object| Pager object| Config object| Answers undefined| AskfmAd undefined| Atcomplete undefined| Autofocus object| Flash object| Uploads object| Avatar object| Background object| Form object| Button object| Captcha function| Recaptcha2onLoad object| Checkbox object| ConfirmDialog function| Log object| PositionFixedFocus object| FacebookSharing object| Lightbox object| Yandex object| TrackingGoals object| FormXHR object| Gdpr object| GoogleAnalytics undefined| HoverToActive object| LoginCheck object| MassAsk object| Media object| Notifications object| Offers undefined| Optad360 object| PhotoAnswer object| Photopoll object| PopupCallback object| Pymk object| Pyml object| Questions object| SecretAnswers undefined| ServiceWorkerRemoval object| Stream undefined| Tagcomplete object| Toggle object| Tracking object| UpdatePinger undefined| Viads object| Viewport function| admiral object| googletag function| ym object| goal_name function| 4dm1r11545242527 object| Ya object| yaCounter48953915 function| eHost string| va string| vb string| vc string| vd string| ve string| vf string| vg string| vh string| vi string| vj string| vk string| vl string| vm string| vn string| url function| loadVidPlayers object| lkqdSettings object| vpaidLoader function| fbAsyncInit object| dataLayer object| lkqd object| mobile_blocked_mfs function| lkqd_http_response object| FB object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| AdSlotCollection object| regeneratorRuntime object| pbjs325474 object| __oa360ScriptsState boolean| __isGoogleAllowed object| __uspClient object| __cmpClient function| pbjs325474Chunk object| _pbjsGlobals function| JSEncrypt object| ADAGIO function| avPlayer function| viadsClosePlayer object| sas object| apntag object| _ADAGIO function| Hls object| storageAni string| viPlayerStatus object| __VR object| s object| c object| h object| sl function| Tapad function| loadCMP boolean| sas_noad number| google_global_correlator object| pcodeJsonp43442gQqtU6iFq2 number| pr function| AdFox_getCodeScript object| adfoxAsyncParams object| adfoxAsyncParamsScroll object| adfoxAsyncParamsAdaptive object| yaSafeFrameCallbacksStorage boolean| isLoadingSafeframeStarted object| ya object| mv42064340 boolean| yandex_context_perf_logging object| layoutConfig object| $sf object| yaSafeFrameAsyncCallbacks object| yaCounter652294 function| AdPlayerPro object| DMVAST function| playerPro

185 Cookies

Domain/Path Name / Value
ask.fm/ Name: locale
Value: de
ask.fm/ Name: uuid
Value: b2e18f2d-ca99-4da6-81c7-7d7151fa5d19
ask.fm/ Name: country
Value: DE
ask.fm/ Name: _m_ask_fm_session
Value: NnNFbDhlbkFIRnVrRzVzQkE0aEVKNDd3dXhramlRbFpqbEJuRHB4L01iZ2FyMXkxOVN3bEdJTmlmU3A1RmF3aWpPVHU2VWZHWnRhTWRIS2RTL0FHcGJaSUZiOEU4Ym5CR1JJc2ZIR21pSnowb2pFK2xyR080dXczOXJjVGtpb0kwOE5LVDZGTXp4ZGFHbVYraTZycTRWcXYzMWhPSHZpVTVTK0hjYmIrOGl4ZERyRU45N2N1N0l6bkkzSytNZEpuQ1RTQ0J1NWdZaGdrTVl1MVh5eUR1QmdQYjhmbWFvWUZSaEpUbFhmejkzSlRLU2QyTngyUEdaWWFMd2dObXRNQS0tbXdPbzU5M2xxRUlmUXA4OS82QjFVUT09--7c45e3862631ff54a136aadd36c49b7fa015e79c
.ask.fm/ Name: _ym_uid
Value: 1631234463427757091
.ask.fm/ Name: _ym_d
Value: 1631234463
.bidswitch.net/ Name: tuuid
Value: fdbbf0d3-14c9-4e18-beb2-1f263514daae
.bidswitch.net/ Name: c
Value: 1631234463
.bidswitch.net/ Name: tuuid_lu
Value: 1631234463
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 99457828fake
.ask.fm/ Name: _ym_isad
Value: 2
ads.stickyadstv.com/ Name: UID
Value: dce92ee15bffc23d8e31137e73f8f28
ads.stickyadstv.com/ Name: sessionId
Value: b27c84973c1fc837b08ca5ada229281
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 2879634094fake
.turn.com/ Name: uid
Value: 8632571902530157938
.yandex.com/ Name: yandexuid
Value: 3428932541631234463
.yandex.com/ Name: yuidss
Value: 3428932541631234463
mc.yandex.com/ Name: yabs-sid
Value: 2166057481631234463
.yandex.com/ Name: i
Value: 4hdUvzLkC6htxUcdV/clzyPcX2rnAfhsDSWYOdsM5O9li/UIZEH4u13hN8QUDwS3Qfu9NALTkTOckjlLZxsWJwjJvkA=
.yandex.com/ Name: ymex
Value: 1662770463.yrts.1631234463#1662770463.yrtsi.1631234463
.adsrvr.org/ Name: TDID
Value: be919faa-1a75-4dee-97fe-3f0e168429c9
.ask.fm/ Name: _ym_visorc
Value: w
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-b002ce4b-af79-4b56-b8be-e8737ddf4673-003%22%7D
.vidoomy.com/ Name: vidoomy-uids
Value: eyJ1aWRzIjp7IkJTIjp7InVpZCI6ImZkYmJmMGQzLTE0YzktNGUxOC1iZWIyLTFmMjYzNTE0ZGFhZSIsImV4cGlyZXMiOjE2MzM4MjY0NjN9LCJVTiI6eyJ1aWQiOiJSWC1iMDAyY2U0Yi1hZjc5LTRiNTYtYjhiZS1lODczN2RkZjQ2NzMtMDAzIiwiZXhwaXJlcyI6MTYzMzgyNjQ2M319fQ==
.ask.fm/ Name: _awl
Value: 2.1631234463.0.4-be78ea3e-f9a2422dcaa1bd348c1a3c13a0ec8a74-6763652d6575726f70652d7765737431-613aa99f-0
.ask.fm/ Name: _ga
Value: GA1.2.1785975214.1631234464
.ask.fm/ Name: _gid
Value: GA1.2.837632158.1631234464
.ask.fm/ Name: _gat_UA-12308109-15
Value: 1
.viadata.store/ Name: viads_uid
Value: c2acdbca-6d63-4dcc-bef8-e53f751fb959
ask.fm/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.openx.net/ Name: i
Value: 4d085261-d419-0c65-192c-45c1505420f1|1631234463
.openx.net/ Name: v
Value: 1
.openx.net/ Name: pd
Value: v2|1631234464|vN
.spotxchange.com/ Name: audience
Value: c73c13a8-11cf-11ec-abc9-1fe3cd8f0006
.smartadserver.com/ Name: pbw
Value: %24b%3d16890%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 259837=4570601
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D60311%3B%24qt%3D25_1045_42811t%3B%24dma%3D0&c=1&l=1881784456&lo=-721590141&lt=637668384640425470&o=1
.smartadserver.com/ Name: sasd
Value: %24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D60311%3B%24qt%3D25_1045_42811t%3B%24dma%3D0
.adnxs.com/ Name: uuid2
Value: 8753280251054543738
ask.fm/ Name: cto_bidid
Value: 3N76oF9lZ3BmdnM2QUw2V2pFajZ2U3BYc1cxNjh5NUswNDlPYyUyQnBoS2oxenQzU25CZWYxMDNpN0c4MFdLeTBORk5ka21XQmVpaHk5cWU4blZGUkt2azBmc0dnJTNEJTNE
ask.fm/ Name: cto_bundle
Value: L_-NYV9XTnBoQlUyRnpTZ09Edk9JR3JKOVFKMUZFNDhVNUNqZjJPaCUyRlFUenBKNmozblU2OTNkM0FJNEFvUU1tb2JzQUFJSkMxa2N6NTdxeTE1TzZrQTBuREp4JTJGMUlmbWl6T3pFM2psNlE5OXNjMXMlM0Q
prebid.a-mo.net/ Name: __amc
Value: 1_1631234464_1631234464
.a-mo.net/ Name: amuid2
Value: a6a6222a-a3e4-446e-bf5f-3b3a0c811550
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 99B50716-645B-4619-885E-FF6900806EF8
.doubleclick.net/ Name: IDE
Value: AHWqTUmmUsl2farLmFxVn64BDkjjrY0i3sbRwQfqf7mMFVfw_rp4Fw6OeCqYlSTjQzA
.adfarm1.adition.com/ Name: UserID1
Value: 7006098674996082839
.quantserve.com/ Name: d
Value: EP8BCwGbJPijAA
.quantserve.com/ Name: mc
Value: 613aa9a0-a05a4-1b52d-b6037
.yahoo.com/ Name: A3
Value: d=AQABBJ-pOmECEBiMPBkf5UjwaC6i_QIIiw4FEgEBAQH7O2FEYQAAAAAA_eMAAA&S=AQAAAikrgFY-iaOYPdVM0qaeBqY
.erne.co/ Name: u
Value: mP6c8yWZTjRovg8LPKj3XdLp
.adform.net/ Name: C
Value: 1
.mathtag.com/ Name: uuid
Value: c3a1613a-a9a0-4400-901c-beee312d150c
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-8753280251054543738
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESENTIr-0_0qIBssK1GrxVwuA&KRTB&16514-CAESENTIr-0_0qIBssK1GrxVwuA&KRTB&23025-CAESENTIr-0_0qIBssK1GrxVwuA
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-no-consent
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-mP6c8yWZTjRovg8LPKj3XdLp
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 19420-wWHgSZZpshjaMeMdlmT-GZVl4UzaMuUYxGcZA9CR&KRTB&22979-wWHgSZZpshjaMeMdlmT-GZVl4UzaMuUYxGcZA9CR
.simpli.fi/ Name: suid
Value: 762AF14F632641BB920CDABAF016FA99
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAFvFwmtoZmxoZGxiYmZibmACAC56sj8QAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNrQwNzS1NDextDA0NDewNLA0MxfiM9RNzC91iXR3N3J3jHeV4jU0MzY0MjYxMTMxNzAGAIWXO6o0AAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNrQwNzS1NDextDA0NDewNLA0MxfiM9RNzC91iXR3N3J3jHcFAGBModklAAAA
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7006098674996082839
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-8632571902530157938
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-be919faa-1a75-4dee-97fe-3f0e168429c9&KRTB&22918-be919faa-1a75-4dee-97fe-3f0e168429c9&KRTB&23031-be919faa-1a75-4dee-97fe-3f0e168429c9
.adform.net/ Name: uid
Value: 2460156151415142363
.taboola.com/ Name: t_gid
Value: 222df056-1e86-4e45-92cb-a33e42b109cf-tuct8342f20
.de17a.com/ Name: guid2
Value: 1.9109962894328357128
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:ec47613a-a9a0-4400-88c3-4f3971a0b5d2&KRTB&16736-uid:ec47613a-a9a0-4400-88c3-4f3971a0b5d2&KRTB&23019-uid:ec47613a-a9a0-4400-88c3-4f3971a0b5d2&KRTB&23114-uid:ec47613a-a9a0-4400-88c3-4f3971a0b5d2
.pubmatic.com/ Name: SPugT
Value: 1631234463
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-b002ce4b-af79-4b56-b8be-e8737ddf4673-003%22%2C%22nxtrdr%22%3Afalse%7D
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-5802539667209419446&KRTB&23263-5802539667209419446
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-fdbbf0d3-14c9-4e18-beb2-1f263514daae
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-9109962894328357128
ads.playground.xyz/ Name: connect.sid
Value: s%3At7Xvu_YBH0x3dUyMgpEDkfojf4dhF9om.kPMR%2BKK0QZN%2FGU4saJ9MY%2FQwECMznobXmBmDVyn9A08
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-b002ce4b-af79-4b56-b8be-e8737ddf4673-003&KRTB&17107-RX-b002ce4b-af79-4b56-b8be-e8737ddf4673-003
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YTqpoAAAVIlJPAAT
.bidr.io/ Name: bito
Value: AABtN07CdVMAABREzLmq8A
.bidr.io/ Name: bitoIsSecure
Value: ok
.gumgum.com/ Name: vst
Value: e_41fcf18c-4708-488e-894a-d8c42b5365c8
.viadata.store/ Name: viads_sc
Value: %7B%220%22%3A1631234464%2C%2230%22%3A1631234464%2C%2227%22%3A1631234464%7D
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 22978-YTqpoAAAVIlJPAAT&KRTB&23194-YTqpoAAAVIlJPAAT&KRTB&23209-YTqpoAAAVIlJPAAT&KRTB&23244-YTqpoAAAVIlJPAAT
.pubmatic.com/ Name: KRTBCOOKIE_1074
Value: 22956-e_41fcf18c-4708-488e-894a-d8c42b5365c8
adx.com.ru/ Name: yabbi-user
Value: 613aa9a0d41e067c97d21506
.onaudience.com/ Name: cookie
Value: 5791f898492934fe
.onaudience.com/ Name: done_redirects147
Value: 1
.dmg.digitaltarget.ru/ Name: viuserid
Value: L1AKZRS.RAAJFFc7F55g
.adriver.ru/ Name: cid
Value: AR7mT70WzjU-6OyxtJVHtbw
.onaudience.com/ Name: done_redirects104
Value: 1
.rutarget.ru/ Name: userId
Value: 0tg3WBmcLP5q
.tribalfusion.com/ Name: ANON_ID
Value: aVns6EpyXagbqiVREF6qfLZdtMyB8G0j4Jp6sd4Jd1636nEvAZa2XcOWJAvu6E4Zc6JHfdtZbpKH30jT79wZbfOVr
.pubmatic.com/ Name: pp
Value: 156498
.pubmatic.com/ Name: PMDTSHR
Value: cat:
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: c030b4cf59ac3ade
.sportradarserving.com/ Name: zuuid
Value: d96529e4-0670-4342-a8bb-9b602b67ced8
.sportradarserving.com/ Name: c
Value: 1631234465
.sportradarserving.com/ Name: zuuid_lu
Value: 1631234465
.smartadserver.com/ Name: Trk0
Value: Value=1438277&Creation=10%2f09%2f2021+02%3a41%3a05
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1631234465
.sportradarserving.com/ Name: pvc2
Value: prUAFVTiRfGELjzXPvVd1nm_NJ9lJY-Qji31nqAANQvuKfhg9qR-BWo6retaFCxiS2PosVvayCLeO0JcX0T9XyCWOcDhGZontQwJg8Uq2K0xcBmgxYT61m7MSItrCpS8f4gAFq-2aVtvd-ArJ0-w7VCMWf85dxGQhlEeRPy5LkHb7WytMPCie5ztcSOw43Crpcp4e5bUG_yzQChlWPCIsSM1wBgvfmqahrOJMlMty7r26MYf1HG4aWbxBrXd4YE3Qvmt-rPZtTQcU2vgtPYxgO6_D8wmW_tjbQDd2g-3LihdMcITlVCVvub4m_SB40WdfmsKgXUKZ_rmSFCICAG3rBxoyTtRyy91IxOa5Vgg7EB5LkqaYk7t2RmW51AoDM1126lvB7x0Ckhdw9i8EMTC5TjLDrZ-dGvnfaByy6_tmYVndEeSLNO4nH1_DTZH5YsMEfGUhFRZwsZ-HuBNfR1UUO4O2EmCjrg1amSdCrSUCtZd_aeT0YMwnJm3Yp9PRWc6MryymkS0ZuBxvKAcjRIMNiUsUjUztP5Nuk3yZUTEMLwOzul6SIiqc1g2eUhWjU1VhBj59xC3bMndphkEmYOCHhGx1Bh17D0mQDJkFHS71msjDsZwXadQPntGh-eMPoCaxPLG5IiViFJDYn1GTwoh85SWwQdSjuiAWboONERjJLlVSDfv6_yBT-udS1B4_pE8hRDkVkx-bU-mfIW4XBfqidoqWApL6LO7eNyFOTlzrWHy3VzEtY1bj9-Ge2Jwsv1CrwVTRxpH0BBBIyt1yAYqTOUYYom8xlFWHYhJXaLCoPYdUDnryTRMRQI0T2BRev9GCaU7ScH_y7LwfHgBnaYpfGJ4h1dyZ48AbbOels5po8s9FkeqF_FbJWqSlNw78QI0rHhsy1JTIAv845tcKsgB0bRaHTNixfuFsNw0Gj4iee29Ooz2Zba51M0jJE6d5P744mPDe5hKvzbtGgYXljZc3Jn9sjY2MCLogil7hCDWLY23J7qwpiAmkODAqcqEyMhd2Fi2_VyacMSijjBLYeI7S7-096N1svS0WEpOixPA0Teg1AQIevwY76fddz9YLWmgrvVqCXbgpxAWNZkY3mSgoDUK6pgZkX3XwtF1GlsltCM-m_5AtneaCEqMIvF6bGWhFI7t42Dyf2_9,ojE4Xe9--p0e6jWuZ3FXug,KVFBbOCyxcmhBVvRmxkpcw,WPmWukykxPIP5dHUIZplhg,KVFBbOCyxcmhBVvRmxkpcw,kvHnb6J8Cc4FRKr7knZHXg,KVFBbOCyxcmhBVvRmxkpcw,pEAUKGC6nhT7wCnM4wpMfQ,KVFBbOCyxcmhBVvRmxkpcw,U6jq-n_6rENBinJDVjKfvw,KVFBbOCyxcmhBVvRmxkpcw,iRFxMMc6WnFCJdw8MWRx4Q,KVFBbOCyxcmhBVvRmxkpcw,GC2YtHodDZYicqOLK8mnyQ,KVFBbOCyxcmhBVvRmxkpcw,MNjmGSind2a1B1A5UtXktg,KVFBbOCyxcmhBVvRmxkpcw
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 40956236ede3ea41e75673ce27359298
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMDGwNDUzMjZLTUk1Tk00MUw1NzUzN05ONTI3NrU0srRgAIJEq5ULQTQUAABADgob"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBItFq5EEhBAQAXKQHm"
.dmxleo.com/ Name: dmxId
Value: 217565BE6A82E7000QAMWWFKIBLODWXAG
.flashtalking.com/ Name: flashtalkingad1
Value: "GUID=50012ED3DFFDB6"
.feedad.com/ Name: fa_8461718b-151b-486e-8ea2-a9b349f07f98_u
Value: d96529e4-0670-4342-a8bb-9b602b67ced8
.aralego.com/ Name: sspid
Value: 7afd20c3-6271-3fa3-98ec-404850351129
.onaudience.com/ Name: done_redirects219
Value: 1
.exelator.com/ Name: EE
Value: "724661a8a746a9fe5c8df5f8f24d3bed"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHcyMTMzDDRItHcxCzRMi3VNNkiJc00zSLNyCTFOCk1ZXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yMJySX5RZvoiF9fFRSlpDItKik8F7302GQCbyysY"
.tapad.com/ Name: TapAd_TS
Value: 1631234465515
.tapad.com/ Name: TapAd_DID
Value: 38521a83-bb43-4d48-86fd-e836d6e7a4cd
.fwmrm.net/ Name: _uid
Value: "l1e52_7006098679283637919"
ads.stickyadstv.com/ Name: uid-bp-36033
Value: l1e52_7006098679283637919
ads.stickyadstv.com/ Name: MRM_UID
Value: l1e52_7006098679283637919
.flashtalking.com/ Name: _D9J
Value: 005a57fe507f479991ffd238949bd35a
ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESEDnGf47Q2X-YrRDKC3yWJZE
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwiI7c_Btv_5ORAFEhQKBXRhcGFkEgsIsNOszrb_-TkQBRgBIAEoAjILCNSwqvzM__k5EAU4AVoJc3RpY2t5YWRzYAI.
ads.stickyadstv.com/ Name: uid-bp-892
Value: be919faa-1a75-4dee-97fe-3f0e168429c9
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!6072
.360yield.com/ Name: tuuid
Value: eaf2d9b6-ead4-4733-9e65-044f32667226
.360yield.com/ Name: tuuid_lu
Value: 1631234466
.yandex.ru/ Name: yandexuid
Value: 1951451941631234466
.yandex.ru/ Name: i
Value: XZGY3US/5QGLA0y1TDmQvIxVQIOjT8MAfvD7jnvsrJDe5+AFxIEGn+0gK0UembTZCgf8VdstjatbR1g2AZaW2EldYRs=
ads.stickyadstv.com/ Name: uid-bp-951
Value: 8753280251054543738
ads.stickyadstv.com/ Name: uid-bp-717
Value: y-n74x9YJE2oNAagO6byHyribXCrd.MEpyvbhOOoIL~A
ads.stickyadstv.com/ Name: uid-bp-529
Value: c3a1613a-a9a0-4400-901c-beee312d150c
ads.stickyadstv.com/ Name: uid-bp-26913
Value: AABtN07CdVMAABREzLmq8A
ask.fm/ Name: freewheel-detected-bandwidth
Value: 275
.w55c.net/ Name: wfivefivec
Value: kVIHXRy11MouBk5
.w55c.net/ Name: matchfreewheel
Value: 5
ads.stickyadstv.com/ Name: uid-bp-23329
Value: kVIHXRy11MouBk5
ads.stickyadstv.com/ Name: pxId
Value: 9777
ads.stickyadstv.com/ Name: uid-bp-45
Value: YTqpoAAAVIlJPAAT
playreplay.me/ Name: mvuid
Value: 186662e8883042b41dc9
playreplay.me/ Name: mvsid
Value: 09cb98f4-8b75-4da8-9ce4-569945c2eec1
moevideo.biz/ Name: mvuid
Value: 186662e8883042b41dc9
moevideo.biz/ Name: mvsid
Value: 09cb98f4-8b75-4da8-9ce4-569945c2eec1
thesame.tv/ Name: mvuid
Value: 186662e8883042b41dc9
thesame.tv/ Name: mvsid
Value: 09cb98f4-8b75-4da8-9ce4-569945c2eec1
ads.stickyadstv.com/ Name: uid-bp-30833
Value: 1
playreplay.net/ Name: mvuid
Value: 186662e8883042b41dc9
playreplay.net/ Name: mvsid
Value: 09cb98f4-8b75-4da8-9ce4-569945c2eec1
cs-0.moevideo.biz/ Name: mvuid
Value: 186662e8883042b41dc9
cs-0.moevideo.biz/ Name: mvsid
Value: 09cb98f4-8b75-4da8-9ce4-569945c2eec1
.adnxs.com/ Name: icu
Value: ChgI_t1aEAoYASABKAEwo9PqiQY4AUABSAEKGAibu10QChgBIAEoATCg0-qJBjgBQAFIARCj0-qJBhgB
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: DPSync3
Value: 1632441600%3A226_227_201_197_219_221%7C1633824000%3A232%7C1631318400%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1631836800%3A2_223_15%7C1636416000%3A69%7C1632528000%3A35%7C1632096000%3A63%7C1633824000%3A203%7C1632441600%3A166_233_99_8_165_81_3_7_176_104_234_56_88_13_57_21_222_22_220_71_54_204_189_231_161_55_230_5
.w55c.net/ Name: matchpubmatic
Value: 5
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:kVIHXRy11MouBk5
.pubmatic.com/ Name: PugT
Value: 1631234467
.fiftyt.com/ Name: fifid
Value: 9f77f27a-d939-4e81-7c59-fc7057596384
.fiftyt.com/ Name: cs
Value: MTYzMTIzNDQ2N3xEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fE7vNzpnGFPzGJhOLB_6TZIO2zU4ohi8YVKc74hTex5T
.fiftyt.com/ Name: fppm
Value: 20210910004107
.semasio.net/ Name: SEUNCY
Value: F4BB3E7E85CDE269
.zeotap.com/ Name: zc
Value: 1f4672ec-55f9-44f6-7dac-da8423f2e95e
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-55c6a26e-7c16-45be-41b6-409f9c805b60.s8dnR4p2%2BTU0GK6WC3RpY5rsDdUjc61iV%2F9A7BZqBJg
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0-55c6a26e-7c16-45be-41b6-409f9c805b60%24ip%24194.36.108.19.A20iKBgUa2y2Psneei6IM3db5dn0OkhuH%2FE3RWtqzyg
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-VcaibnwWRb5BtkCfnIBbYMIkbBM
.ipredictive.com/ Name: cu
Value: c966c27b-11cf-11ec-a9a1-2972a6622f69|1631234467650
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-c966c27b-11cf-11ec-a9a1-2972a6622f69&KRTB&23011-c966c27b-11cf-11ec-a9a1-2972a6622f69
.upravel.com/ Name: session_tptc
Value: 1631234468032
.adsniper.ru/ Name: uuid3
Value: IiRjOWExZmZmYy0xMWNmLTExZWMtODZlMC0wMDI1OTBjMDY0N2M*
.advertising.com/ Name: APID
Value: UPc9a4413e-11cf-11ec-ae6d-06efd8582e12
.lijit.com/ Name: ljt_reader
Value: 297cb7d52fd12dc67047e5d2
.mts.ru/ Name: dspid
Value: 25a9ea08-d4a1-45d8-8f46-324b468d9a75
.adhigh.net/ Name: gi_u
Value: u8zzHzJ29Lz1.AikABlF7zSao5g
.weborama.com/ Name: wui
Value: 5DB7858C-A47C-44B1-9657-9BC8A5E04B1B
ads.smartstream.tv/ Name: DID
Value: eba40a42daeed875f81f00393d985604
ads.smartstream.tv/ Name: idt
Value: 100
ads.smartstream.tv/ Name: permanent
Value: 1
.upravel.com/ Name: user_id
Value: 9a7eb090-76c1-4547-a6f7-d6139ca6932c
.casalemedia.com/ Name: CMID
Value: YTqppCCJJMbXm4CAFDxZgQAA
.casalemedia.com/ Name: CMPS
Value: 5225
.bumlam.com/ Name: suuid3
Value: IiRjOWExZmZmYy0xMWNmLTExZWMtODZlMC0wMDI1OTBjMDY0N2M*
.analytics.yahoo.com/ Name: IDSYNC
Value: "18z8~20bc:194a~20bc"
.yahoo.com/ Name: APID
Value: UPc9a4413e-11cf-11ec-ae6d-06efd8582e12
.yahoo.com/ Name: APIDTS
Value: 1631234468
.whiteboxdigital.ru/ Name: MiId
Value: e4a0d02b-0984-4d99-85c4-cbdbc56f9ab8
.quantumdex.io/ Name: uid
Value: 826d07eb-0cf2-4cbb-83e4-4066639efae4

241 Console Messages

Source Level URL
Text
network error URL: https://ask.fm/spadebook33
Message:
Failed to load resource: the server responded with a status of 410 (Gone)
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9391.Zo-KRg9SWL_yMuCCJBfiqtCbd7Z8CdybswGRPpnCYBL0b_bMU6x1BJYDQk5KpH5Rh1nf3yM72NIaOowA45wsNg%2C%2C.oA2cVtk4r22REC70R-F1tNB-Mqg%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript error URL: https://ask.fm/spadebook33
Message:
Access to XMLHttpRequest at 'https://i.connectad.io/api/v2' from origin 'https://ask.fm' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://i.connectad.io/api/v2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://ask.fm/spadebook33
Message:
Access to XMLHttpRequest at 'https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjJjYmJlZjItYjRlOS02ZDM2LTU2MWEtZDc5MGZlOTFkZDZj' (redirected from 'https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fask.fm%2Fspadebook33&cb=1508583271&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C1771083074143345888660584968,,') from origin 'https://ask.fm' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjJjYmJlZjItYjRlOS02ZDM2LTU2MWEtZDc5MGZlOTFkZDZj
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://static.viralize.tv/viralize_vpaid.min.9026482f.js?e=ops
Message:
Allow attribute will take precedence over 'allowfullscreen'.
javascript warning URL: https://loadus.exelator.com/load/?p=204&g=119&buid=
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://js.ad-score.com/score.min.js?pid=1000791&tt=g(Line 649)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript warning URL: https://js.ad-score.com/score.min.js?pid=1000791&tt=g(Line 219)
Message:
Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 8)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 8)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 8)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 8)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'none'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
javascript warning URL: https://z.moatads.com/betwayglobalftdisplay906661272790/moatad.js(Line 131)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
network error URL: https://c1.adform.net/serving/cookie/match/?party=18&gdpr=1&gdpr_consent=null
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: chrome-error://chromewebdata/
Message:
Failed to load resource: the server responded with a status of 403 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://cdn.connectad.io/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
network error URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://an.yandex.ru/setud/mts_banner/JanqCNShRdiPRjJLRo2adQ?sign=3331683762
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9a7eb090-76c1-4547-a6f7-d6139ca6932c.sync.upravel.com
a.audrte.com
a.sportradarserving.com
a.tribalfusion.com
a.vidoomy.com
acdn.adnxs.com
ad.adriver.ru
ad.lkqd.net
ad.mail.ru
ad.turn.com
ad4m.at
ade.googlesyndication.com
ads-eu.v.ssp.yahoo.com
ads.adaptv.advertising.com
ads.aralego.com
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.smartstream.tv
ads.stickyadstv.com
ads.vidoomy.com
ads.viralize.tv
adx.adform.net
adx.com.ru
ajax.googleapis.com
aktrack.pubmatic.com
am-0.moevideo.biz
an.yandex.ru
ap.lijit.com
api.feedad.com
apps.sascdn.com
ask.fm
aud.pubmatic.com
aws-fr-sync.bidswitch.net
bh.contextweb.com
bid.g.doubleclick.net
c.bannerflow.net
c1.adform.net
cdn.connectad.io
cdn.flashtalking.com
cdn.jsdelivr.net
cdn.ravenjs.com
cdn.stickyadstv.com
cdn.viadata.store
cdn01.nativeroll.tv
cdn02.nativeroll.tv
ced-ns.sascdn.com
clientside-video-bidder.rutarget.ru
cm.adform.net
cm.adgrx.com
cm.adsafety.net
cm.g.doubleclick.net
cmp.optad360.io
colossalcoat.com
connect.facebook.net
content.adriver.ru
creatives.sascdn.com
cs-0.moevideo.biz
cs.lkqd.net
csync.loopme.me
d16vsmxl4d5tw1.cloudfront.net
d3r6ceqp4shltl.cloudfront.net
d5p.de17a.com
d9.flashtalking.com
data.ad-score.com
dbq8hrmshvuto.cloudfront.net
dis.criteo.com
dm.hybrid.ai
dmg.digitaltarget.ru
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dx.frontend.weborama.com
e4a0d02b-0984-4d99-85c4-cbdbc56f9ab8.mitdmp.whiteboxdigital.ru
eu.sportradarserving.com
exchange.buzzoola.com
gcdn.2mdn.net
get.optad360.io
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
gum.criteo.com
htlb.casalemedia.com
i.connectad.io
ib.adnxs.com
ice.360yield.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
itx4.smartadserver.com
js-sec.indexww.com
js.ad-score.com
loadm.exelator.com
loadus.exelator.com
login.vk.com
logs.viadata.store
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
match.taboola.com
mc.yandex.com
mc.yandex.ru
mitdmp.whiteboxdigital.ru
moe.video
moevideo-sync.rutarget.ru
moevideo.biz
ms.quantumdex.io
mug.criteo.com
mwzeom.zeotap.com
nep.advangelists.com
odr.mookie1.com
onetag-sys.com
p.rfihub.com
pandg.tapad.com
pghub.io
pixel-sync.sitescout.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.tapad.com
pl.viadata.store
playreplay.me
playreplay.net
pm.w55c.net
polyfill.io
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prg.smartadserver.com
pub-eu.p.otm-r.com
public-prod-dspcookiematching.dmxleo.com
pubmatic-match.dotomi.com
px.adhigh.net
px.moatads.com
r.mradx.net
r3---sn-4g5lznes.c.2mdn.net
rd.frontend.weborama.fr
rtb-csync.smartadserver.com
rtb-msk-2.viadata.store
rtb.com.ru
rtb.gumgum.com
s.amazon-adsystem.com
s.richaudience.com
s.tribalfusion.com
script.4dex.io
search.spotxchange.com
secure.adnxs.com
secure.flashtalking.com
servedby.flashtalking.com
serving.stat-rock.com
simage2.pubmatic.com
sm.rtb.mts.ru
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.adsafeprotected.com
static.viralize.tv
stats.g.doubleclick.net
stats.seedr.com
statsb.nativeroll.tv
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.bumlam.com
sync.dmp.otm-r.com
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.quantumdex.io
sync.richaudience.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.upravel.com
sync3.adsniper.ru
t.lkqd.net
tags.adsafety.net
tags.feedad.com
tech.rtb.mts.ru
thesame.tv
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
useast.quantumdex.io
v.lkqd.net
viadata.store
vid.pubmatic.com
vidoomy-d.openx.net
viralize-d.openx.net
visitor.fiftyt.com
vk.com
vpaid.pubmatic.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.tns-counter.ru
www8.smartadserver.com
x.bidswitch.net
yastatic.net
z.moatads.com
ads.betweendigital.com
aktrack.pubmatic.com
c1.adform.net
cm.g.doubleclick.net
i.connectad.io
match.adsby.bidtheatre.com
pixel.onaudience.com
t.lkqd.net
useast.quantumdex.io
v.lkqd.net
104.120.60.249
13.248.242.197
130.211.115.4
138.201.34.238
141.95.34.105
142.250.178.130
142.250.75.226
146.185.194.45
146.20.132.134
146.20.132.184
146.20.132.63
147.75.38.124
148.251.129.43
148.251.236.115
151.101.193.44
151.101.194.49
151.139.128.11
157.90.0.13
159.69.72.5
162.55.233.28
162.55.6.212
169.50.137.190
173.231.180.197
178.162.133.149
178.250.0.157
178.250.0.163
178.62.202.251
18.156.0.31
18.158.22.228
18.184.95.242
18.185.205.93
18.195.69.184
18.198.117.246
18.198.126.47
185.15.175.132
185.180.43.83
185.183.112.155
185.29.134.244
185.33.221.90
185.64.189.110
185.64.189.114
185.64.189.229
185.64.190.75
185.64.190.78
185.64.190.80
185.86.137.17
185.86.138.142
185.86.139.58
185.86.139.96
185.94.180.123
185.94.180.125
188.34.131.130
192.96.200.41
193.0.160.128
193.138.77.140
193.232.148.151
195.201.152.110
195.209.108.39
198.148.27.140
2001:4de0:ac19::1:b:3a
2001:678:cb4:bbbb::11
2001:6d0:4001::226
205.185.216.10
209.197.3.19
209.54.178.82
213.155.156.182
213.19.147.44
213.19.147.45
213.87.44.187
216.239.32.21
216.239.34.21
216.52.2.48
217.66.147.170
23.111.115.236
23.111.115.244
23.111.115.92
23.111.119.12
23.111.211.20
23.111.96.52
23.40.112.228
23.40.112.51
23.40.113.157
2600:9000:20e1:c200:11:3771:2e40:21
2600:9000:2113:da00:11:a4de:2580:93a1
2600:9000:2117:b400:c:d85b:b300:21
2600:9000:218d:3600:13:811c:e440:21
2600:9000:218d:6800:a:deb0:3380:93a1
2600:9000:219c:fc00:6:b871:4f00:93a1
2606:4700:10::6816:1957
2606:4700:10::6816:397e
2606:4700:10::ac43:8ae
2606:4700:20::ac43:4a81
2606:4700::6810:d40
2606:4700::6812:8ca
2606:4700::6812:d05
2606:4700::6812:fa1
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1148:db00::17
2a00:1148:db00::28
2a00:1288:110:c305::8000
2a00:1450:4001:10::8
2a00:1450:4007:805::200a
2a00:1450:4007:809::200e
2a00:1450:4007:80a::200a
2a00:1450:4007:80f::200e
2a00:1450:4007:81a::2008
2a00:1450:400c:c07::9c
2a02:2638:1::13
2a02:26f0:d9::58dd:3012
2a02:26f0:d9::58dd:3049
2a02:26f0:d9::58dd:305b
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8::90
2a02:fa8:8806:16::1400
2a03:2880:f030:13:face:b00c:0:3
2a03:2880:f130:83:face:b00c:0:25de
2a03:90c0:1d1:2801::14
2a04:4e42:200::300
2a04:4e42:400::729
2a04:4e42:600::282
2a04:4e42::485
3.120.43.188
3.124.203.132
3.129.250.65
3.213.248.174
3.66.135.160
3.69.77.40
31.172.81.159
34.120.25.144
34.249.65.165
34.252.144.15
34.254.122.11
34.98.107.212
34.98.67.61
35.158.223.21
35.186.238.232
35.190.16.14
35.201.80.102
35.201.96.126
35.201.96.133
35.227.248.159
35.241.45.217
35.244.159.8
37.157.4.24
37.157.4.29
37.157.4.40
37.18.16.21
37.252.172.38
38.27.122.101
38.91.45.7
51.77.65.176
51.89.9.251
52.44.213.11
52.44.220.233
52.49.37.161
52.71.206.53
54.76.92.25
66.155.71.150
74.125.206.156
77.243.60.138
80.64.106.149
80.64.106.152
80.82.217.103
80.82.217.93
81.163.17.245
83.222.114.186
85.114.159.118
87.240.129.135
87.240.139.194
92.122.149.105
92.122.149.30
92.122.149.47
92.122.150.58
92.223.103.116
92.223.103.58
92.223.103.67
92.223.106.12
92.38.138.105
92.38.138.145
94.23.73.243
95.217.114.174
0136ca6ff50b5be05c9f666ba8e0718021cc7d12b24a5c327f7dc0d9e117010d
02c2e914e29e6301e6b90a583e2050106f1154732cb6245cb2faa966e4e04f7b
05159a7a284bf9a29bfa3731f08c49fab429d4ee95646141036a61dc5833bd90
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540
059b72f14737050f8ac4856e24946f99722e5de465e6b5310e6d32072cc3131e
069324895c2a40625e5287e5956f6197d9d57d3416db1880ea827be69db439da
069a660398be8db8f9b6d8dad3f052d9a061b697b5354c24784c62d3df0a82f7
07a55793d265536e1d343432f595703d05f954abb11ee0cd2e15764e0d54a69f
09a1035ead5512982d8e543a9f0ca11d44a49f301e105236bd0f32cf6da3e120
0b6672ab255a1e67f848020a163d8df7100d2b4893a454bb2e8a7186b1548151
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76
0d8bd083c78dd4bc0b74bf2e8e565ab52db09732f087ad3e902009ef70758932
10c861bc88c25be1f3ee98f7652bc7fbb35857f42f923e00c6037b757c77685e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
115d3d222e948b73289c8180d4c821ae08feed8d7c3c62d7abff966e1f890bbb
13c8ca362a71bc10a20c6272ffacaa1143e7ee6367647a0bd6998c583e7b96a7
13d8ecf1aacb252e42e56c88686dc72abf67f4cad939814df512e5190bc8512c
165eda3282bc8bae930b1b800c7894508e9a9094a613e6e430635ff0c3c10f92
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18c60715458a95298fdb9d8ac01255409a6e2aa2736175efdaebf255aa06c7e4
1c24b5cb3859886782353296b2915ec18d08b329f9dbcc1737d31d2cf34a6ee6
1e51fd15944329fa0576ec339cc9071c33ce181e029f486625273f41cc4db361
1f899a70037c22f406429658305232b6e9aad210092284833a260a7fc357b8f9
1ff5975e299124ad627f8d1237a082a8ef293f752ca9e10414c225a5e79bf974
20f368defde6d7df46841a6e09c2f6305e63684b0474360efe9a284d8493df94
215e2b4701a87a55009174d5c4ef468509d3a8031ea80c161444e2a80b5e5ba0
21aa80733a2e64012e3f4f18beb996d922b2cbe4eb24fe383c556ee13baf1fd2
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772
24e3923321e38333574512073e08311bccc56afe6f0aacb5fedf6a3fba784db8
27775f7a06cebb0e5a8e6e3ea7d38b28b6387605145af0dc1ace0a96493fd5a7
280570f2a3e4d14d5790dc16ebfaa8e57b6af7daabb5d3323f522f490ecd156f
2858b882cb470f5f66333fcf3e1d4715730c5f71dccf5c6e98f5e6da7ec27bd1
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2bbcb59250b9114b48d664d571935ef205017ddb8860f740623aa4099750f46e
2c95edb514059559d1aafd3345ece82176c76390deb4225914c4eafface4c3f5
2dbdc9ce43f451197930c2ad2904040c236e395cb00eabeace3396e8d1a5cee9
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2fc0743b79d614f1feb1930e0926dcef3cab9fbb094969875b576aaa5f5d19b5
30c065c5189582302f1fc91edd7f8c99956f6f8bd6c4b242081f41ab1c772b08
334b0a97ec6bd9277f5e2e9ccee5c95026a43510900d2b3b3ac8d448c8bdf903
3419057d4d0ea2416ad392eb797ded2ac1033896fc70df1dadd4eaad31862bf1
3649f57f6df23c7708eea467e4bfd0b1fe8c5e4860ba69e4f4b6d179c888d125
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3a1ecfa819ced4074bab4349a235468af542042d56dc7beec4dbd2b677a8ee58
3abbe3ba6aa549ad35dacfab1732c3ec1c662909a6d6449e7e965db74ac4cce2
3c50e9629fa1a0f26d8a6a017db615c5fc46af69bf4f2e28f6f5e6b05336289e
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d9997c626bcef2e373a0c2c96ae97eed72f1a89ff26c70224f635917f58a9e0
3e7b929f46fddf638bb3adbc002956675d5f00f3f2726e2cc3722444d51a19fa
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1
3f32ab7d466ee99b7e292e7b830b4c2ae03c2f959a0555264a01ceb892a15392
4046d0906f726ed383a2da2d75a660b940d2a70f65f99c8d0877ef2d0e2d48af
407837d8c439977d467f0868cc7be102ffbe3e0d354b3375cbf5d60804d98fd7
410bab830d27671f97b2c3939d8839d9c8dab63b0dcb1852b3edf5ee5cd7e7b9
41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
443d41c905362e5073c79212ec86c5f69ddcfbc38f5530c6409b73c604e74259
45d16e2150b963fe5a16969a2326ec15144964742430a85938ceaa833f0d8aaa
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98
4a59afde8e0c966992b4cf31107f3e706e78572223f8f28162c218673bf7a71b
4d1fe7d30a7c259a06e15aa44ddbe612a87c267f745c0e2ddcee32de07a85693
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f690afa12a3d3a49c9a66dd294323218f74ccde4151fb2392f4a89e2432a29f
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e
52732007dd790f73859fc299aef99cd5aaff8c209e045f02ce3b0285a0567095
52797754e44d0c6c637f4bcda0d29317b777e359a60a8d267903634b0edfb5d1
52f714c3f78011bc97493a37219e75e9edf220b7e9de5e7c3f40d6644c7a3232
53d42d687e2602c5d8ab6a764e48c272dc48648a854cb5fe84ed092efa13dbbe
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74
5837176a5be205c861565cdec44ff713ed7874620fd4b2967a59a0d184477a48
5a253c5cc75790e559cda76e8de21cac68fc7af7e93f3cd76ea1eca314f8d021
5afe540c92182fd4572eadf02dd03cc8271115f41fabb1fcff1867425985d48a
5df35e3fd1bfa989bc9d40d5fbade2bfe0e7fb988075904e0466bf2f686e98cf
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5ebf83e1fdc9f7c5d8f1e638a031ea6de31a9cc0dd0b19fc172d34e6b2ddf911
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60068a3e0907fab4470c9fe988f9a78709119c390304135a667be98fd4633464
60a205f7064af0688992f1986552f4c508d498edac40b689019786ff8c397027
61732724ef457a86cb694449dcd434f954d42a2b50d873a96745f1a7ebac7aca
617ba2dc77da6e3d059e36ff53297f52b52a74390302b4d3cbb080d83590ba88
6243d76b5b5b75e0fdec055242a5c57611b00947964c66c498e90dedb47fbdba
62cb548b1f90f78f37186ee658c37d108ff3eba8f19d56668b0fc01fb53e2579
630f7c17bc86a407fcab331f8806df7048506586183ed9fe0ef3dfc3f7cbe9d0
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67b67c308cca71eeecb17ae844691a10ed6ebf67f0513c9b236966e60321cc43
67c1459c2f23ce9133cb834183097830b53cd77882c1c99f3aa534474d3e4418
690ffda50762909fb778e25be1d99cd8e908476dfb993c3ecee01f25c4de2236
6910704cc567c1c523714285579136cc385037049ef3e7fb82744b12c12ad539
6918a34111d8ca8bdaf81622365acc974a135854e0f7c0ec34b466965e9fc7ff
69d4c25c29aa07240210f0578e668297b07d637e6bfc3639e936efbbb371f23c
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3
6aaf35342ce4cbca7759ea96905ce35914f2a816a214942e58e1c16f22548dc9
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6add357eb64adef558f956767816927de0b8be69dd7a8f50953a0f79ee20daee
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bf4d1a5ab84231d4d77a7aa49811be50601ad46f93002a7dfc4b29403980787
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
6cb73a9f3984133a1b10d788ef4ad389be140c6bb03e74bf9edca176299890a5
704b5fd701b82d8f4c92cf56d5c0b77fdf2c677d0457ec974a94aea9c699ab1a
713bfb822396c55c3a18ac888f3419ba46f0fae3adf7dc774495e7d8b1a2be61
72dcb6cb625e171517ba4fb891c6a5df69bb25e4cf98fdac7e1f9c5572a634f4
750527157dff7937ae6015a0326ccb925ccebfc19e659b321191a96a1c67557b
7568bf67bec31079e13d3eea3a735e7cf5179c15d6deb65822ce6c9bd23df350
756b9209561d2a2a4a54f2198bf8e6ebd9b8982452f3a7607026acc259211c81
78311911d14b21b090d929eaf97df372e3bf1c3d94109a39d017acb54e478265
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
7a59b390e99d47d3ca482d8700fdbd3020d14599032b754704d1db390e858d92
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747
7c17d261165ff9b6274adad01af4e5d49cfc9912747b84ac06beee55639cb3da
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f
7dce3ebdd112291129e425446ca24dab27f326d1dd47d25f33fb88b7b874413f
7e07453741eb445ade5cfacd24d3c6f1985cf0f014e7dd481a2db3d66ef395b9
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
8189270dac88cee8f85402a7cf917080e204c3dfe6131309c0c389d676113f0e
82ecd5f710510012e5abc98124339e8b65444c993cce3a3f5875dba1c781610e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8344ed8bfc89007d3d4bfa7dc668a84512a7ce67e5b9997b43818c0ce78ce31e
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
84d3aaf3356d655241bb1a9a8d4219ea5fba1e0af707e3d64b34fb48531a9786
86a90b183aecfa70018125329bdc860971b2f20123c0f40e68bac0a1dcb58645
87d08823c19a3215335a08273e2cb1fdee011bbbf0a035d3311d07ce4b1ea008
89807bc7f0682a08365ba7f6f28ca01e71ee5d7e0b88b4d29a3d3ffecd342888
8981b7634262efb2ccddde3aaf691c544eb2e2a9f95fe7f7976d6574a14999e4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8cf18d9627ce9c818c53e663222497e53246553d83a451bb92758c935b348386
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
94aedf74ee9c2f40bc8d5b8e9dd891946d0f843b7cfbd6d86f6343067ecd9528
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
96bf34be96152a1e9b30121f463904332e2ee264399170c25749b5ba8a562443
96e61209b1c1fff1abe78fb763fbf093a04e6e992dc24b299ab1c4c5f4272f16
96ef141614f01a20556683a2f5138c89ed7ef8b486bdbc0671d66791e34a8b55
9811c1becea5c0c134342f37f302f4362f781675ae5e131f45e8a5434a97d2d6
98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f
9946573522de9537cf41e48add3b595bbd8c74137ee32cf37b017ad2b2353a5b
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9adcb66c5787b7cfea40f01e917238c3a90ff74423e96a5d551ed2411ef29754
9b33810d308f761a076f7d2ddd720839b719bee12e8082e42b3d2042b5041090
9ce3c4d55c55b23a838e9f252ab8adc47c3dcfdd10564d72b21022be10449978
9d2130e177e7ae2959936d6bef93f21447088f7fd2ba50fa6f5a4b9a3a419230
9e4cf8184a53a511f692ffa16b3907b732abbc7aebe73ea0cf5bb6011595a546
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a10d306265feb9fd46afe61797ff3eb234550e49d93624d80212d4761296ce1b
a1dd11385bf9a9e2e67c1107000d9e30010e95da3ef8b8c29b1b5c5071546595
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a4666fb7662bbaeb57ed79a337d496e0d12ddd9e882623ab2c3b2c2680c60c5d
a566ae2a1e7934ac507ab1f3f7b34f7f7d4a2ecf6463c98cb1b2305e8efb19f1
a59e8d8491b501831dd2cb45a4ef16eb2aa3c8c52a80d185d39e257917472bd7
a64c03a7a2f7fa21672864b9770432ea5cd14653b8eaeca9bf3ef4da74507cf2
a6adcec4cc2425b32d1f497c9d01b2ea1f8c81656bdde0edc65ca94f00b4bbe6
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a77319d6ab3cf3a1c4a4a5ba4e6c5b3ccf689c5269ddb896b93b2393b93d319c
a7e89e33d938547b4916b1d946d9ef7ea3c6861f796941c7e764cd2fe9ab3543
a8d9b7d4230d33c693d11ebca3f0a5caaa527ba7718cf6fc761dd14b595bb84c
a9179676206755fbdcaf25d2c0958cf0ef14c8a787f38c966b9dbd8013b919f0
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ae3307d05ab3e5c511ac849c889f76bcd3aa2f5d23d499c9f98b075b0e424750
aecc32831feccf99a25694c1fb07198dfee0bd55a0eaaa08f8793fc8bc65a2a0
b0373085b66528d11e38de4b36e037830f7e883dc699dc9929c01cdf6185289a
b13f2b7e8fb211126ea79de91f437593e32a81cb9fe19336ebc6f63a8d9be88e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b21e8894208f8d634fc7efcad5afa5d3bef4a18a9525d01392cddb6b808691c1
b570d38ee9fb9d3c62cdd3395021b23cf0c1b8d6e55aa0f4c31496723a30c202
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2
b6d226b553d2c71ae08ba613555065baeb7f6870717e2c25cf544f22f991700e
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b813529904299f779a45fa707fdc40c9e883fc265bc18e93f7924281398a4d11
b8687b424cb02389f232920f0d33849c3d8ac57bfe400c13f5e5aef0c8851a4b
b91cd48852cd08c27a9815bb1b6402368f59489e81bb9ae7d24034a8d123f23c
b92087c8f2dbb941e624d2403cf39e049a9d75d62859df03ddda63bfdbda182c
bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
bd204debaaee1468075efbf39237f0e7e60da7ae5c1130a0eace92b59f578585
be231d3b61bb49d5bc6ad7d34a4d68f5ba96627cafddb76f8b8f7d2040a7a2f7
be86139dc8dd1befd1ef3cfd42a52739c63ec7106c67545cc512438363a8aeec
c021026b21c068ec735ea2490b26866537cb0203fc5b031998d08e47fb94f203
c0f6c03cccecbac19d9d426c947fc96e3896a05a897a9954fca8e222cd894745
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c23cf317cdb03cea9157a5682b6490615ef2a402270f287c3a333413d956696f
c36bd2f4afb43865bb873b30ed3b159548b48ae96f577726fc76a94f624283a5
c3f11ffbaaba9768b1b5b86613b1dfe237de5257be4ac0a8d477ec497e38a20c
c81d385094258a16ed73e19cfef6b5ddd91ffcd692474281cc7b73b95f71a545
c95123ccc9890a5ac5dba9d9060abc099e1fcb9f7e1043c675188ac12942616f
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cac4cff1067d546eee4b0907276ecbb1e57c02d2ac6002ddc1718c9ed422a621
cb0bdfc5baf5bf92d8f4dff9bdeeec29aeb38034efad11e1bda6caab7f778e49
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
ce127f2204d9af08d5a567cb98d1082ebba8281ea8ce629833b9dcc607bc8bfe
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d07d773625380e1710faf4d8711224be59bb7aa38e01c3137c21d6bb5d35df63
d0d2b70ff09df898f2652af487149d55391a4088ad738ad9f69286ef5e734811
d13b828524033b9a73c68df3bf063d050d264b970d6292f5a177f885a27e6792
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f
d52831c7deccb95bdb395e7568871f673fc341db02dba14bf407b2ca5dbf91a1
d70fab24817458d426ab9788b936599f7dbbd26a550c45f6e97a8179554742cf
db4857f9c629c7255011feed900ea424555f595daea63a20cb9d28f659024778
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dec65ae20813f5625ebf8ea27d5d111bc467dfe026382180f3c71e373bfad0b2
dec9b1658814521902f86d8ba736b2e32de4fc3642069815e0a7d852f0ca9383
e0184a4839655dec0e4a0181d6bdfb7fd2aced502374b119df9e8ca2c76b6963
e16fa6558d06f4623c16dcf9aac7479d734dad7dee74c657329fb18c52f2a7e3
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4edb4e0f2e8073b70bc48439796d4d5e5ea39ee130ad94463c13b0f356ffe83
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5b49ac13041c814364d57e83fc648293e8eaafede095d81259b15b2f0596a9d
e60ffd9dfa4f2a74b5e9fba9a72d5e77f3df3f4fa834b70f36fb818e224967f6
e83c114ccaf1c9f0870c4932e61054bdc28779e912a91923bbcb6cb70112910e
e8f59cde367fecd05745d704d3d62230ebcfef6345b381ff17ddcac901dd466f
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e90de518fa38d9bc006ecf7a2f1c5f61b712bdd7c22bd9d7676ca68c2e40a2c6
ea8c11136a7433434705f93ac9b944267b1e5b18cb713fe9817c7ca09c730cf7
eb1d5511ef604362f28c28f05823cb1c8faa5198907793f1a5d1b0195310557e
ed75109404e5ed7750f964bfe12245ad0d67cd4fb6d2d4138ee094d322477c82
edb48f47d769a51a21230739ab84880f5d7b12367a72f636e33cb178b0b3d746
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
eec78f13dd2101917e704385c6e70a7482c7d70244e2ed4198d5d066cb054851
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef373639b1a3dac8d655588f454c17291e5883579a99b35190204864f4f0189c
ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f
efded6408c7e64cd48c00b10bdd63b79539c5bb13a396b9f3773f71fe2d5a606
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8
f14dd8a84efc98592912889b23bc66cb60ee4a89071aeb7263d0a4edfec61bec
f217209876e61d74a3304e84b36ac1fe67d5c617bb325bc97f3979c883eb4d36
f241f634c67fb384bc28e2ad5bd96f4879ff34bc1e8865bb6f2393125c5ef70f
f74eb001c8d539b13ad1ea7b5377fcbb80192d1dd0321657375dbb333c977408
f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63
f94fc4df1227df6e8fd8288668327680e80bf6c3b584d439ff6c830ae8d9b61d
f9b1f42d0a9b100d27138d26ebcacaff27ec31f617b67a209bfe8a3362124d54
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe08c3a5fd2d4a0c5a4f33864bbb3bddc095f87d1aba54a588163f3370b33ff4